Install-SecureMFA_COM_Extensions.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
#Requires -RunAsAdministrator

<#
     .SYNOPSIS
        Installs COM extensions for SecureMFA.com provider.
    .DESCRIPTION
        SecureMFA_SupportTools.dll COM extensions are used by Microsoft RDS Gateway server to provide OTP functionality.
        COM extensions are only required to be present on RDS gateway server when SecureMFA_RDS provider is used to enable OTP codes for this service.
 
        Dependencies:
            * System which executes a script must have Microsoft Framework 4.6.1 and above installed.
            * SecureMFA_SupportTools.dll file must be present in script directory.
  
    .NOTES
        Version: $dllversion
        Author: SecureMfa.com
        Creation Date: 16/07/2020
        Purpose/Change: Added COM extensions.
   
    .EXAMPLE
        C:\PS> Install-SecureMFA_COM_Extensions
 
        This command will install SecureMFA_SupportTools.dll COM extensions on the server.
    
#>


$dllpath = (Join-Path -Path $PSScriptRoot -ChildPath SecureMFA_SupportTools.dll)
$dllversion = [System.Diagnostics.FileVersionInfo]::GetVersionInfo("$dllpath").FileVersion

Write-Host "File: $dllpath"
Write-Host "Version: $dllversion"

#Check if windows events source for application log exist, if not create one.
if ([System.Diagnostics.EventLog]::SourceExists("SecureMFA_SupportTools") -eq $False) {New-EventLog -LogName "Application" -Source "SecureMFA_SupportTools" ; Write-Host "SecureMFA_SupportTools Log Source Created."}

#Load GAC Assembly
Set-location $PSScriptRoot            
[System.Reflection.Assembly]::Load("System.EnterpriseServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a") 
$publish = New-Object System.EnterpriseServices.Internal.Publish

Function Install-SecureMFA_COM_Extensions {
Param
(
    [Parameter(Mandatory=$false, ParameterSetName="Default")]
    [Switch]$Force
)
    
    #Check if TSGateway existi on the system
    if(((Get-Service tsgateway -ErrorAction SilentlyContinue).Status -eq $null) -and (!($Force))) {write-host "COM extensions are only required for RDS Gateway when used with SecureMFA_RDS_OTP provider. TS Gateway services doesn't exist on $env:COMPUTERNAME" -ForegroundColor Yellow; break}
    
    try
    {
        $Error.Clear()
        if (!(Test-Path $dllpath -Type Leaf) ) { throw "The assembly $dllpath does not exist" }

        write-host "Installing SecureMFA_SupportTools on the server" -ForegroundColor Cyan

        #Remove SecureMfaOtpProvider DLL from GAC assembly
        $publish.GacRemove($dllpath)       

        #Add SecureMfaOtpProvider DLL to GAC assembly
        $publish.GacInstall($dllpath)     

