Block OneDrive for new users
This commit is contained in:
+3
-3
@@ -95,9 +95,9 @@ Utilise le script de nettoyage Appx pour supprimer certaines applications intég
|
||||
powershell -ExecutionPolicy Bypass -File .\powershell\Remove-BuiltInApps.ps1
|
||||
```
|
||||
|
||||
Le script supprime les packages Appx installés et provisionnés, désactive les expériences consommateur Microsoft, met à jour les paramètres `ContentDeliveryManager` du profil utilisateur par défaut et écrit des marqueurs registre de déprovisionnement Appx.
|
||||
Le script supprime les packages Appx installés et provisionnés, désactive les expériences consommateur Microsoft, bloque le démarrage OneDrive pour les futurs utilisateurs, met à jour les paramètres `ContentDeliveryManager` du profil utilisateur par défaut et écrit des marqueurs registre de déprovisionnement Appx.
|
||||
|
||||
OneDrive n'est généralement pas un package Appx. Pour appeler aussi le programme de désinstallation intégré de OneDrive, ajoute `-IncludeOneDrive` :
|
||||
OneDrive est bloqué par défaut pour les futurs utilisateurs. Ce n'est généralement pas un package Appx, donc ajoute `-IncludeOneDrive` seulement si tu veux aussi appeler le programme de désinstallation intégré de OneDrive sur la machine courante :
|
||||
|
||||
```powershell
|
||||
powershell -ExecutionPolicy Bypass -File .\powershell\Remove-BuiltInApps.ps1 -IncludeOneDrive
|
||||
@@ -109,7 +109,7 @@ L'ancien script basé sur winget reste disponible, mais il ne cible que l'utilis
|
||||
powershell -ExecutionPolicy Bypass -File .\powershell\Winget-Remove-BuiltInApps.ps1
|
||||
```
|
||||
|
||||
Lance ce script avant de créer le nouveau profil Windows, puis redémarre Windows. Les applications visées incluent des composants Xbox, Outlook for Windows, Hub de commentaires, Power Automate, Sticky Notes, Météo, Teams, Microsoft To Do, des applications Bing, Clipchamp, Windows Web Experience Pack et des packages intégrés associés.
|
||||
Lance ce script avant de créer le nouveau profil Windows, puis redémarre Windows. Les applications visées incluent des composants Xbox, Outlook for Windows, Hub de commentaires, Power Automate, Sticky Notes, Météo, Teams, Microsoft To Do, des applications Bing, Clipchamp, Windows Web Experience Pack, le démarrage OneDrive et des packages intégrés associés.
|
||||
|
||||
## 🔁 Note de Maintenance
|
||||
|
||||
|
||||
@@ -95,9 +95,9 @@ Use the Appx cleanup script when you want to remove selected built-in applicatio
|
||||
powershell -ExecutionPolicy Bypass -File .\powershell\Remove-BuiltInApps.ps1
|
||||
```
|
||||
|
||||
The script removes installed and provisioned Appx packages, disables Microsoft consumer experiences, updates the default user profile `ContentDeliveryManager` settings and writes Appx deprovisioning registry markers.
|
||||
The script removes installed and provisioned Appx packages, disables Microsoft consumer experiences, blocks OneDrive startup for future users, updates the default user profile `ContentDeliveryManager` settings and writes Appx deprovisioning registry markers.
|
||||
|
||||
OneDrive is not an Appx package on most Windows installations. To also call the built-in OneDrive uninstaller, pass `-IncludeOneDrive`:
|
||||
OneDrive is blocked for future users by default. It is not an Appx package on most Windows installations, so pass `-IncludeOneDrive` only when you also want to call the built-in OneDrive uninstaller on the current machine:
|
||||
|
||||
```powershell
|
||||
powershell -ExecutionPolicy Bypass -File .\powershell\Remove-BuiltInApps.ps1 -IncludeOneDrive
|
||||
@@ -109,7 +109,7 @@ The older winget-based cleanup script is still available, but it only targets th
|
||||
powershell -ExecutionPolicy Bypass -File .\powershell\Winget-Remove-BuiltInApps.ps1
|
||||
```
|
||||
|
||||
Run this script before creating the new Windows user profile, then restart Windows. Targeted applications include Xbox components, Outlook for Windows, Feedback Hub, Power Automate, Sticky Notes, Weather, Teams, Microsoft To Do, Bing apps, Clipchamp, Windows Web Experience Pack and related built-in packages.
|
||||
Run this script before creating the new Windows user profile, then restart Windows. Targeted applications include Xbox components, Outlook for Windows, Feedback Hub, Power Automate, Sticky Notes, Weather, Teams, Microsoft To Do, Bing apps, Clipchamp, Windows Web Experience Pack, OneDrive startup and related built-in packages.
