Skip to content

Commit 8158c07

Browse files
ntdevlabsntdevlabs
authored
language-agnostic admin icacls
1 parent fd1aa7d commit 8158c07

File tree

1 file changed

+8
-6
lines changed

1 file changed

+8
-6
lines changed

tiny11maker.ps1

Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -66,9 +66,11 @@ Write-Host "Getting image information:"
6666
& 'dism' '/English' "/Get-WimInfo" "/wimfile:$mainOSDrive\tiny11\sources\install.wim"
6767
$index = Read-Host "Please enter the image index"
6868
Write-Host "Mounting Windows image. This may take a while."
69+
$adminSID = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544")
70+
$adminGroup = $adminSID.Translate([System.Security.Principal.NTAccount])
6971
$wimFilePath = "$($env:SystemDrive)\tiny11\sources\install.wim"
7072
& takeown "/F" $wimFilePath
71-
& icacls $wimFilePath "/grant" "Administrators:(F)"
73+
& icacls $wimFilePath "/grant" "$($adminGroup.Value):(F)"
7274
try {
7375
Set-ItemProperty -Path $wimFilePath -Name IsReadOnly -Value $false -ErrorAction Stop
7476
} catch {
@@ -134,7 +136,7 @@ if ($architecture -eq 'amd64') {
134136

135137
if ($folderPath) {
136138
& 'takeown' '/f' $folderPath '/r' >null
137-
& 'icacls' $folderPath '/grant' 'Administrators:F' '/T' '/C' >null
139+
& icacls $folderPath "/grant" "$($adminGroup.Value):(F)" '/T' '/C' >null
138140
Remove-Item -Path $folderPath -Recurse -Force >null
139141
} else {
140142
Write-Host "Folder not found."
@@ -144,7 +146,7 @@ if ($architecture -eq 'amd64') {
144146

145147
if ($folderPath) {
146148
& 'takeown' '/f' $folderPath '/r'>null
147-
& 'icacls' $folderPath '/grant' 'Administrators:F' '/T' '/C' >null
149+
& icacls $folderPath "/grant" "$($adminGroup.Value):(F)" '/T' '/C' >null
148150
Remove-Item -Path $folderPath -Recurse -Force >null
149151
} else {
150152
Write-Host "Folder not found."
@@ -153,11 +155,11 @@ if ($architecture -eq 'amd64') {
153155
Write-Host "Unknown architecture: $architecture"
154156
}
155157
& 'takeown' '/f' "$mainOSDrive\scratchdir\Windows\System32\Microsoft-Edge-Webview" '/r' >null
156-
& 'icacls' "$mainOSDrive\scratchdir\Windows\System32\Microsoft-Edge-Webview" '/grant' 'Administrators:F' '/T' '/C' >null
158+
& 'icacls' "$mainOSDrive\scratchdir\Windows\System32\Microsoft-Edge-Webview" '/grant' "$($adminGroup.Value):(F)" '/T' '/C' >null
157159
Remove-Item -Path "$mainOSDrive\scratchdir\Windows\System32\Microsoft-Edge-Webview" -Recurse -Force >null
158160
Write-Host "Removing OneDrive:"
159161
& 'takeown' '/f' "$mainOSDrive\scratchdir\Windows\System32\OneDriveSetup.exe" >null
160-
& 'icacls' "$mainOSDrive\scratchdir\Windows\System32\OneDriveSetup.exe" '/grant' 'Administrators:F' '/T' '/C' >null
162+
& 'icacls' "$mainOSDrive\scratchdir\Windows\System32\OneDriveSetup.exe" '/grant' "$($adminGroup.Value):(F)" '/T' '/C' >null
161163
Remove-Item -Path "$mainOSDrive\scratchdir\Windows\System32\OneDriveSetup.exe" -Force >null
162164
Write-Host "Removal complete!"
163165
Start-Sleep -Seconds 2
@@ -364,7 +366,7 @@ Clear-Host
364366
Write-Host "Mounting boot image:"
365367
$wimFilePath = "$($env:SystemDrive)\tiny11\sources\boot.wim"
366368
& takeown "/F" $wimFilePath >null
367-
& icacls $wimFilePath "/grant" "Administrators:(F)" >null
369+
& icacls $wimFilePath "/grant" "$($adminGroup.Value):(F)"
368370
Set-ItemProperty -Path $wimFilePath -Name IsReadOnly -Value $false
369371
& 'dism' '/English' '/mount-image' "/imagefile:$mainOSDrive\tiny11\sources\boot.wim" '/index:2' "/mountdir:$mainOSDrive\scratchdir"
370372
Write-Host "Loading registry..."

0 commit comments

Comments
 (0)