Skip to content

Commit d014d01

Browse files
ntdevlabsntdevlabs
authored
more lang-agnostic admin
1 parent 8158c07 commit d014d01

File tree

1 file changed

+4
-5
lines changed

1 file changed

+4
-5
lines changed

tiny11maker.ps1

Lines changed: 4 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,8 @@ if ((Get-ExecutionPolicy) -eq 'Restricted') {
1414
}
1515

1616
# Check and run the script as admin if required
17+
$adminSID = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544")
18+
$adminGroup = $adminSID.Translate([System.Security.Principal.NTAccount])
1719
$myWindowsID=[System.Security.Principal.WindowsIdentity]::GetCurrent()
1820
$myWindowsPrincipal=new-object System.Security.Principal.WindowsPrincipal($myWindowsID)
1921
$adminRole=[System.Security.Principal.WindowsBuiltInRole]::Administrator
@@ -66,8 +68,6 @@ Write-Host "Getting image information:"
6668
& 'dism' '/English' "/Get-WimInfo" "/wimfile:$mainOSDrive\tiny11\sources\install.wim"
6769
$index = Read-Host "Please enter the image index"
6870
Write-Host "Mounting Windows image. This may take a while."
69-
$adminSID = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544")
70-
$adminGroup = $adminSID.Translate([System.Security.Principal.NTAccount])
7171
$wimFilePath = "$($env:SystemDrive)\tiny11\sources\install.wim"
7272
& takeown "/F" $wimFilePath
7373
& icacls $wimFilePath "/grant" "$($adminGroup.Value):(F)"
@@ -313,14 +313,13 @@ Enable-Privilege SeTakeOwnershipPrivilege
313313

314314
$regKey = [Microsoft.Win32.Registry]::LocalMachine.OpenSubKey("zSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks",[Microsoft.Win32.RegistryKeyPermissionCheck]::ReadWriteSubTree,[System.Security.AccessControl.RegistryRights]::TakeOwnership)
315315
$regACL = $regKey.GetAccessControl()
316-
$regACL.SetOwner([System.Security.Principal.NTAccount]"Administrators")
316+
$regACL.SetOwner($adminGroup)
317317
$regKey.SetAccessControl($regACL)
318318
$regKey.Close()
319319
Write-Host "Owner changed to Administrators."
320-
321320
$regKey = [Microsoft.Win32.Registry]::LocalMachine.OpenSubKey("zSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks",[Microsoft.Win32.RegistryKeyPermissionCheck]::ReadWriteSubTree,[System.Security.AccessControl.RegistryRights]::ChangePermissions)
322321
$regACL = $regKey.GetAccessControl()
323-
$regRule = New-Object System.Security.AccessControl.RegistryAccessRule ("Administrators","FullControl","ContainerInherit","None","Allow")
322+
$regRule = New-Object System.Security.AccessControl.RegistryAccessRule ($adminGroup,"FullControl","ContainerInherit","None","Allow")
324323
$regACL.SetAccessRule($regRule)
325324
$regKey.SetAccessControl($regACL)
326325
Write-Host "Permissions modified for Administrators group."

0 commit comments

Comments
 (0)