|
||||
|
||||
## 🔁 Maintenance Note
|
||||
|
||||
|
||||
@@ -174,6 +174,25 @@ function Set-DWordValue {
|
||||
New-ItemProperty -Path $Path -Name $Name -Value $Value -PropertyType DWord -Force | Out-Null
|
||||
}
|
||||
|
||||
function Remove-RegistryValue {
|
||||
param(
|
||||
[string]$Path,
|
||||
[string]$Name
|
||||
)
|
||||
|
||||
if (-not (Test-Path $Path)) {
|
||||
return
|
||||
}
|
||||
|
||||
$Property = Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue
|
||||
|
||||
if ($null -eq $Property) {
|
||||
return
|
||||
}
|
||||
|
||||
Remove-ItemProperty -Path $Path -Name $Name -Force -ErrorAction SilentlyContinue
|
||||
}
|
||||
|
||||
function Set-ConsumerExperiencePolicies {
|
||||
$CloudContentPath = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\CloudContent"
|
||||
|
||||
@@ -186,6 +205,19 @@ function Set-ConsumerExperiencePolicies {
|
||||
}
|
||||
}
|
||||
|
||||
function Set-OneDrivePolicies {
|
||||
$WindowsOneDrivePolicyPath = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\OneDrive"
|
||||
$OneDrivePolicyPath = "HKLM:\SOFTWARE\Policies\Microsoft\OneDrive"
|
||||
|
||||
Write-Host "Disabling OneDrive for all users..." -ForegroundColor Cyan
|
||||
|
||||
if ($PSCmdlet.ShouldProcess($WindowsOneDrivePolicyPath, "Set OneDrive disable policy")) {
|
||||
Set-DWordValue -Path $WindowsOneDrivePolicyPath -Name "DisableFileSyncNGSC" -Value 1
|
||||
Set-DWordValue -Path $OneDrivePolicyPath -Name "PreventNetworkTrafficPreUserSignIn" -Value 1
|
||||
Write-Host "OneDrive policies configured." -ForegroundColor Green
|
||||
}
|
||||
}
|
||||
|
||||
function Set-ContentDeliveryManagerDefaults {
|
||||
param(
|
||||
[string]$RegistryRoot
|
||||
@@ -219,7 +251,45 @@ function Set-ContentDeliveryManagerDefaults {
|
||||
}
|
||||
}
|
||||
|
||||
function Set-DefaultUserContentDeliveryManagerDefaults {
|
||||
function Remove-OneDriveStartupFromRegistryRoot {
|
||||
param(
|
||||
[string]$RegistryRoot
|
||||
)
|
||||
|
||||
$RunPath = Join-Path $RegistryRoot "SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
|
||||
$RunOncePath = Join-Path $RegistryRoot "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce"
|
||||
|
||||
Write-Host "Removing OneDrive startup entries in: $RegistryRoot" -ForegroundColor Cyan
|
||||
|
||||
if ($PSCmdlet.ShouldProcess($RegistryRoot, "Remove OneDrive startup registry entries")) {
|
||||
Remove-RegistryValue -Path $RunPath -Name "OneDrive"
|
||||
Remove-RegistryValue -Path $RunPath -Name "OneDriveSetup"
|
||||
Remove-RegistryValue -Path $RunOncePath -Name "OneDrive"
|
||||
Remove-RegistryValue -Path $RunOncePath -Name "OneDriveSetup"
|
||||
Write-Host "OneDrive startup entries removed where present." -ForegroundColor Green
|
||||
}
|
||||
}
|
||||
|
||||
function Remove-OneDriveShortcutsFromDefaultProfile {
|
||||
$ShortcutPaths = @(
|
||||
(Join-Path $env:SystemDrive "Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk"),
|
||||
(Join-Path $env:ProgramData "Microsoft\Windows\Start Menu\Programs\OneDrive.lnk")
|
||||
)
|
||||
|
||||
foreach ($ShortcutPath in $ShortcutPaths) {
|
||||
if (-not (Test-Path $ShortcutPath)) {
|
||||
continue
|
||||
}
|
||||
|
||||
Write-Host "Removing OneDrive shortcut: $ShortcutPath" -ForegroundColor Cyan
|
||||
|
||||
if ($PSCmdlet.ShouldProcess($ShortcutPath, "Remove OneDrive shortcut")) {
|
||||
Remove-Item -Path $ShortcutPath -Force -ErrorAction SilentlyContinue
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
function Set-DefaultUserProfileDefaults {
|
||||
$DefaultUserHive = "Registry::HKEY_USERS\DefaultUser"
|
||||
$DefaultUserDat = Join-Path $env:SystemDrive "Users\Default\NTUSER.DAT"
|
||||
$HiveWasLoaded = $false
|
||||
@@ -243,6 +313,7 @@ function Set-DefaultUserContentDeliveryManagerDefaults {
|
||||
|
||||
try {
|
||||
Set-ContentDeliveryManagerDefaults -RegistryRoot $DefaultUserHive
|
||||
Remove-OneDriveStartupFromRegistryRoot -RegistryRoot $DefaultUserHive
|
||||
}
|
||||
finally {
|
||||
if ($HiveWasLoaded) {
|
||||
@@ -254,6 +325,8 @@ function Set-DefaultUserContentDeliveryManagerDefaults {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Remove-OneDriveShortcutsFromDefaultProfile
|
||||
}
|
||||
|
||||
function Set-AppxDeprovisionedRegistryMarkers {
|
||||
@@ -313,8 +386,10 @@ foreach ($PackageFamilyName in $KnownPackageFamilyNames) {
|
||||
}
|
||||
|
||||
Set-ConsumerExperiencePolicies
|
||||
Set-OneDrivePolicies
|
||||
Set-ContentDeliveryManagerDefaults -RegistryRoot "HKCU:"
|
||||
Set-DefaultUserContentDeliveryManagerDefaults
|
||||
Remove-OneDriveStartupFromRegistryRoot -RegistryRoot "HKCU:"
|
||||
Set-DefaultUserProfileDefaults
|
||||
|
||||
foreach ($Pattern in $PackageNamePatterns) {
|
||||
Invoke-InstalledAppxPackageRemoval -Pattern $Pattern
|
||||
|
||||
Reference in New Issue
Block a user