MDT-Setup.ps1

<#PSScriptInfo
 
.VERSION 22.12.02
 
.GUID fbe115c8-16db-441c-805a-5505f93eb012
 
.AUTHOR Mike Galvin Contact: mike@gal.vin / twitter.com/mikegalvin_ / discord.gg/5ZsnJ5k
 
.COMPANYNAME Mike Galvin
 
.COPYRIGHT (C) Mike Galvin. All rights reserved.
 
.TAGS Microsoft Deployment Toolkit Install
 
.LICENSEURI
 
.PROJECTURI https://gal.vin/utils/mdt-setup
 
.ICONURI
 
.EXTERNALMODULEDEPENDENCIES
 
.REQUIREDSCRIPTS
 
.EXTERNALSCRIPTDEPENDENCIES
 
.RELEASENOTES
 
#>


<#
    .SYNOPSIS
    Install and configure MDT
 
    .DESCRIPTION
    Installs and configures MDT on a new domain joined server with an internet connection.
#>


## Set up command line switches.
[CmdletBinding()]
Param(
    [switch]$Help,
    [switch]$UpdateCheck)

    Write-Host -ForegroundColor Yellow -BackgroundColor Black -Object "
     __ __ ______ _______ _______ _______ _______ __ __ _______
    | |_| || | | | | || || || | | || |
    | || _ ||_ _| ____ | _____|| ___||_ _|| | | || _ |
    | || | | | | | |____| | |_____ | |___ | | | |_| || |_| |
    | || |_| | | | |_____ || ___| | | | || ___|
    | ||_|| || | | | _____| || |___ | | | || |
    |_| |_||______| |___| |_______||_______| |___| |_______||___|
                                                                                        
            Mike Galvin https://gal.vin Version 22.12.02
      Donate: https://www.paypal.me/digressive See -help for usage
"


If ($UpdateCheck)
{
    $ScriptVersion = "22.12.02"
    $RawSource = "https://raw.githubusercontent.com/Digressive/MDT-Setup/main/MDT-Setup.ps1"
    $SourceCheck = Invoke-RestMethod -uri "$RawSource"
    $VerCheck = Select-String -Pattern ".VERSION $ScriptVersion" -InputObject $SourceCheck
    If ($null -eq $VerCheck)
    {
        Write-Host -ForegroundColor Yellow -BackgroundColor Black -Object "There is an update available."
        exit
    }

    else {
        Write-Host -ForegroundColor Yellow -BackgroundColor Black -Object "This script is up to date."
        exit
    }
}

If ($Help)
{
    Write-Host -Object "Usage:
    From a terminal run: [path\]MDT-Setup.ps1
    Answer the questions, the default option is capitalized. eg. y/N - no (N) is the default.
    You will need to know the following information:
    * Windows version to deploy
    * Windows language
    * Build share path and name
    * Deploy share path and name
    * Time zone name
    * Keyboard locale code and name
    * Windows UI language
    * Windows user language
    * Domain group for MDT Admins
    * Domain user for domain join
    * Domain password for above user
    * Domain name
    * OU for new PC accounts
    * WSUS server information if you want to use it"

    exit
}

else {
    $Begin = Read-Host -Prompt "Would you like to begin the MDT installation process? (y/N)"
    If ($Begin -eq '')
    {
        $Begin = "n"
    }

    If ($Begin -eq "y")
    {
        ## User Preferences

        $WinCode = Read-Host -Prompt "Enter Windows version and update that you will be deploying. This will be used as a unique identifier for MDT. (default: W10-22H2)"
        If ($WinCode -eq '')
        {
            $WinCode = "W10-22H2" ## Windows version and update
        }

        ## Windows Download Preferences
        ## If you already have your own Windows source files then you should import that to the Build share as an OS
        $ConvertESD = Read-Host -Prompt "Do you want to download and convert the Windows image to a WIM? (y/N)"
        If ($ConvertESD -eq '')
        {
            $ConvertESD = "n" ## Set this to "y" to have the script download Windows and convert the ESD to a WIM for MDT
        }

        If ($ConvertESD -eq "y")
        {
            $WinVer = Read-Host -Prompt "Do you want to deploy Windows 11? (y/N)"
            If ($WinVer -eq '')
            {
                $WinVer = "n"
            }