        #Add COM registry entries
        New-Item "HKLM:\SOFTWARE\Classes\SecureMFA_SupportTools.SecureMFACOM_Class" -force -ea SilentlyContinue;
        New-Item "HKLM:\SOFTWARE\Classes\SecureMFA_SupportTools.SecureMFACOM_Class\CLSID" -force -ea SilentlyContinue;
        New-Item "HKLM:\SOFTWARE\Classes\CLSID\{70A8A539-0204-4DB6-B52A-3B467A7F4134}" -force -ea SilentlyContinue;
        New-Item "HKLM:\SOFTWARE\Classes\CLSID\{70A8A539-0204-4DB6-B52A-3B467A7F4134}\InprocServer32" -force -ea SilentlyContinue;
        New-Item "HKLM:\SOFTWARE\Classes\CLSID\{70A8A539-0204-4DB6-B52A-3B467A7F4134}\InprocServer32\$dllversion" -force -ea SilentlyContinue;
        New-Item "HKLM:\SOFTWARE\Classes\CLSID\{70A8A539-0204-4DB6-B52A-3B467A7F4134}\ProgId" -force -ea SilentlyContinue;
        New-Item "HKLM:\SOFTWARE\Classes\CLSID\{70A8A539-0204-4DB6-B52A-3B467A7F4134}\Implemented Categories\{62C8FE65-4EBB-45E7-B440-6E39B2CDBF29}" -force -ea SilentlyContinue;
        New-Item "HKLM:\SOFTWARE\Classes\SecureMFA_SupportTools.OTP" -force -ea SilentlyContinue;
        New-Item "HKLM:\SOFTWARE\Classes\SecureMFA_SupportTools.OTP\CLSID" -force -ea SilentlyContinue;
        New-Item "HKLM:\SOFTWARE\Classes\CLSID\{A25BE1A0-B7B8-3BBB-997B-D692302EB3FD}" -force -ea SilentlyContinue;
        New-Item "HKLM:\SOFTWARE\Classes\CLSID\{A25BE1A0-B7B8-3BBB-997B-D692302EB3FD}\InprocServer32" -force -ea SilentlyContinue;
        New-Item "HKLM:\SOFTWARE\Classes\CLSID\{A25BE1A0-B7B8-3BBB-997B-D692302EB3FD}\InprocServer32\$dllversion" -force -ea SilentlyContinue;
        New-Item "HKLM:\SOFTWARE\Classes\CLSID\{A25BE1A0-B7B8-3BBB-997B-D692302EB3FD}\ProgId" -force -ea SilentlyContinue;
        New-Item "HKLM:\SOFTWARE\Classes\CLSID\{A25BE1A0-B7B8-3BBB-997B-D692302EB3FD}\Implemented Categories\{62C8FE65-4EBB-45E7-B440-6E39B2CDBF29}" -force -ea SilentlyContinue;
        New-Item "HKLM:\SOFTWARE\Classes\SecureMFA_SupportTools.IDPAUTH" -force -ea SilentlyContinue;
        New-Item "HKLM:\SOFTWARE\Classes\SecureMFA_SupportTools.IDPAUTH\CLSID" -force -ea SilentlyContinue;
        New-Item "HKLM:\SOFTWARE\Classes\CLSID\{D4AA5E37-519C-367C-9C74-56220EABCA6D}" -force -ea SilentlyContinue;
        New-Item "HKLM:\SOFTWARE\Classes\CLSID\{D4AA5E37-519C-367C-9C74-56220EABCA6D}\InprocServer32" -force -ea SilentlyContinue;
        New-Item "HKLM:\SOFTWARE\Classes\CLSID\{D4AA5E37-519C-367C-9C74-56220EABCA6D}\InprocServer32\$dllversion" -force -ea SilentlyContinue;
        New-Item "HKLM:\SOFTWARE\Classes\CLSID\{D4AA5E37-519C-367C-9C74-56220EABCA6D}\ProgId" -force -ea SilentlyContinue;
        New-Item "HKLM:\SOFTWARE\Classes\CLSID\{D4AA5E37-519C-367C-9C74-56220EABCA6D}\Implemented Categories\{62C8FE65-4EBB-45E7-B440-6E39B2CDBF29}" -force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\SecureMFA_SupportTools.SecureMFACOM_Class" -Name "(default)" -Value "SecureMFA_SupportTools.SecureMFACOM_Class" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\SecureMFA_SupportTools.SecureMFACOM_Class\CLSID" -Name "(default)" -Value "{70A8A539-0204-4DB6-B52A-3B467A7F4134}" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{70A8A539-0204-4DB6-B52A-3B467A7F4134}" -Name "(default)" -Value "SecureMFA_SupportTools.SecureMFACOM_Class" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{70A8A539-0204-4DB6-B52A-3B467A7F4134}\InprocServer32" -Name "(default)" -Value "mscoree.dll" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{70A8A539-0204-4DB6-B52A-3B467A7F4134}\InprocServer32" -Name "ThreadingModel" -Value "Both" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{70A8A539-0204-4DB6-B52A-3B467A7F4134}\InprocServer32" -Name "Class" -Value "SecureMFA_SupportTools.SecureMFACOM_Class" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{70A8A539-0204-4DB6-B52A-3B467A7F4134}\InprocServer32" -Name "Assembly" -Value "SecureMFA_SupportTools, Version=$dllversion, Culture=neutral, PublicKeyToken=f1c44194ebb1b5d8" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{70A8A539-0204-4DB6-B52A-3B467A7F4134}\InprocServer32" -Name "RuntimeVersion" -Value "v4.0.30319" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{70A8A539-0204-4DB6-B52A-3B467A7F4134}\InprocServer32\$dllversion" -Name "Class" -Value "SecureMFA_SupportTools.SecureMFACOM_Class" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{70A8A539-0204-4DB6-B52A-3B467A7F4134}\InprocServer32\$dllversion" -Name "Assembly" -Value "SecureMFA_SupportTools, Version=$dllversion, Culture=neutral, PublicKeyToken=f1c44194ebb1b5d8" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{70A8A539-0204-4DB6-B52A-3B467A7F4134}\InprocServer32\$dllversion" -Name "RuntimeVersion" -Value "v4.0.30319" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{70A8A539-0204-4DB6-B52A-3B467A7F4134}\ProgId" -Name "(default)" -Value "SecureMFA_SupportTools.SecureMFACOM_Class" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\SecureMFA_SupportTools.OTP" -Name "(default)" -Value "SecureMFA_SupportTools.OTP" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\SecureMFA_SupportTools.OTP\CLSID" -Name "(default)" -Value "{A25BE1A0-B7B8-3BBB-997B-D692302EB3FD}" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{A25BE1A0-B7B8-3BBB-997B-D692302EB3FD}" -Name "(default)" -Value "SecureMFA_SupportTools.OTP" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{A25BE1A0-B7B8-3BBB-997B-D692302EB3FD}\InprocServer32" -Name "(default)" -Value "mscoree.dll" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{A25BE1A0-B7B8-3BBB-997B-D692302EB3FD}\InprocServer32" -Name "ThreadingModel" -Value "Both" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{A25BE1A0-B7B8-3BBB-997B-D692302EB3FD}\InprocServer32" -Name "Class" -Value "SecureMFA_SupportTools.OTP" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{A25BE1A0-B7B8-3BBB-997B-D692302EB3FD}\InprocServer32" -Name "Assembly" -Value "SecureMFA_SupportTools, Version=$dllversion, Culture=neutral, PublicKeyToken=f1c44194ebb1b5d8" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{A25BE1A0-B7B8-3BBB-997B-D692302EB3FD}\InprocServer32" -Name "RuntimeVersion" -Value "v4.0.30319" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{A25BE1A0-B7B8-3BBB-997B-D692302EB3FD}\InprocServer32\$dllversion" -Name "Class" -Value "SecureMFA_SupportTools.OTP" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{A25BE1A0-B7B8-3BBB-997B-D692302EB3FD}\InprocServer32\$dllversion" -Name "Assembly" -Value "SecureMFA_SupportTools, Version=$dllversion, Culture=neutral, PublicKeyToken=f1c44194ebb1b5d8" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{A25BE1A0-B7B8-3BBB-997B-D692302EB3FD}\InprocServer32\$dllversion" -Name "RuntimeVersion" -Value "v4.0.30319" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{A25BE1A0-B7B8-3BBB-997B-D692302EB3FD}\ProgId" -Name "(default)" -Value "SecureMFA_SupportTools.OTP" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\SecureMFA_SupportTools.IDPAUTH" -Name "(default)" -Value "SecureMFA_SupportTools.IDPAUTH" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\SecureMFA_SupportTools.IDPAUTH\CLSID" -Name "(default)" -Value "{D4AA5E37-519C-367C-9C74-56220EABCA6D}" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{D4AA5E37-519C-367C-9C74-56220EABCA6D}" -Name "(default)" -Value "SecureMFA_SupportTools.IDPAUTH" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{D4AA5E37-519C-367C-9C74-56220EABCA6D}\InprocServer32" -Name "(default)" -Value "mscoree.dll" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{D4AA5E37-519C-367C-9C74-56220EABCA6D}\InprocServer32" -Name "ThreadingModel" -Value "Both" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{D4AA5E37-519C-367C-9C74-56220EABCA6D}\InprocServer32" -Name "Class" -Value "SecureMFA_SupportTools.IDPAUTH" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{D4AA5E37-519C-367C-9C74-56220EABCA6D}\InprocServer32" -Name "Assembly" -Value "SecureMFA_SupportTools, Version=$dllversion, Culture=neutral, PublicKeyToken=f1c44194ebb1b5d8" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{D4AA5E37-519C-367C-9C74-56220EABCA6D}\InprocServer32" -Name "RuntimeVersion" -Value "v4.0.30319" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{D4AA5E37-519C-367C-9C74-56220EABCA6D}\InprocServer32\$dllversion" -Name "Class" -Value "SecureMFA_SupportTools.IDPAUTH" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{D4AA5E37-519C-367C-9C74-56220EABCA6D}\InprocServer32\$dllversion" -Name "Assembly" -Value "SecureMFA_SupportTools, Version=$dllversion, Culture=neutral, PublicKeyToken=f1c44194ebb1b5d8" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{D4AA5E37-519C-367C-9C74-56220EABCA6D}\InprocServer32\$dllversion" -Name "RuntimeVersion" -Value "v4.0.30319" -PropertyType String -Force -ea SilentlyContinue;
        New-ItemProperty -LiteralPath "HKLM:\SOFTWARE\Classes\CLSID\{D4AA5E37-519C-367C-9C74-56220EABCA6D}\ProgId" -Name "(default)" -Value "SecureMFA_SupportTools.IDPAUTH" -PropertyType String -Force -ea SilentlyContinue;

        #Restart RDS Gateway service
        if((Get-Service tsgateway -ErrorAction SilentlyContinue).Status -ne $null) {
        write-host "Restarting tsgateway service." -ForegroundColor Green
        Stop-Service tsgateway
        Start-Service tsgateway}

    }
    catch
    {
        Write-Host "$($MyInvocation.InvocationName): $_" -ForegroundColor red
    }    


}