Psapp doesn't something quirky when using new-psdrive

martin · September 8, 2016, 1:38pm

Hi

When I adapted a script I’ve been playing with into psappdeploy script it seems to be doing something strange…

I run the script to connect all network shares that the user has access to. This is used when connecting via DNS VPN.

if I keep the script outside PSADT, it works. when I add it to PSADT, the very last thing it does is remove all drives that were just mapped.

I’m using v3.6.8
here is the script:

If ($deploymentType -ine "Uninstall") {
		##*===============================================
		##* PRE-INSTALLATION
		##*===============================================
		[string]$installPhase = "Pre-Installation"
		
		## Show Welcome Message, close Internet Explorer if required, allow up to 3 deferrals, verify there is enough disk space to complete the install, and persist the prompt
		#Show-InstallationWelcome -CloseApps "iexplore" -AllowDefer -DeferTimes 3 -CheckDiskSpace -PersistPrompt
		
		## Show Progress Message (with the default message)
		#Show-InstallationProgress
		
	    ## <Perform Pre-Installation tasks here>
		
        #start by removing all the old drives if present..

        net use * /d /y

        Show-DialogBox -Title "VPN Drivemapping" -Text "Vi Begynder at mappe dine netværksdrev om lidt. Husk du skal logge ind i Network Connect, når programmet starter om lidt" -Icon "Information"

        
        $getJuniper78 = "C:\Program Files (x86)\Juniper Networks\Network Connect 7.8\dsNetworkConnect.exe"
        $getJuniper79 = "C:\Program Files (x86)\Juniper Networks\Network Connect 7.9\dsNetworkConnect.exe"
        $getJuniper80 = "C:\Program Files (x86)\Juniper Networks\Network Connect 8.0\dsNetworkConnect.exe"
        $getJuniper81 = "C:\Program Files (x86)\Juniper Networks\Network Connect 8.1\dsNetworkConnect.exe"

        $TestJuniper78=test-path $getJuniper78
        $TestJuniper79=test-path $getJuniper79
        $TestJuniper80=test-path $getJuniper80
        $TestJuniper81=test-path $getJuniper81

        $DriveletterF="DOMAIN\SG - GPO - DriveMaps - ARD - Logistik"
        $DriveletterG="DOMAIN\SG - GPO - DriveMaps - QUB - Marketing"
        $DriveletterH="DOMAIN\SG - GPO - DriveMaps - ARD - HR"
        $DriveletterI="DOMAIN\SG - GPO - DriveMaps - ARD - Jokan"
        $DriveletterJ="DOMAIN\SG - GPO - DriveMaps - ARD - Jokan"
        $DriveletterK="DOMAIN\SG - GPO - DriveMaps - ARD - Teknik"
        $DriveletterL="DOMAIN\SG - GPO - DriveMaps - ARD - QLS"
        $DriveletterM="DOMAIN\SG - GPO - DriveMaps - ARD - Management"
        $DriveletterN="DOMAIN\SG - GPO - DriveMaps - ARD - Salg"

        ## = er også DOMAIN\SG - GPO - DriveMaps - ARD - EPLAN

        $DriveletterQ="DOMAIN\SG - GPO - DriveMaps - QUB - Common"
        #R er disabled i GPO
        #$DriveletterR="DOMAIN\SG - GPO - DriveMaps - ARD - Teknik"
        $DriveletterS="DOMAIN\SG - GPO - DriveMaps - ARD - Service"
        $DriveletterT="DOMAIN\SG - GPO - DriveMaps - ARD - Projekt og tilbud"
        $DriveletterU="DOMAIN\SG - GPO - DriveMaps - ARD - Faelles"
        #V er disabled i GPO
        #$DriveletterV="DOMAIN\SG - GPO - DriveMaps - QUB - GroupManagement"
        $DriveletterW="DOMAIN\SG - GPO - DriveMaps - ARD - SupplyChain"
        $DriveletterX="DOMAIN\SG - GPO - DriveMaps - ARD - Financial Management"
        #Y er disabled i GPO
        #$DriveletterY="DOMAIN\SG - GPO - DriveMaps - QUB - Datarum - Arden"