            $LangCode = Read-Host -Prompt "Enter the language code of the Windows download (default: en-gb)"
            If ($LangCode -eq '')
            {
                $LangCode = "en-gb" ## The language of the Windows to download. Example: en-US
            }
        }

        ## Share names and paths
        $MdtBuildShare = Read-Host -Prompt "Enter the local path of the Build share (default: C:\BuildShare)"
        If ($MdtBuildShare -eq '')
        {
            $MdtBuildShare = "C:\BuildShare" ## Local path of the Build share
        }

        $MdtBuildShareName = Read-Host -Prompt "Enter the share name of the Build share (default: BuildShare$)"
        If ($MdtBuildShareName -eq '')
        {
            $MdtBuildShareName = "BuildShare$" ## Share name of the Build share
        }

        $MdtDepShare = Read-Host -Prompt "Enter the local path of the Deployment share (default: C:\DeployShare)"
        If ($MdtDepShare -eq '')
        {
            $MdtDepShare = "C:\DeployShare" ## Local path of the Deployment share
        }

        $MdtDepShareName = Read-Host -Prompt "Enter the share name of the Deployment share (default: DeployShare$)"
        If ($MdtDepShareName -eq '')
        {
            $MdtDepShareName = "DeployShare$" ## Share name of the Deployment share
        }

        ## Preferences for Deployment share CustomSettings.ini
        $TZName = Read-Host -Prompt "Enter the time zone name (default: GMT Standard Time)"
        If ($TZName -eq '')
        {
            $TZName = "GMT Standard Time"## The time zone for Windows
        }

        $KbLocaleCode = Read-Host -Prompt "Enter the keyboard locale code for Windows (default: 0809:00000809)"
        If ($KbLocaleCode -eq '')
        {
            $KbLocaleCode = "0809:00000809" ## The keyboard locale for Windows
        }

        $UILang = Read-Host -Prompt "Enter the locale for the Windows deployment (default: en-GB)"
        If ($UILang -eq '')
        {
            $UILang = "en-GB" ## The UI locale for Windows
            $UsrLocale = "en-GB" ## The user locale for Windows
            $KbLocaleName = "en-GB" ## The keyboard locale name for Windows
        }

        $MDTAdminGrp = Read-Host -Prompt "Enter the domain group to be used for MDT administrators (eg. mdt-admins)"
        $DomainUsr = Read-Host -Prompt "Enter the domain user to be used to add a PC to the domain - this user should be a member of the MDT Admins domain group (eg. mdt_admin)"
        $DomainPwrd = Read-Host -Prompt "Enter the password of the user above (eg. p@ssw0rD)"
        $DomainName = Read-Host -Prompt "Enter the domain of the user above (eg. contoso.com)"
        $OU = Read-Host -Prompt "Enter the full AD path for newly imaged PCs (eg. OU=PCs,DC=contoso,DC=com)"

        $UseWSUS = Read-Host -Prompt "Do you want to use a WSUS server? (y/N)"
        If ($UseWSUS -eq '')
        {
            $UseWSUS = "n"
        }

        If ($UseWSUS -eq "y")
        {
            $WSUSServer = Read-Host -Prompt "Enter the name and port of the WSUS server to use (eg. Wsus-Server:8530)"
        }

        Write-Host -Object ""
        Write-Host -Object "Configuration Summary:
        Windows version and update code: $WinCode
        Download and convert Windows ESD: $ConvertESD"

        If ($ConvertESD -eq "y")
        {
            Write-Host -Object " Windows language to download : $LangCode"
        }

        Write-Host -Object " Build share path: $MdtBuildShare
        Build share name: $MdtBuildShareName
        Deploy share path: $MdtDepShare
        Deploy share name: $MdtDepShareName
        Time zone name: $TZName
        Keyboard locale code: $KbLocaleCode
        Keyboard locale name: $KbLocaleName
        Windows UI language: $UILang
        Windows user language: $UsrLocale
        Domain group for MDT permissions: $MDTAdminGrp
        Domain user for domain join: $DomainUsr
        Domain password for above user: $DomainPwrd
        Domain name: $DomainName
        OU for new PC account: $OU
        Use WSUS server: $UseWSUS"

