Untitled

# Sophos Endpoint Cloud Installation Script v0.1.10
# Ross Sutherland 2017
# Hardies Property & Construction Consultants

Clear-Host

$ErrorActionPreference = “SilentlyContinue”

# Get AD credentials
if ($credential -eq $null)
{
    $credential = Get-Credential
}
else
{ }

# Null some variables from previous or failed runs that would break stuff
$office = $null
$server = $null
$hostname = $null
$computer = $null
$computers = $null
$desktops = $null
$laptops = $null
$installFail = $null
$installPass = $null

# Define a couple of arrays
$installPass = New-Object System.Collections.ArrayList
$installFail = New-Object System.Collections.ArrayList


Write-Host "Which office would you like to deploy Sophos Endpoint Cloud to?`n" -ForegroundColor Magenta
[int]$xMenuChoiceA = 0
While ($xMenuChoiceA -lt 1 -or $xMenuChoiceA -gt 11){
    "`t 1. Aberdeen"
    "`t 2. Dumfries"
    "`t 3. Dundee"
    "`t 4. Dunfermline"
    "`t 5. Edinburgh"
    "`t 6. Glasgow St Vincent Street"
    "`t 7. Inverness"
    "`t 8. Perth"
    "`t 9. Stirling"
    "`t 10. St Andrews"
    "`t 11. Or target a specific machine"
Write-Host "`n Please enter an option 1 to 11... " -ForegroundColor Magenta -NoNewLine
[Int]$xMenuChoiceA = Read-Host }
Switch( $xMenuChoiceA ){
  1{ $office = "aberdeen" ; $server = "hcsaberdeen" }
  2{ $office = "dumfries" ; $server = "hcsdunfermline" }
  3{ $office = "dundee" ; $server = "hcsdundee" }
  4{ $office = "dunfermline" ; $server = "hcsdunfermline" }
  5{ $office = "edinburgh" ; $server = "hcsedinburgh" }
  6{ $office = "glasgow" ; $server = "hcsglasgow" }
  7{ $office = "inverness" ; $server = "hcsdunfermline" }
  8{ $office = "perth" ; $server = "hcsperth" }
  9{ $office = "stirling" ; $server = "hcsstirling" }
  10{ $office = "st andrews" ; $server = "eternium" }
  11{ $hostname = Read-Host "Target hostname" ; $server = Read-Host "Target's server" }
}

if ($hostname)
{
    $computer = $hostname
    $computers = $hostname
}
else
{
    try
    {
        $desktops = Get-ADComputer -SearchBase "OU=Computers,OU=$office,DC=hardies,DC=local" -Filter * | Select -ExpandProperty Name
        $laptops = Get-ADComputer -SearchBase "OU=Laptops,OU=$office,DC=hardies,DC=local" -Filter * | Select -ExpandProperty Name
        $computers = $desktops+$laptops
    }
    catch
    {
        Write-Host "Something went wrong collecting the computer objects from Active Directory. Do you have the appropriate permissions?" -ForegroundColor Red
        Exit
    }
}

# Display number of computers found
Write-Host `nFound $computers.Count computers in $office. $desktops.Count desktops and $laptops.Count laptops.

# Start doing all the stuff
foreach ($computer in $computers)
{
    Write-Host "`n--------------------------------------"
    Write-Host "Starting installation on $computer...`n"

    # Check the computer is available
    $computerTest = Test-Connection $computer -Count 1 -ErrorAction SilentlyContinue

        if ($computerTest)
        {
            # Enable CredSSP locally, delegating to the computer in the current loop
            Enable-WSManCredSSP -Role Client -DelegateComputer $computer -Force | Out-Null

            # Show the current user logged onto the remote computer
            $currentUser = gwmi win32_computersystem -ComputerName $computer -Credential $credential -ErrorAction SilentlyContinue | Select -ExpandProperty Username

            if ($currentUser)
            {
                Write-Host "Current logged on user: $currentUser"
            }
            else
            {}

            # Create a PS session, enable CredSSP on the remote computer, then exit the session
            $session = New-PSSession -ComputerName $computer -Credential $credential -ErrorAction SilentlyContinue

                if ($session)
                {
                    Enter-PSSession -Session $session
                    Enable-WSManCredSSP –Role Server -Force | Out-Null
                    # Start-Sleep -Seconds 5
                    Exit-PSSession

                    # Create a PS session with CredSSP
                    $session = New-PSSession -ComputerName $computer -Credential $credential -Authentication Credssp

                        if ($session)
                        {
                            # Start the installation
                            Invoke-Command -Session $session -ScriptBlock { New-Item -Path c:\temp -ItemType Directory -Force } | Out-Null
                            Invoke-Command -Session $session -ScriptBlock { Copy-Item -Path \\$using:server\ClientApps\Sophos\SophosInstall.exe -Destination c:\temp }
                            Invoke-Command -Session $session -ScriptBlock { & cmd.exe /c "c:\temp\SophosInstall.exe -tps remove -q" }
                            Invoke-Command -Session $session -ScriptBlock { Remove-Item c:\temp\SophosInstall.exe -Force } | Out-Null

                            # Disable CredSSP on the remote computer, then exit and remove the PS session
                            Disable-WSManCredSSP -Role Server
                            Exit-PSSession
                            Remove-PSSession -Session $session
                        }
                        else
                        {
                            Write-Host "`nCould not establish a PS Session to $computer with CredSSP." -ForegroundColor Red
                            $installFail.Add($computer) | Out-Null
                        }
                }
                else
                {
                    Write-Host "Could not establish a PS Session to $computer." -ForegroundColor Red
                    $installFail.Add($computer) | Out-Null
                }
        }
        else
        {
            Write-Host "Could not contact $computer." -ForegroundColor Red
            $installFail.Add($computer) | Out-Null
        }
    $installPass.Add($computer) | Out-Null
}

Write-Host "`n-------RESULTS--------" -BackgroundColor DarkGray
Write-Host "`nSuccessful:"
Write-Host "$installPass" -ForegroundColor Green
Write-Host "`nFailed:"
Write-Host "$installFail" -ForegroundColor Red