        #username of loggedon user
        $username=get-content env:username

            
            ## Start Juniper and prompt user for username & password
            if     ($TestJuniper81)
                {
                    & $getJuniper81 -asJob
                }
            elseif (!$testJuniper81 -and $testJuniper80)
                {
                    & $getJuniper80 -asJob
                }         
                          

            if      (!$TestJuniper80)
                {
                    & $getJuniper81 -asJob
                }
            elseif  (!$TestJuniper81)
                {
                    & $getJuniper80 -asJob
                }
                        
        # Ping until domain responds
        do {$ping=test-connection -computer "sardad01.domain.local" -quiet} until($ping)

        #make user aware that stuff is happening
        Show-InstallationProgress -StatusMessage "Drevmapning igang"

        
        ##Homedir is the same for everyone
        $testdrive = Get-PSDrive -Name P
        if(!$testdrive)
            {
                new-psdrive -Name "P" -PSProvider FileSystem -Root "\\domain.local\arden\Homedir$\$username" -Persist    
            }
        else
            {
                Remove-PSDrive -Name P
                new-psdrive -Name "P" -PSProvider FileSystem -Root "\\domain.local\arden\Homedir$\$username" -Persist
            }		

		##*===============================================
		##* INSTALLATION 
		##*===============================================
		[string]$installPhase = "Installation"
		
		## Handle Zero-Config MSI Installations
		If ($useDefaultMsi) {
			[hashtable]$ExecuteDefaultMSISplat =  @{ Action = "Install"; Path = $defaultMsiFile }; If ($defaultMstFile) { $ExecuteDefaultMSISplat.Add("Transform", $defaultMstFile) }
			Execute-MSI @ExecuteDefaultMSISplat; If ($defaultMspFiles) { $defaultMspFiles | ForEach-Object { Execute-MSI -Action "Patch" -Path $_ } }
		}
		
		## <Perform Installation tasks here>
		Function Get-AllUserGroups {
        [cmdletbinding()]
        param()
        $Groups = [System.Security.Principal.WindowsIdentity]::GetCurrent().Groups
        foreach ($Group in $Groups) {
        $GroupSID = $Group.Value
        $GroupName = New-Object System.Security.Principal.SecurityIdentifier($GroupSID)
        $GroupDisplayName = $GroupName.Translate([System.Security.Principal.NTAccount])
        $GroupDisplayName
            }
        }
        

$groups=Get-AllUserGroups | Where-Object {$_ -like "*SG - GPO - DriveMaps*" }

    ##we have to handle the Double O
    if ($groups -contains "DOMAIN\SG - GPO - DriveMaps - ARD - Økonomi")
        {
            $testdrive = Get-PSDrive -Name O
            if(!$testdrive)
                {
                    new-psdrive -Name "O" -PSProvider FileSystem -Root "\\domain.local\arden\økonomi" -Persist
                }
            else
                {
                    Remove-PSDrive -Name O -Force
                    new-psdrive -Name "O" -PSProvider FileSystem -Root "\\domain.local\arden\økonomi" -Persist
                }
        }

    ElseIf($groups -contains "DOMAIN\SG - GPO - DriveMaps - ARD - EPLAN")
        {
            $testdrive = Get-PSDrive -Name O
            if(!$testdrive)
                {
                    new-psdrive -Name "O" -PSProvider FileSystem -Root "\\domain.local\Arden\EPLAN" -Persist
                }
            else
                {
                    Remove-PSDrive -Name O -Force
                    new-psdrive -Name "O" -PSProvider FileSystem -Root "\\domain.local\Arden\EPLAN" -Persist
                }
        }

Foreach ($group in $groups)

{

    #write-host $group
    if ($group -eq $driveletterF)
                                                    {
        $testDrive=Get-PSDrive -Name "F"
        if (!$testDrive)
            {
                new-psdrive -Name "F" -PSProvider FileSystem -Root "\\domain.local\arden\logistik" -Persist
            }
        else
            {
                Remove-PSDrive -Name F -Force
                new-psdrive -Name "F" -PSProvider FileSystem -Root "\\domain.local\arden\logistik" -Persist
            }
    }

    if ($group -eq $driveletterG)
                                                    {
        $testDrive=Get-PSDrive -name G
        if (!$testDrive)
            {
                new-psdrive -Name "G" -PSProvider FileSystem -Root "\\domain.local\arden\marketing" -Persist
            }
        else
            {
                Remove-PSDrive -Name G -Force
                new-psdrive -Name "G" -PSProvider FileSystem -Root "\\domain.local\arden\marketing" -Persist
            }