        If ($UseWSUS -eq "y")
        {
            Write-Host -Object " WSUS server name and port: $WSUSServer"
        }

        $Ready = Read-Host -Prompt "Are you ready to begin the process? (eg. y/N)"
        If ($Ready -eq '')
        {
            $Ready = "n"
        }

        ## URLs - shouldn't have to change these until MSFT release new versions
        $MdtSrc = "https://download.microsoft.com/download/3/3/9/339BE62D-B4B8-4956-B58D-73C4685FC492/MicrosoftDeploymentToolkit_x64.msi" ## MDT main package
        $AdkSrc = "https://go.microsoft.com/fwlink/?linkid=2120254" ## ADK 2004
        $AdkPeSrc = "https://go.microsoft.com/fwlink/?linkid=2120253" ## ADK 2004 Win PE
        $MdtPatchSrc = "https://download.microsoft.com/download/3/0/6/306AC1B2-59BE-43B8-8C65-E141EF287A5E/KB4564442/MDT_KB4564442.exe" ## MDT Patch
        If ($WinVer -eq "y")
        {
            $MctSrc = "https://go.microsoft.com/fwlink/?linkid=2156295" ## Media Creation Tool for Windows 11
            $MctExe = "MediaCreationToolW11.exe"
        }

        else {
            $MctSrc = "https://go.microsoft.com/fwlink/?LinkId=691209" ## Media Creation Tool for Windows 10
            $MctExe = "MediaCreationTool22H2.exe"
        }

        If ($Ready -eq "y")
        {
            ##
            ## Start Process
            ##
            ## Downloads
            Write-Host "Downloading Installers"
            Invoke-WebRequest -uri $MdtSrc -Outfile "$PSScriptRoot\MicrosoftDeploymentToolkit_x64.msi"
            Invoke-WebRequest -uri $AdkSrc -Outfile "$PSScriptRoot\adksetup.exe"
            Invoke-WebRequest -uri $AdkPeSrc -Outfile "$PSScriptRoot\adkwinpesetup.exe"
            Invoke-WebRequest -uri $MdtPatchSrc -Outfile "$PSScriptRoot\MDT_KB4564442.exe"

            ## Installs
            Write-Host "Installing ADK"
            Start-Process $PSScriptRoot\adksetup.exe -ArgumentList "/features OptionId.DeploymentTools OptionId.ICDConfigurationDesigner OptionId.ImagingAndConfigurationDesigner OptionId.UserStateMigrationTool /q" -Wait

            Write-Host "Installing ADK-WinPE"
            Start-Process $PSScriptRoot\adkwinpesetup.exe -ArgumentList "/features + /q" -Wait

            Write-Host "Installing MDT"
            Start-Process msiexec -ArgumentList "/i $PSScriptRoot\MicrosoftDeploymentToolkit_x64.msi /qn" -Wait

            Write-Host "Installing MDT Patch KB4564442"
            Start-Process $PSScriptRoot\MDT_KB4564442.exe -ArgumentList "-q -extract:$PSScriptRoot\MDT_KB4564442" -Wait
            Copy-Item -Path "$PSScriptRoot\MDT_KB4564442\x64\*" -Destination "$env:ProgramFiles\Microsoft Deployment Toolkit\Templates\Distribution\Tools\x64"
            Copy-Item -Path "$PSScriptRoot\MDT_KB4564442\x86\*" -Destination "$env:ProgramFiles\Microsoft Deployment Toolkit\Templates\Distribution\Tools\x86"

            ## Import MDT PowerShell
            Import-Module "$env:ProgramFiles\Microsoft Deployment Toolkit\bin\MicrosoftDeploymentToolkit.psd1"

            ## Build Share
            ## Create Build Share
            Write-Host "Creating Build Share"
            New-Item -Path "$MdtBuildShare" -ItemType Directory
            New-SmbShare -Name "$MdtBuildShareName" -Path "$MdtBuildShare" -FullAccess Administrators
            New-PSDrive -Name "DS001" -PSProvider "MDTProvider" -Root "$MdtBuildShare" -Description "MDT Build Share" -NetworkPath "\\$env:ComputerName\$MdtBuildShareName" | Add-MDTPersistentDrive

