wise-io

<#
    .SYNOPSIS
        Runs a scheduled task to deploy MDE via the provided onboarding package script
    .DESCRIPTION
        This script is for onboarding machines to the Microsoft Defender for Endpoint services, including security and compliance products.
        Once completed, the machine should light up in the portal within 5-30 minutes, depending on this machine's Internet connectivity availability and machine power state (plugged in vs. battery powered).
    .PARAMETER OnboardingScript
        Retrieved from https://security.microsoft.com > Settings > Endpoints > Onboarding > Download Onboarding Package
        Script will need to be extracted and placed at the path provided
    .NOTES

wise-io

# Install all Windows updates
function Install-PSModule {
  param(
    [Parameter(Position = 0, Mandatory = $true)]
    [String[]]$Modules
  )

  Write-Output "`nChecking for necessary PowerShell modules..."
  try {
    # Set PowerShell to TLS 1.2 (https://devblogs.microsoft.com/powershell/powershell-gallery-tls-support/)

wise-io

# Cleans up default start menu and taskbar (some settings require Windows Pro)

function Install-PSModule {
  param(
    [Parameter(Position = 0, Mandatory = $true)]
    [String[]]$Modules
  )

  Write-Output "`nChecking for necessary PowerShell modules..."
  try {

wise-io

# Runs an update check for Microsoft Store apps
###Requires -RunSilent

$namespaceName = "root\cimv2\mdm\dmmap"
$className = "MDM_EnterpriseModernAppManagement_AppManagement01"
$wmiObj = Get-WmiObject -Namespace $namespaceName -Class $className
$result = $wmiObj.UpdateScanMethod()

if ($result.ReturnValue -ne 0) { $result }
else { Write-Output 'Microsoft Store update scan started.' }

wise-io

# Remove unnecessary packages

$Allowlist = @(
  'DellCommandUpdate', # Dell Command Update app
  'HPPrinterControl' # HP Smart app
)

$Identifiers = @(
  'AcerIncorporated', # Acer Identifier
  'AD2F1837', # HP Identifier

wise-io

# Removes Microsoft Silverlight (x32 & x64)
$Paths = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall', 'HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall'
$App = Get-ChildItem -Path $Paths | Get-ItemProperty | Where-Object { $_.DisplayName -like 'Microsoft Silverlight' } | Select-Object

foreach ($Ver in $App) {
  if ($Ver.UninstallString) {
    $DisplayName = $Ver.DisplayName
    $Uninst = $Ver.PSChildName
    Write-Output "Uninstalling $DisplayName..."
    cmd /c msiexec.exe /qn /uninstall $Uninst

wise-io

# Check for required PowerShell version (7+)
if (!($PSVersionTable.PSVersion.Major -ge 7)) {
  try {
    
    # Install PowerShell 7 if missing
    if (!(Test-Path "$env:SystemDrive\Program Files\PowerShell\7")) {
      Write-Output 'Installing PowerShell version 7...'
      Invoke-Expression "& { $(Invoke-RestMethod https://aka.ms/install-powershell.ps1) } -UseMSI -Quiet"
    }

wise-io

param(
  [string[]]$Admins = @()
)

$Admins += @(
  # Enter your admin users here as follows:
  # "$env:computername\AdminUser1",
  # 'DOMAIN\AdminUser2',
  # 'AzureAD\AdminUser3'
)

wise-io

# Manage Windows Defender Exclusions

param (
  [switch]$Audit,     # Audit exclusions
  [string[]]$ASR,     # Exclude files/paths from ASR rules
  [string[]]$Ext,     # Exclude file extensions (Example: exe, txt, pdf)
  [string[]]$IP,      # Exclude IP addresses
  [string[]]$Path,    # Exclude paths
  [string[]]$Process, # Exclude processes
  [switch]$Remove     # Remove exclusions

wise-io

# Runs a Windows Defender Scan
param(
  [ValidateSet('Full', 'Quick', 'Offline', IgnoreCase)]  
  [string]$Type = 'Quick', # Scan type (defaults to quick scan)
  [System.IO.FileInfo]$Path # Optional local path to scan
)

# Format type parameter
$Type = (Get-Culture).TextInfo.ToTitleCase($Type)