Block OneDrive for new users
This commit is contained in:
@@ -174,6 +174,25 @@ function Set-DWordValue {
|
||||
New-ItemProperty -Path $Path -Name $Name -Value $Value -PropertyType DWord -Force | Out-Null
|
||||
}
|
||||
|
||||
function Remove-RegistryValue {
|
||||
param(
|
||||
[string]$Path,
|
||||
[string]$Name
|
||||
)
|
||||
|
||||
if (-not (Test-Path $Path)) {
|
||||
return
|
||||
}
|
||||
|
||||
$Property = Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue
|
||||
|
||||
if ($null -eq $Property) {
|
||||
return
|
||||
}
|
||||
|
||||
Remove-ItemProperty -Path $Path -Name $Name -Force -ErrorAction SilentlyContinue
|
||||
}
|
||||
|
||||
function Set-ConsumerExperiencePolicies {
|
||||
$CloudContentPath = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\CloudContent"
|
||||
|
||||
@@ -186,6 +205,19 @@ function Set-ConsumerExperiencePolicies {
|
||||
}
|
||||
}
|
||||
|
||||
function Set-OneDrivePolicies {
|
||||
$WindowsOneDrivePolicyPath = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\OneDrive"
|
||||
$OneDrivePolicyPath = "HKLM:\SOFTWARE\Policies\Microsoft\OneDrive"
|
||||
|
||||
Write-Host "Disabling OneDrive for all users..." -ForegroundColor Cyan
|
||||
|
||||
if ($PSCmdlet.ShouldProcess($WindowsOneDrivePolicyPath, "Set OneDrive disable policy")) {
|
||||
Set-DWordValue -Path $WindowsOneDrivePolicyPath -Name "DisableFileSyncNGSC" -Value 1
|
||||
Set-DWordValue -Path $OneDrivePolicyPath -Name "PreventNetworkTrafficPreUserSignIn" -Value 1
|
||||
Write-Host "OneDrive policies configured." -ForegroundColor Green
|
||||
}
|
||||
}
|
||||
|
||||
function Set-ContentDeliveryManagerDefaults {
|
||||
param(
|
||||
[string]$RegistryRoot
|
||||
@@ -219,7 +251,45 @@ function Set-ContentDeliveryManagerDefaults {
|
||||
}
|
||||
}
|
||||
|
||||
function Set-DefaultUserContentDeliveryManagerDefaults {
|
||||
function Remove-OneDriveStartupFromRegistryRoot {
|
||||
param(
|
||||
[string]$RegistryRoot
|
||||
)
|
||||
|
||||
$RunPath = Join-Path $RegistryRoot "SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
|
||||
$RunOncePath = Join-Path $RegistryRoot "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce"
|
||||
|
||||
Write-Host "Removing OneDrive startup entries in: $RegistryRoot" -ForegroundColor Cyan
|
||||
|
||||
if ($PSCmdlet.ShouldProcess($RegistryRoot, "Remove OneDrive startup registry entries")) {
|
||||
Remove-RegistryValue -Path $RunPath -Name "OneDrive"
|
||||
Remove-RegistryValue -Path $RunPath -Name "OneDriveSetup"
|
||||
Remove-RegistryValue -Path $RunOncePath -Name "OneDrive"
|
||||
Remove-RegistryValue -Path $RunOncePath -Name "OneDriveSetup"
|
||||
Write-Host "OneDrive startup entries removed where present." -ForegroundColor Green
|
||||
}
|
||||
}
|
||||
|
||||
function Remove-OneDriveShortcutsFromDefaultProfile {
|
||||
$ShortcutPaths = @(
|
||||
(Join-Path $env:SystemDrive "Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk"),
|
||||
(Join-Path $env:ProgramData "Microsoft\Windows\Start Menu\Programs\OneDrive.lnk")
|
||||
)
|
||||
|
||||
foreach ($ShortcutPath in $ShortcutPaths) {
|
||||
if (-not (Test-Path $ShortcutPath)) {
|
||||
continue
|
||||
}
|
||||
|
||||
Write-Host "Removing OneDrive shortcut: $ShortcutPath" -ForegroundColor Cyan
|
||||
|
||||
if ($PSCmdlet.ShouldProcess($ShortcutPath, "Remove OneDrive shortcut")) {
|
||||
Remove-Item -Path $ShortcutPath -Force -ErrorAction SilentlyContinue
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
function Set-DefaultUserProfileDefaults {
|
||||
$DefaultUserHive = "Registry::HKEY_USERS\DefaultUser"
|
||||
$DefaultUserDat = Join-Path $env:SystemDrive "Users\Default\NTUSER.DAT"
|
||||
$HiveWasLoaded = $false
|
||||
@@ -243,6 +313,7 @@ function Set-DefaultUserContentDeliveryManagerDefaults {
|
||||
|
||||
try {
|
||||
Set-ContentDeliveryManagerDefaults -RegistryRoot $DefaultUserHive
|
||||
Remove-OneDriveStartupFromRegistryRoot -RegistryRoot $DefaultUserHive
|
||||
}
|
||||
finally {
|
||||
if ($HiveWasLoaded) {
|
||||
@@ -254,6 +325,8 @@ function Set-DefaultUserContentDeliveryManagerDefaults {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Remove-OneDriveShortcutsFromDefaultProfile
|
||||
}
|
||||
|
||||
function Set-AppxDeprovisionedRegistryMarkers {
|
||||
@@ -313,8 +386,10 @@ foreach ($PackageFamilyName in $KnownPackageFamilyNames) {
|
||||
}
|
||||
|
||||
Set-ConsumerExperiencePolicies
|
||||
Set-OneDrivePolicies
|
||||
Set-ContentDeliveryManagerDefaults -RegistryRoot "HKCU:"
|
||||
Set-DefaultUserContentDeliveryManagerDefaults
|
||||
Remove-OneDriveStartupFromRegistryRoot -RegistryRoot "HKCU:"
|
||||
Set-DefaultUserProfileDefaults
|
||||
|
||||
foreach ($Pattern in $PackageNamePatterns) {
|
||||
Invoke-InstalledAppxPackageRemoval -Pattern $Pattern
|
||||
|
||||
Reference in New Issue
Block a user