            If ($ConvertESD -eq "y")
            {
                ## Download OS
                Write-Host "Downloading Windows iso"
                Invoke-WebRequest -uri $MctSrc -Outfile "$PSScriptRoot\$MctExe"
                Write-Host "The Media Creation tool requires user interaction."
                Write-Host "Use this key to download your Windows iso: NPPR9-FWDCX-D2C8J-H872K-2YT43"
                Write-Host "Choose 'Create installation media' and then the 'ISO file' option to download an iso file."
                Write-Host "Please save the Windows iso file to the same folder that contains this script, otherwise things will fail"
                Start-Process $PSScriptRoot\$MctExe -ArgumentList "/Eula Accept /Retail /MediaArch x64 /MediaLangCode $LangCode /MediaEdition Enterprise" -Wait

                If ($ConvertESD -eq "y")
                {
                    $WinFileName = Read-Host -Prompt "Enter the name of the Windows iso file that you downloaded (default: windows.iso)"
                    If ($WinFileName -eq '')
                    {
                        $WinFileName = "Windows.iso" ## The name of the Windows iso that will be downloaded via Media Creation Tool
                    }
                }

                ## Copy Source Files
                Write-Host "Copying Windows source files"
                Mount-DiskImage -ImagePath "$PSScriptRoot\$WinFileName" -NoDriveLetter
                Copy-Item -Path \\.\CDROM1\ -Destination $PSScriptRoot\$WinCode -Recurse
                Dismount-DiskImage -ImagePath "$PSScriptRoot\Windows.iso"

                ## Convert ESD to WIM
                Write-Host "Converting ESD to WIM"
                DISM /export-image /SourceImageFile:$PSScriptRoot\$WinCode\sources\install.esd /SourceIndex:3 /DestinationImageFile:$PSScriptRoot\$WinCode\sources\install.wim /Compress:max /CheckIntegrity
                Remove-Item -Path $PSScriptRoot\$WinCode\sources\install.esd -Force
            }

            ## Add to MDT
            New-Item -Path "DS001:\Operating Systems\$WinCode" -ItemType Directory

            If ($ConvertESD -eq "y")
            {
                Write-Host "Importing Windows to MDT"
                Import-MDTOperatingSystem -Path "DS001:\Operating Systems\$WinCode" -SourcePath $PSScriptRoot\$WinCode -DestinationFolder "$WinCode"
                $WimFiles = Get-ChildItem -Path "DS001:\Operating Systems\$WinCode\*.wim"
                ForEach ($WimFile in $WimFiles)
                {
                    Rename-Item -Path "DS001:\Operating Systems\$WinCode\*.wim" -NewName "$WinCode.wim"
                }
            }

            ## Packages and Selection Profiles
            Write-Host "Creating selection profile"
            New-Item -Path "DS001:\Packages\$WinCode" -ItemType Directory
            New-Item -Path "DS001:\Selection Profiles" -enable "True" -Name "$WinCode" -Comments "" -Definition "<SelectionProfile><Include path=`"Packages\$WinCode`" /></SelectionProfile>" -ReadOnly "False"

            ## New TS From Template
            Write-Host "Downloading Build Task Sequence template"
            Invoke-WebRequest -uri "https://raw.githubusercontent.com/Digressive/MDT-Files/master/MDT-Templates/Client-Build-Template.xml" -Outfile "$MdtBuildShare\Templates\Client-Build-Template.xml"

            If ($ConvertESD -eq "y")
            {
                Write-Host "Creating Build Task Sequence"
                Import-MdtTaskSequence -Path "DS001:\Task Sequences" -Name "Build $WinCode" -Template "Client-Build-Template.xml" -Comments "" -ID "$WinCode" -Version "1.0" -OperatingSystemPath "DS001:\Operating Systems\$WinCode\$WinCode.wim" -FullName "user" -OrgName "org" -HomePage "about:blank"
            }