    }

    if ($group -eq $driveletterH)
                                                    {
        $testDrive=Get-PSDrive -Name H
        if (!$testDrive)
            {
                new-psdrive -Name "H" -PSProvider FileSystem -Root "\\domain.local\arden\HR" -Persist
            }
        else
            {
                Remove-PSDrive -Name H -Force
                new-psdrive -Name "H" -PSProvider FileSystem -Root "\\domain.local\arden\HR" -Persist
            }
    }

    
    if ($group -eq $driveletterI)
                                                    {
        $testDrive = Get-PSDrive -Name I
        if (!$testDrive)
            {
                new-psdrive -Name "I" -PSProvider FileSystem -Root "\\domain.local\Arden\CatiaProjekt" -Persist
            }
        else
            {
                Remove-PSDrive -Name I -Force
                new-psdrive -Name "I" -PSProvider FileSystem -Root "\\domain.local\Arden\CatiaProjekt" -Persist
            }
    }

    if ($group -eq $driveletterJ)
                                                    {
        $testDrive = Get-PSDrive -Name J
        if (!$testDrive)
            {
                new-psdrive -Name "J" -PSProvider FileSystem -Root "\\domain.local\Arden\Jokan" -Persist
            }
        else
            {
                Remove-PSDrive -Name J -Force
                new-psdrive -Name "J" -PSProvider FileSystem -Root "\\domain.local\Arden\Jokan" -Persist
            }
    }

    if ($group -eq $driveletterK)
                                                    {
        $testDrive = Get-PSDrive -Name K
        if (!$testDrive)
            {
                new-psdrive -Name "K" -PSProvider FileSystem -Root "\\domain.local\arden\Teknik" -Persist
            }
        else
            {
                Remove-PSDrive -Name K -Force
                new-psdrive -Name "K" -PSProvider FileSystem -Root "\\domain.local\arden\Teknik" -Persist
            }
    }

    if ($group -eq $driveletterL)
                                                    {
        $testDrive = Get-PSDrive -Name L
        if (!$testDrive)
            {
                new-psdrive -Name "L" -PSProvider FileSystem -Root "\\domain.local\arden\QLS" -Persist
            }
        else
            {
                Remove-PSDrive -Name L -Force
                new-psdrive -Name "L" -PSProvider FileSystem -Root "\\domain.local\arden\QLS" -Persist
            }
    }

    if ($group -eq $driveletterM)
                                                    {
        $testDrive = Get-PSDrive -Name M
        if (!$testDrive)
            {
                new-psdrive -Name "M" -PSProvider FileSystem -Root "\\domain.local\arden\ardenmanagement" -Persist
            }
        else
            {
                Remove-PSDrive -Name M -Force 
                new-psdrive -Name "M" -PSProvider FileSystem -Root "\\domain.local\arden\ardenmanagement" -Persist
            }
    }
    

    if ($group -eq $driveletterN)
                                                    {
        $testDrive = Get-PSDrive -Name N
        if (!$testDrive)
            {
                new-psdrive -Name "N" -PSProvider FileSystem -Root "\\domain.local\arden\salg" -Persist
            }
        else
            {
                Remove-PSDrive -Name N -Force
                new-psdrive -Name "N" -PSProvider FileSystem -Root "\\domain.local\arden\salg" -Persist
            }

    }
    

    if ($group -eq $driveletterQ)
                                                    {
        $testDrive = Get-PSDrive -Name Q
        if(!$testDrive)
            {
                new-psdrive -Name "Q" -PSProvider FileSystem -Root "\\domain.local\qubiqa\Qubiqa_Common" -Persist
            }
        else
            {
                Remove-PSDrive -Name Q -Force
                new-psdrive -Name "Q" -PSProvider FileSystem -Root "\\domain.local\qubiqa\Qubiqa_Common" -Persist
            }
    }

    if ($group -eq $driveletterS)
                                                    {
        $testDrive = Get-PSDrive -Name S
        if(!$testDrive)
            {
                new-psdrive -Name "S" -PSProvider FileSystem -Root "\\domain.local\arden\service" -Persist
            }
        else
            {
                Remove-PSDrive -Name S -Force
                new-psdrive -Name "S" -PSProvider FileSystem -Root "\\domain.local\arden\service" -Persist
            }
    }

