Including winget in NTLite image for Post-Setup installs

Except NTLite has no current support to accept a folder of package files and Licenses, and match them.

I have an unreleased script to insert custom actions into <Commands><PostUpdates>. Right now, it does your WA files.
Guess my "to do" list keeps growing...
 
I don't know if I'm running the code correctly. It seems like it is not installing winget

<Item type="Command">
<Path>start cmd/c</Path>
<Params>powershell -NoProfile -ExecutionPolicy Bypass -file "C:\SetupWinget\winget-OEMSetup_part1.ps1"</Params>
<Index>0</Index>
</Item>
<Item type="CommandU">
<Path>powershell</Path>
<Params>-NoProfile -ExecutionPolicy Bypass -file "C:\SetupWinget\winget-OEMSetup_part2.ps1"</Params>
<Index>1000</Index>
</Item>
 
I don't know if I'm running the code correctly. It seems like it is not installing winget
The second batch of instructions is reserved for users with OEM license keys (in factory BIOS).
Otherwise run the first set of instructions.

The corrected command in your preset would be:
<Path>start</Path>
<Params>cmd /c powershell -NoProfile -ExecutionPolicy Bypass -file "C:\SetupWinget\winget-OEMSetup_part1.ps1"</Params>
 
1. Check OEM Setup on Unattended's menu bar.

2. Copy files to new ISO folder \sources\$OEM$\$1\SetupWinget
Code:
2/07/2023  11:07 AM             2,688 3463fe9ad25e44f28630526aa9ad5648_License1.xml
2/07/2023  11:07 AM        15,454,493 Microsoft.DesktopAppInstaller_8wekyb3d8bbwe.msixbundle
2/07/2023  11:07 AM         5,070,720 Microsoft.UI.Xaml.2.7_7.2208.15002.0_x64__8wekyb3d8bbwe.appx
2/07/2023  11:07 AM         6,638,831 Microsoft.VCLibs.140.00.UWPDesktop_14.0.30704.0_x64__8wekyb3d8bbwe.appx
2/07/2023  11:07 AM             1,126 winget-OEMSetup_part1.ps1
2/07/2023  11:07 AM             1,404 winget-OEMSetup_part2.ps1

3. Post-Setup tasks

Capture.PNG

winget 1.4 still hasn't fixed their Chrome issue... Roll back to winget 1.3.2691

Windows 10 x64-2023-02-07-12-49-57.png
 
I put it in the mounted drive directly. Does that make a difference?

I looked in the sources folder. I have a folder label $$ not $1. Do I make a $1 folder?
 
$1 = target C:\
$$ = target C:\Windows

You don't want to avoid writing to C:\Windows if possible, it minimizes error.
 
I have done everything in the posts. copied the files to \sources\$OEM$\$1\SetupWinget and have it set up in post. but keeps giving me the same error message.
 

Attachments

  • Win10wingetsetup.zip
    15 KB
I think I see what I did. I used "Microsoft.VCLibs.140.00_14.0.30704.0_x64__8wekyb3d8bbwe.appx" instead of "Microsoft.VCLibs.140.00.UWPDesktop_14.0.30704.0_x64__8wekyb3d8bbwe.appx"
 
Curious; For the hard-coded path, would it make sense to use $PSScriptRoot?
Yes and no. For someone who's familiar with PS, it makes total sense.

But my intent was to make the temp folder as obvious for non-programmers. And technically the PS scripts don't need to live in the same folder as the packages. A casual user can get quickly confused if they don't see the actual path to guide them.
 
I'm trying to do this exact thing. Tried a different method to accomplish getting a Windwos 10 ISO that automatically installs the latest version of programs like Chrome etc from Winget with no success. So has anyone found out how to get this to fully work? If so is there some definitive instructions?
 
I finished rewriting my script; it took over a week of testing to discover many normal steps didn't work in unattended Setup...

We'll install winget 1.3 development branch from GitHub (not Store), which introduces the new feature of downloading Store apps without using any Microsoft Account. Don't know if 22H2's next version will catch up to the dev branch.

View attachment 7773View attachment 7774

1. Download PowerShell GUI for downloading Microsoft Store Apps, and select any version of Microsoft.DesktopAppInstaller.

We don't care about the actual DesktopAppInstaller package file, delete it now.
Look for the saved package files Microsoft.UI.Xaml.2.7 & Microsoft.VCLibs.140.00.UWPDesktop.

2. Download the latest winget-cli release from https://github.com/microsoft/winget-cli/releases/latest
UPDATE - winget 1.4 doesn't install Chrome, please use 1.3.2691

Click on the "Assets" arrow to reveal the file listings.
What we need are the MSIX bundle & matching License1.xml (it changes on every release).
Code:
7bcb1a0ab33340daa57fa5b81faec616_License1.xml
Microsoft.DesktopAppInstaller_8wekyb3d8bbwe.msixbundle

3. Edit the winget_install.ps1 script, and update your install list.
Code:
$winget_Apps = @(
    "Google.Chrome",
    "Adobe.Acrobat.Reader.32-bit",
    "Oracle.JavaRuntimeEnvironment"
)

4. Create a new $OEM$\$1\SetupWinget subfolder under the ISO mount directory's sources folder.

5. Copy these files to there (file versions will change):
Code:
7bcb1a0ab33340daa57fa5b81faec616_License1.xml
Microsoft.DesktopAppInstaller_8wekyb3d8bbwe.msixbundle
Microsoft.UI.Xaml.2.7_7.2208.15002.0_x64__8wekyb3d8bbwe.appx
Microsoft.VCLibs.140.00.UWPDesktop_14.0.30704.0_x64__8wekyb3d8bbwe.appx
winget_install.ps1

6. Add winget_install.ps1 to Post-Setup, Machine - Execution as Command:
Code:
powershell -NoProfile -ExecutionPolicy Bypass -File "C:\SetupWinget\winget_install.ps1"

For the long technical notes, read below.
Unwinding the different layers took a while. Post-Setup runs as SYSTEM, which is allowed to add provisioned packages but cannot trigger Add-AppxPackage -- since it's a Service Account. winget.exe exists at that point, but cannot run until the first user gets provisioned.