            ## MDT configuration
            ## Build share CustomSettings.ini
            Write-Host "Backing up original CustomSettings.ini"
            Rename-Item -Path $MdtBuildShare\Control\CustomSettings.ini -NewName CustomSettings-OgBackup.ini
            Write-Host "Creating custom CustomSettings.ini"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "[Settings]"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "Priority=Default"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "Properties=MyCustomProperty"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value ""
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "[Default]"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "OSInstall=Y"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "SkipCapture=YES"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "SkipAdminPassword=YES"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "SkipProductKey=YES"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "SkipComputerBackup=YES"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "SkipBitLocker=YES"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "SkipLocaleSelection=YES"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "SkipTimeZone=YES"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "SkipDomainMembership=YES"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "SkipSummary=YES"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "SkipFinalSummary=YES"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "SkipComputerName=YES"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "SkipUserData=YES"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value ""
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "_SMSTSORGNAME=Build Share"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "_SMSTSPackageName=%TaskSequenceName%"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "DoCapture=YES"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "ComputerBackupLocation=\\$env:ComputerName\$MdtBuildShareName\Captures"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value 'BackupFile=%TaskSequenceID%_#year(date) & "-" & month(date) & "-" & day(date) & "-" & hour(time) & "-" & minute(time)#.wim'
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "SLShare=\\$env:ComputerName\$MdtBuildShareName\Logs\#year(date) & `"-`" & month(date) & `"-`" & day(date) & `"_`" & hour(time) & `"-`" & minute(time)#"
            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "SLShareDynamicLogging=\\$env:ComputerName\$MdtBuildShareName\DynamicLogs\#year(date) & `"-`" & month(date) & `"-`" & day(date) & `"_`" & hour(time) & `"-`" & minute(time)#"

            If ($UseWSUS -eq "y")
            {
                Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "WSUSServer=http://$WsusServer"
            }

            Add-Content -Path $MdtBuildShare\Control\CustomSettings.ini -Value "FinishAction=SHUTDOWN"

            ## Change MDT config to disable x86 support for boot media
            Write-Host "Configuring MDT"
            $XMLContent = Get-Content "$MdtBuildShare\Control\Settings.xml"
            $XMLContent = $XMLContent -Replace '<SupportX86>True</SupportX86>','<SupportX86>False</SupportX86>'
            $XMLContent | Out-File "$MdtBuildShare\Control\Settings.xml"

            ## Update Build share to generate boot media
            Write-Host "Updating Build share and generating boot media"
            Update-MDTDeploymentShare -path "DS001:" -Force

            ## Deployment Share
            ## Create Deployment Share
            Write-Host "Creating Deployment Share"
            New-Item -Path "$MdtDepShare" -ItemType Directory
            New-SmbShare -Name "$MdtDepShareName" -Path "$MdtDepShare" -FullAccess Administrators
            New-PSDrive -Name "DS002" -PSProvider "MDTProvider" -Root "$MdtDepShare" -Description "MDT Deploy Share" -NetworkPath "\\$env:ComputerName\$MdtDepShareName" | Add-MDTPersistentDrive

            ## Packages, Drivers and Selection Profiles
            Write-Host "Creating selection profiles, package and driver folder structure"
            New-Item -Path "DS002:\Packages\$WinCode" -ItemType Directory
            New-Item -Path "DS002:\Selection Profiles" -enable "True" -Name "$WinCode" -Comments "" -Definition "<SelectionProfile><Include path=`"Packages\$WinCode`" /></SelectionProfile>" -ReadOnly "False"
            New-Item -Path "DS002:\Out-of-Box Drivers\Microsoft Corporation" -ItemType Directory
            New-Item -Path "DS002:\Out-of-Box Drivers\Microsoft Corporation\Virtual Machine" -ItemType Directory
            New-Item -Path "DS002:\Out-of-Box Drivers\VMware, Inc." -ItemType Directory
            New-Item -Path "DS002:\Out-of-Box Drivers\VMware, Inc.\VMwareVirtual Platform" -ItemType Directory
            New-Item -Path "DS002:\Out-of-Box Drivers\WinPE" -ItemType Directory
            New-Item -Path "DS002:\Selection Profiles" -enable "True" -Name "WinPE" -Comments "" -Definition "<SelectionProfile><Include path=`"Out-of-Box Drivers\WinPE`" /></SelectionProfile>" -ReadOnly "False"

            ## New TS From Template
            Write-Host "Downloading Deploy Task Sequence template"
            Invoke-WebRequest -uri "https://raw.githubusercontent.com/Digressive/MDT-Files/master/MDT-Templates/Client-Deploy-Template.xml" -Outfile "$MdtDepShare\Templates\Client-Deploy-Template.xml"

