0 0

Create Windows Thin Client

# Windows Thin Client - Remediatiescript voor Intune
# Versie: 1.1

# Logging functie voor Intune
function Write-Log {
    param (
        [Parameter(Mandatory = $true)]
        [string]$Message,
        [Parameter(Mandatory = $false)]
        [string]$LogLevel = "INFO"
    )
    
    $timestamp = Get-Date -Format "yyyy-MM-dd HH:mm:ss"
    $logMessage = "[$timestamp] [$LogLevel] $Message"
    Write-Output $logMessage
}

# Controleer of het script wordt uitgevoerd als de huidige gebruiker (HKCU only)
if (-not ([Security.Principal.WindowsIdentity]::GetCurrent().User.Value -eq [Security.Principal.WindowsIdentity]::GetCurrent().User.Value)) {
    Write-Log "Script moet worden uitgevoerd als de huidige gebruiker voor HKCU wijzigingen" "ERROR"
    exit 1
}

Write-Log "Windows Thin Client configuratie wordt toegepast..." "INFO"

# Taakbalk en interface wijzigingen
Write-Log "Configureren van taakbalk en interface..." "INFO"
Set-ItemProperty -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" -Name "SearchboxTaskbarMode" -Value 0 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" -Name "ShowTaskViewButton" -Value 0 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" -Name "TaskbarMn" -Value 0 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" -Name "TaskbarDa" -Value 0 -Type DWord -ErrorAction SilentlyContinue

# Achtergrond instellingen
Write-Log "Configureren van achtergrond..." "INFO"
Set-ItemProperty -Path "HKCU:\Control Panel\Desktop" -Name "WallPaper" -Value "" -ErrorAction SilentlyContinue
Set-ItemProperty -Path "HKCU:\Control Panel\Colors" -Name "Background" -Value "0 0 0" -ErrorAction SilentlyContinue
Set-ItemProperty -Path "HKCU:\Control Panel\Desktop" -Name "TileWallpaper" -Value "0" -ErrorAction SilentlyContinue
Set-ItemProperty -Path "HKCU:\Control Panel\Desktop" -Name "WallpaperStyle" -Value "0" -ErrorAction SilentlyContinue

# Windows Spotlight uitschakelen - alternatieve methoden
Write-Log "Uitschakelen van Windows Spotlight..." "INFO"
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" -Name "RotatingLockScreenEnabled" -Value 0 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" -Name "RotatingLockScreenOverlayEnabled" -Value 0 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" -Name "SubscribedContent-338387Enabled" -Value 0 -Type DWord -ErrorAction SilentlyContinue

# Solid color achtergrond forceren
Write-Log "Instellen van solid color achtergrond..." "INFO"
$themesPath = "HKCU:\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize"
if (!(Test-Path $themesPath)) {
    New-Item -Path $themesPath -Force -ErrorAction SilentlyContinue | Out-Null
}
Set-ItemProperty -Path $themesPath -Name "BackgroundType" -Value 1 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path $themesPath -Name "EnableTransparency" -Value 0 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path $themesPath -Name "AppsUseLightTheme" -Value 0 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path $themesPath -Name "SystemUsesLightTheme" -Value 0 -Type DWord -ErrorAction SilentlyContinue

# Prullenbak verwijderen van bureaublad
Write-Log "Verwijderen van prullenbak van bureaublad..." "INFO"
if (Test-Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel") {
    Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" -Name "{645FF040-5081-101B-9F08-00AA002F954E}" -Value 1 -Type DWord -ErrorAction SilentlyContinue
}

# Snelkoppelingen van taakbalk verwijderen
Write-Log "Verwijderen van snelkoppelingen van taakbalk..." "INFO"
$taskbarPath = "$env:APPDATA\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar"
Remove-Item -Path "$taskbarPath\*" -Force -ErrorAction SilentlyContinue

# Alle apps losmaken van taakbalk
$appsFolderPath = "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband"
if (Test-Path $appsFolderPath) {
    Remove-Item -Path "$appsFolderPath\Favorites" -Force -Recurse -ErrorAction SilentlyContinue
    New-Item -Path "$appsFolderPath\Favorites" -Force -ErrorAction SilentlyContinue | Out-Null
    Set-ItemProperty -Path $appsFolderPath -Name "Favorites" -Type Binary -Value ([byte[]](0)) -ErrorAction SilentlyContinue
}

# Animaties uitschakelen
Write-Log "Uitschakelen van animaties..." "INFO"
Set-ItemProperty -Path "HKCU:\Control Panel\Desktop\WindowMetrics" -Name "MinAnimate" -Value 0 -Type String -ErrorAction SilentlyContinue
Set-ItemProperty -Path "HKCU:\Control Panel\Desktop\WindowMetrics" -Name "AnimateMinMax" -Value 0 -Type String -ErrorAction SilentlyContinue

# Visuele effecten minimaliseren voor prestaties
$path = "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\VisualEffects"
if (!(Test-Path $path)) {
    New-Item -Path $path -Force -ErrorAction SilentlyContinue | Out-Null
}
Set-ItemProperty -Path $path -Name "VisualFXSetting" -Value 2 -Type DWord -ErrorAction SilentlyContinue

# Animatie-effecten uitschakelen
$path = "HKCU:\Control Panel\Desktop"
Set-ItemProperty -Path $path -Name "UserPreferencesMask" -Value ([byte[]](0x90,0x12,0x01,0x80)) -Type Binary -ErrorAction SilentlyContinue

# Meldingen uitschakelen
Write-Log "Uitschakelen van meldingen..." "INFO"
$path = "HKCU:\Software\Microsoft\Windows\CurrentVersion\PushNotifications"
if (!(Test-Path $path)) {
    New-Item -Path $path -Force -ErrorAction SilentlyContinue | Out-Null
}
Set-ItemProperty -Path $path -Name "ToastEnabled" -Value 0 -Type DWord -ErrorAction SilentlyContinue

