ページ概要
本ページでは、Microsoft Intuneを利用してWindowsデバイスに対してJOSYSブラウザ拡張機能をサイレントインストール/アクティベーションする際に必要となるスクリプトのサンプルを掲示しております。
Intuneを使ってWindowsデバイスに拡張機能をサイレントインストール・アクティベーションする方法(2/2)にて、ケースA(各ユーザーがデバイスの管理者権限を持っていてUPNがジョーシス上のメールアドレスと同じ)だった方向けのスクリプトです。
想定読者
JOSYSブラウザ拡張機能の一括展開を計画・実施されるご担当者様。
ブラウザ拡張機能について
ブラウザ拡張機能に関する情報は、下記のページをお先にご覧ください。
1.ブラウザ拡張機能について
2.ブラウザ拡張機能のご利用方法
スクリプト
下記のスクリプトをユーザーコンテキストで実施するため、保存してください。
- 下記のスクリプトをコピーし、メモ帳などに貼り付けてください。
- 3行目の YOUR_ORGANIZATION_KEY をジョーシス上で確認した自社の組織IDに変更してください。
- ファイル名を「josys-extension-config.ps1」として保存してください。
- ファイルの種類が「Windows PowerShellスクリプト」となっていることを確認してください。
- Intuneを使ってWindowsデバイスに拡張機能をサイレントインストール・アクティベーションする方法(2/2) - 2.スクリプトを対象デバイスに適用するに戻って作業を進めてください。
# --- Configuration Section ---
# Please replace with your company's Organization Key
$organizationKey = "YOUR_ORGANIZATION_KEY" # Replace with your actual Organization Key
# --- Script Body ---
# Definition of registry paths (Array)
$registryPaths = @(
# Google Chrome
"HKCU:\Software\Policies\Google\Chrome\3rdparty\extensions\moaklgcgokbgplldonjkoochhlefkbjf\policy",
# Microsoft Edge
"HKCU:\Software\Policies\Microsoft\Edge\3rdparty\extensions\hjifncajikcdkhlofdjjlhcjoennmdfc\policy"
)
# Get UserPrincipalName (Run only once)
$userPrincipalName = $null
try {
# Execute 'whoami /upn' command to get UserPrincipalName and trim whitespace
$userPrincipalName = (whoami /upn).Trim()
if ([string]::IsNullOrWhiteSpace($userPrincipalName)) {
Write-Warning "Could not retrieve UserPrincipalName. 'UserEmail' will not be set."
# Consider exiting with code 1 here if UPN is mandatory.
} else {
Write-Host "Retrieved UserPrincipalName: $userPrincipalName"
}
} catch {
# E.g., if the 'whoami /upn' command itself fails
Write-Warning "Failed to retrieve UserPrincipalName. 'UserEmail' will not be set. Error: $($_.Exception.Message)"
# Similarly, consider exiting with code 1 here.
}
# Function to create registry keys and write values
function Set-ExtensionPolicyRegistry {
param(
[Parameter(Mandatory=$true)]
[string]$Path,
[Parameter(Mandatory=$true)]
[string]$OrgKey,
[Parameter(Mandatory=$false)] # Optional, considering UPN might not be available
[string]$Email
)
Write-Host "Processing registry path: $Path"
$operationSuccess = $true # Success flag for processing this specific path
# Check and create parent path
$parentPath = Split-Path -Path $Path -Parent
if (!(Test-Path $parentPath)) {
try {
New-Item -Path $parentPath -Force -ItemType Directory -ErrorAction Stop | Out-Null
Write-Host " Created parent registry key structure: $parentPath"
} catch {
Write-Error " Failed to create parent registry key: $parentPath. Error: $($_.Exception.Message)"
$operationSuccess = $false
}
}
# Check and create the policy key (Attempt only if parent key creation was successful)
if ($operationSuccess -and !(Test-Path $Path)) {
try {
New-Item -Path $Path -Force -ItemType Directory -ErrorAction Stop | Out-Null
Write-Host " Created registry key: $Path"
} catch {
Write-Error " Failed to create registry key: $Path. Error: $($_.Exception.Message)"
$operationSuccess = $false
}
}
# 1. Write OrganizationKey (Attempt only if key creation was successful)
if ($operationSuccess) {
try {
Set-ItemProperty -Path $Path -Name "OrganizationKey" -Value $OrgKey -Type String -Force -ErrorAction Stop
Write-Host " Successfully set 'OrganizationKey' to '$OrgKey'"
} catch {
Write-Error " Failed to set 'OrganizationKey'. Error: $($_.Exception.Message)"
$operationSuccess = $false
}
}
# 2. Write UserEmail (Attempt only if UPN was retrieved and key creation was successful)
if ($operationSuccess -and (-not [string]::IsNullOrWhiteSpace($Email))) {
try {
Set-ItemProperty -Path $Path -Name "UserEmail" -Value $Email -Type String -Force -ErrorAction Stop
Write-Host " Successfully set 'UserEmail' to '$Email'"
} catch {
Write-Error " Failed to set 'UserEmail'. Error: $($_.Exception.Message)"
$operationSuccess = $false
}
} elseif ($operationSuccess -and [string]::IsNullOrWhiteSpace($Email)) {
Write-Host " Skipping 'UserEmail' setting because UserPrincipalName was not available."
}
# Return the result of processing for this path
return $operationSuccess
}
# --- Main Processing ---
$overallSuccess = $true # Overall success flag
Write-Host "Starting registry setting process..."
# Execute the function for each registry path
foreach ($regPath in $registryPaths) {
# Execute the function and set the overall flag to false if the result is false
if (-not (Set-ExtensionPolicyRegistry -Path $regPath -OrgKey $organizationKey -Email $userPrincipalName)) {
$overallSuccess = $false
Write-Warning "An error occurred while processing path '$regPath'."
# Processing continues to the next path even if an error occurs
} else {
Write-Host "Processing for path '$regPath' completed successfully."
}
Write-Host "---" # Separator for each path
}
# Set the exit code based on the final result
if ($overallSuccess) {
Write-Host "Processing completed successfully for all specified registry paths."
exit 0
} else {
Write-Error "Script completed with one or more errors. Please check the logs above."
exit 1
}