-
Notifications
You must be signed in to change notification settings - Fork 0
/
CreateTaskScheduleUSBControl.ps1
41 lines (22 loc) · 1.44 KB
/
CreateTaskScheduleUSBControl.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#Creates task schedule to launch powershell script that checks usb mass storage and only allows approved ones
#This powershell must be run from Admin prompt
#Assumes usb mass storage script is c:\programdata\usbcontrol\checkifapprovedusb.ps1
#Change that in $schTaskArguments line if needed
#Error message if there is already a task called 'USBControl' is to be expected
#Variables for use with New-ScheduledTaskAction
$schTaskExecute = "C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe"
$schTaskArguments = "Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope Process -Force ; Start-Process C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe -ArgumentList '-noExit c:\programdata\usbcontrol\checkifapprovedusb.ps1'"
# Variables for use with Register-ScheduledTask
$schTaskTrigger = New-ScheduledTaskTrigger -AtStartup
# Name that appears in Task Scheduler
$schTaskName = "USBControl"
$schTaskUser = "NT AUTHORITY\SYSTEM"
# Does the task already exist on this device?
$schTaskExists = Get-ScheduledTask -TaskName $schTaskName -TaskPath \
if($schTaskExists) {
#Task does exist, delete it
Unregister-ScheduledTask -TaskName $schTaskName -Confirm:$false
}
#Create scheduled task
$schTask= New-ScheduledTaskAction -Execute $schTaskExecute -Argument $schTaskArguments
Register-ScheduledTask -TaskName $schTaskName -User $schTaskUser -Action $schTask -RunLevel Highest -Trigger $schTaskTrigger