# Windows Widgets uitschakelen (Windows 11)
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" -Name "TaskbarDa" -Value 0 -Type DWord -ErrorAction SilentlyContinue

# Automatische installatie van bloatware apps voorkomen
Write-Log "Voorkomen van automatische app-installatie..." "INFO"
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" -Name "SilentInstalledAppsEnabled" -Value 0 -Type DWord -ErrorAction SilentlyContinue

# Verwijder Windows Spotlight cache
$spotlightCache = "$env:LOCALAPPDATA\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\LocalState\Assets"
if (Test-Path $spotlightCache) {
    Get-ChildItem -Path $spotlightCache -File | Remove-Item -Force -ErrorAction SilentlyContinue
}

# Startmenu instellingen optimaliseren
Write-Log "Optimaliseren van startmenu..." "INFO"
$startMenuPath = "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced"
Set-ItemProperty -Path $startMenuPath -Name "Start_TrackProgs" -Value 0 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path $startMenuPath -Name "Start_TrackDocs" -Value 0 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path $startMenuPath -Name "Start_MFURoot" -Value 0 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path $startMenuPath -Name "Start_IrisRecommendations" -Value 0 -Type DWord -ErrorAction SilentlyContinue

# Recente apps verbergen - probeer beide methoden
Write-Log "Verbergen van recente apps..." "INFO"
try {
    $explorerPolicyPath = "HKCU:\Software\Policies\Microsoft\Windows\Explorer"
    if (!(Test-Path $explorerPolicyPath)) {
        New-Item -Path $explorerPolicyPath -Force -ErrorAction Stop | Out-Null
    }
    Set-ItemProperty -Path $explorerPolicyPath -Name "HideRecentlyAddedApps" -Value 1 -Type DWord -ErrorAction SilentlyContinue
} catch {
    # Alternatieve methode indien policies toegang geweigerd wordt
    Write-Log "Kon Explorer policies niet zetten, gebruik alternatieve methode." "WARN"
}

# Game Bar uitschakelen
Write-Log "Uitschakelen van Game Bar..." "INFO"
$gameDVRPath = "HKCU:\Software\Microsoft\GameBar"
New-Item -Path $gameDVRPath -Force -ErrorAction SilentlyContinue | Out-Null
Set-ItemProperty -Path $gameDVRPath -Name "AutoGameModeEnabled" -Value 0 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path $gameDVRPath -Name "ShowStartupPanel" -Value 0 -Type DWord -ErrorAction SilentlyContinue

# Verberg snel toegang in Verkenner
Write-Log "Configureren van Verkenner..." "INFO"
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer" -Name "ShowFrequent" -Value 0 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer" -Name "ShowRecent" -Value 0 -Type DWord -ErrorAction SilentlyContinue

# Verkenner versoberen: open naar "Deze PC" in plaats van "Snel toegang"
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" -Name "LaunchTo" -Value 1 -Type DWord -ErrorAction SilentlyContinue

# CPU-intensieve visuele effecten uitschakelen
$advancedPath = "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced"
Set-ItemProperty -Path $advancedPath -Name "IconsOnly" -Value 1 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path $advancedPath -Name "ListviewAlphaSelect" -Value 0 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path $advancedPath -Name "ListviewShadow" -Value 0 -Type DWord -ErrorAction SilentlyContinue
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{2cc5ca98-6485-489a-920e-b3e88a6ccce3}" /t REG_DWORD /d 1 /f

# App suggesties uitschakelen
Write-Log "Uitschakelen van app suggesties..." "INFO"
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" -Name "SystemPaneSuggestionsEnabled" -Value 0 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" -Name "SubscribedContent-310093Enabled" -Value 0 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" -Name "SubscribedContent-314563Enabled" -Value 0 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" -Name "SubscribedContent-338388Enabled" -Value 0 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" -Name "SubscribedContent-338389Enabled" -Value 0 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" -Name "SubscribedContent-338393Enabled" -Value 0 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" -Name "SubscribedContent-353694Enabled" -Value 0 -Type DWord -ErrorAction SilentlyContinue
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" -Name "SubscribedContent-353696Enabled" -Value 0 -Type DWord -ErrorAction SilentlyContinue

Start-Process -FilePath "$Env:SystemRoot\System32\MSHta.exe" -ArgumentList @(
    '"javascript:window.moveTo(window.screen.width, window.screen.height);',
    "new ActiveXObject('WScript.Shell').RegWrite('HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\TaskbarDa', 0, 'REG_DWORD');",
    'close();"'
)

# Force refresh van instellingen en herstart Explorer
Write-Log "Vernieuwen van instellingen en herstarten van Explorer..." "INFO"
RUNDLL32.EXE user32.dll,UpdatePerUserSystemParameters 2>&1 | Out-Null
Stop-Process -Name explorer -Force -ErrorAction SilentlyContinue
Start-Process explorer

# Maak marker aan dat script is uitgevoerd
Write-Log "Aanmaken van configuratie marker..." "INFO"
$markerPath = "HKCU:\Software\Sector\ThinClientScriptv1.1"
if (!(Test-Path $markerPath)) {
    New-Item -Path $markerPath -Force -ErrorAction SilentlyContinue | Out-Null
}
Set-ItemProperty -Path $markerPath -Name "ScriptAlreadyRun" -Value 1 -Type DWord -ErrorAction SilentlyContinue


Write-Log "Windows Thin Client configuratie succesvol toegepast." "INFO"
exit 0

NO SLEEP

00:00

Password Generator

↻ Refresh

Most Viewed

Most Recent