            ## Deploy share CustomSettings.ini
            Write-Host "Backing up original CustomSettings.ini"
            Rename-Item -Path $MdtDepShare\Control\CustomSettings.ini -NewName CustomSettings-OgBackup.ini
            Write-Host "Creating custom CustomSettings.ini"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "[Settings]"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "Priority=Model, Default, SetOSD"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "Properties=OSDPrefix"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value ""
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "[Virtual Machine]"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "OSDComputerName=%TaskSequenceID%"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value ""
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "[Default]"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "_SMSTSORGNAME=Deploy"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "_SMSTSPackageName=%TaskSequenceName%"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value ""
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "; MDT deployment settings"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "OSInstall=Y"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "SkipCapture=YES"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "SkipAdminPassword=YES"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "SkipProductKey=YES"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "SkipComputerBackup=YES"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "SkipBitLocker=YES"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value ""
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "; Locale and screen res"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "TimeZoneName=$TZName"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "KeyboardLocale=$KbLocaleCode"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "UILanguage=$UILang"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "UserLocale=$UsrLocale"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "KeyboardLocale=$KbLocaleName"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "BitsPerPel=32"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "VRefresh=60"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "XResolution=1"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "YResolution=1"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "HideShell=YES"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value ""
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "; Join Domain"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "JoinDomain=$DomainName"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "DomainAdmin=$DomainUsr"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "DomainAdminDomain=$DomainName"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "DomainAdminPassword=$DomainPwrd"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "MachineObjectOU=$OU"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value ""
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "; Other Settings"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "SkipUserData=YES"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "SkipDomainMembership=YES"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "SkipLocaleSelection=YES"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "SkipTimeZone=YES"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "SkipSummary=YES"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "SkipFinalSummary=YES"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "FinishAction=SHUTDOWN"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "SLShare=\\$env:ComputerName\$MdtDepShareName\Logs\#year(date) & `"-`" & month(date) & `"-`" & day(date) & `"_`" & hour(time) & `"-`" & minute(time)#"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "SLShareDynamicLogging=\\$env:ComputerName\$MdtDepShareName\DynamicLogs\#year(date) & `"-`" & month(date) & `"-`" & day(date) & `"_`" & hour(time) & `"-`" & minute(time)#"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value ""

            If ($UseWSUS -eq "y")
            {
                Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "WSUSServer=http://$WsusServer"
            }

            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "; this line intentionally left blank"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value "; this line intentionally left blank"
            Add-Content -Path $MdtDepShare\Control\CustomSettings.ini -Value ""

            ## Change MDT config to disable x86 support for boot media
            ## And set the WinPE selection profile for the drivers
            Write-Host "Configuring MDT"
            $XMLContent = Get-Content "$MdtDepShare\Control\Settings.xml"
            $XMLContent = $XMLContent -Replace '<SupportX86>True</SupportX86>','<SupportX86>False</SupportX86>'
            $XMLContent = $XMLContent -Replace '<Boot.x64.SelectionProfile>All Drivers and Packages</Boot.x64.SelectionProfile>','<Boot.x64.SelectionProfile>WinPE</Boot.x64.SelectionProfile>'
            $XMLContent | Out-File "$MdtDepShare\Control\Settings.xml"

            ## Update Deploy share to generate boot media
            Write-Host "Updating Deploy share and generating boot media"
            Update-MDTDeploymentShare -path "DS002:" -Force

            ## Set Permissions
            Write-Host "Setting Share Permissions"
            Grant-SmbShareAccess -Name $MdtBuildShareName -AccountName "$DomainName\$MDTAdminGrp" -AccessRight Full -Force
            Grant-SmbShareAccess -Name $MdtDepShareName -AccountName "$DomainName\$MDTAdminGrp" -AccessRight Full -Force

            Write-Host "Setting File Permissions"
            icacls "$MdtBuildShare" /grant $DomainName\$MDTAdminGrp':(OI)(CI)(F)'
            icacls "$MdtDepShare" /grant $DomainName\$MDTAdminGrp':(OI)(CI)(F)'

            Write-Host "Finished!"
        }
    }
}

## End