A solution proposed by David Just to force this action by scheduling an user task looks intriguing, but absolutely doesn't work for us.

Due to Windows' normal security model, unattended user tasks can't run in the background.
Assigning Logon as a batch job for users running unattended tasks

While we could change the security profile, it still doesn't work because we need the user's password. There's no way to handle this if you left the unattended file blank, and created a new user in OOBE Setup.

The answer would be split work across two tasks: SYSTEM runs Add-AppxProvisionedPackage, user runs Add-AppxPackage and winget is ready.
But now the problem is winget doesn't run elevated, and can't install anything.

What's the fix? Write a script which runs twice, once as SYSTEM and self-scheduling as local user. This solves the elevation problem and makes setup very simple with one file to manage.

Now the script's got a final problem, typing in PowerShell's window can interrupt it. Just don't touch it!
Hi garlin, thanks for this.

I have tested starting the script manually and it works too.

In my case I would like to use this script manually, that is, run it myself after installing windows, I do not intend to use it through the post-setup, as I always prefer to install windows with the connection turned off.

But I don't understand anything about PowerShell, just the basics of batch. But from what I understand this script creates a scheduled task to run after logon and also deletes the folders after finishing the installations.

As I will always use it manually, if possible, could you please tell me what i need to change/remove in order for this script to work correctly and not delete the folder after it's done?

I found this script very useful as without it I would need to go into the store first and update the App installer as for some reason it doesn't come natively with the winget.

thanks in advance
 

Attachments

  • vmware_cgK1UleDuR.png
    vmware_cgK1UleDuR.png
    482.1 KB
This line removes the package folder:
Remove-Item $PackagePath -Recurse -Force​

If you just want to install winget manually, you don't need any scripts. The script tries to solve the UAC problem, because Post-Setup (User) commands don't run with Admin privileges. When you install it by hand, you're agreeing to the UAC prompt.

Assuming you haven't removed the AppX Installer package, just open Explorer and click on the winget package file. Windows will automatically install everything for you. It's that simple.

winget's GitHub release runs ahead of the Store's version, but it allows you to install Store packages without needing a MS Account. Which is probably why they keep the two versions separate.
 
This line removes the package folder:
Remove-Item $PackagePath -Recurse -Force​

If you just want to install winget manually, you don't need any scripts. The script tries to solve the UAC problem, because Post-Setup (User) commands don't run with Admin privileges. When you install it by hand, you're agreeing to the UAC prompt.

Assuming you haven't removed the AppX Installer package, just open Explorer and click on the winget package file. Windows will automatically install everything for you. It's that simple.

winget's GitHub release runs ahead of the Store's version, but it allows you to install Store packages without needing a MS Account. Which is probably why they keep the two versions separate.
Nice, thanks

I thought it was necessary to install the dependencies manually too, but the store/win automatically downloads as you said.
 
I've managed to get this working on our MDT server using the code that Chris Titus uses to install winget with his Windows Utility. Not sure if it will work with NTLite post setup, not given it a try, but I managed to get it working during the Install Application task sequence on MDT (which happens after automatic login).

He has a guide on it here.

Here is the PowerShell script that I tweaked slightly.
Code:
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
Set-PSRepository -Name 'PSGallery' -InstallationPolicy Trusted
Install-Script -Name winget-install -Force
winget-install.ps1
 
This is what is working for me for windows 11 22h2.

Installs latest winget from github and some examples for a few apps.
Now I just have to get it to run during setup :rolleyes:

Code:
# Get latest download url
$URL = "https://api.github.com/repos/microsoft/winget-cli/releases/latest"
$URL = (Invoke-WebRequest -Uri $URL).Content | ConvertFrom-Json |
        Select-Object -ExpandProperty "assets" |
        Where-Object "browser_download_url" -Match '.msixbundle' |
        Select-Object -ExpandProperty "browser_download_url"

# Download
Invoke-WebRequest -Uri $URL -OutFile "Setup.msix" -UseBasicParsing

# Install
Add-AppxPackage -Path "Setup.msix"

# Cleanup 
Remove-Item "Setup.msix"

#Install some apps
# Install Firefox
Write-Output "Installing Firefox..."
winget install Mozilla.Firefox -e --accept-source-agreements

# Install Chrome
Write-Output "Installing Chrome..."
winget install Google.Chrome -e --accept-source-agreements

# Install Acrobat Reader
Write-Output "Installing Acrobat Reader..."
winget install Adobe.Acrobat.Reader.64-bit -e --accept-source-agreements
 
By using gameros presets it removed something that is required for Winget and installation of winget can anyone help with the ntlite files i should be looking for.
 
Back
Top