    if ($group -eq $driveletterT)
                                                    {
        $testDrive = Get-PSDrive -Name T
        if(!$testdrive)
            {
                new-psdrive -Name "T" -PSProvider FileSystem -Root "\\domain.local\arden\ProjektTilbud" -Persist
            }
        else
            {
                Remove-PSDrive -Name T -Force
                new-psdrive -Name "T" -PSProvider FileSystem -Root "\\domain.local\arden\ProjektTilbud" -Persist         
            }
    }

    if ($group -eq $driveletterU)
                                                    {
        $testDrive = Get-PSDrive -Name U
        if(!$testDrive)
            {
                new-psdrive -Name "U" -PSProvider FileSystem -Root "\\domain.local\arden\Faelles" -Persist
            }
        else
            {
                Remove-PSDrive -Name U -Force
                new-psdrive -Name "U" -PSProvider FileSystem -Root "\\domain.local\arden\Faelles" -Persist
            }
    }

    if ($group -eq $driveletterW)
        {
            $testDrive = Get-PSDrive -Name W
            if(!$testDrive)
                {
                    new-psdrive -Name "W" -PSProvider FileSystem -Root "\\domain.local\arden\ardensupplychain" -Persist
                }
            else
                {
                    Remove-PSDrive -Name W -Force
                    new-psdrive -Name "W" -PSProvider FileSystem -Root "\\domain.local\arden\ardensupplychain" -Persist
                }
        }

    if ($group -eq $driveletterX)
                                                    {
        $testDrive = Get-PSDrive -Name X
        if(!$testDrive)
            {
                new-psdrive -Name "X" -PSProvider FileSystem -Root "\\domain.local\arden\ArdenFinancialManagement" -Persist
            }
        else
            {       
                Remove-PSDrive -Name X -Force
                new-psdrive -Name "X" -PSProvider FileSystem -Root "\\domain.local\arden\ArdenFinancialManagement" -Persist
            }
    }

} 

		
		##*===============================================
		##* POST-INSTALLATION
		##*===============================================
		[string]$installPhase = "Post-Installation"
		
		## <Perform Post-Installation tasks here>
		
		## Display a message at the end of the install
		Show-InstallationPrompt -Message "Så er drevmapning afsluttet. Go Arbejdslyst" -ButtonRightText "OK" -Icon Information -NoWait

That-Annoying-Guy · September 9, 2016, 2:18pm

Known new-psdrive issue.
See https://stackoverflow.com/questions/32865461/new-psdrive-persist-doesnt-work#32867280

When logged in as administrator, drive mappings are also Elevation-specific.
mapped drives while being elevated won’t exist when not elevated.

PS: Please don’t post as bug and ask for help at the same time.

martin · September 9, 2016, 6:31pm

hi

sry for posting twice… I just noticed the github repo after I posted here.

If i open powershell ISE “run as administrator”, then load the script and run it… it works… drives stay there etc.
if I create a shortcut and edit properties and select “run as administrator” on the shortcut and then run the script… the drives are removed at the end.

I am elevating in the user context… logged in with standard user and running the script…

are you saying (as the post you refer to) that if I run as elevated…even in the user context… then the drives are considered mounted under another context?

That-Annoying-Guy · September 9, 2016, 7:54pm

YES!

Elevation creates 2 security contexts: Regular and elevated.

Only administrators get 2 security tokens.
When you map drive letters they are mapped using only ONE token.

Drive mappings are Per-user.

Usually drive letters are mapped centrally with a login script.
That way, you do not have to visit every box when you change which server was serving the share(s) for those drive letters.

martin · September 9, 2016, 8:23pm

ok…

can you explain why it works in PS ise with elavation and not with shortcut with elevation?

martin · September 14, 2016, 7:22am

ok, so I tried adding:

-scope global

to each new-psdrive command and that seems to have fixed it…

system · June 20, 2023, 8:10pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Powershell script InTune win32app deployment command General Discussion	1	5230	December 7, 2022
Intune App installation of exe with a variable General Discussion	13	490	February 22, 2024
Copy installation files from network to remote before installation General Discussion	1	1065	April 19, 2019
PSADT and Intune General Discussion	4	416	March 26, 2024
Issue deploying .exe from Intune General Discussion	8	595	March 12, 2024

Psapp doesn't something quirky when using new-psdrive

Related Topics