Install Chocolatey via PowerShell & Post-Setup software


New Member
I use Chocolatey ( as my source of software installation and would like to know if it is possible to run a Powershell script to install chocolatey (and maybe the software I need) during the post setup. Normally you run the following command in Powershell to install Chocolatey

Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString(''))

After that you can install software via the powershell with
choco install adobereader
for example.

You can even automatically confirm every installation aka silent install with
choco feature enable -n allowGlobalConfirmation
to skip the "Do you want to run the script?([Y]es/[A]ll - yes to all/[N]o/[P]rint):" during the installation.

So, my thoughts are to include three scripts:

1) Install Chocolatey
2) Allow auto-confirm every installation
3) Including the installation command for all the software I need

The problems I have so far are:
1) I have no clue how to write a powershell script (Can I simply put the code above in a file and save it as powershell script?)
2) Chocolatey needs to run in administrative shell to work. Is this somehow possible during post-setup?

Maybe you can point me in the right direction to make this work.
Write a short batch script, ChocolateyInstall.bat. You need to add Chocolatey's path before calling it.
@echo off
powershell -NoProfile -ExecutionPolicy Bypass -Command "[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString(''))"
set PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin

choco install adobereader -y

My preference is not disabling all confirmations, since it affects the command-line.
garlin Hi , i'm trying to understand how to use this script properly, consider that i have literally 0 exp in scripting..
I wanted to make choco run immediately after first login.
I have to create a folder under C:/Programdata/ called chocolatey (like the software usually does in normal installation) in the w10 modified image before closing it with NTlite?
Then just add this line of code in a batch file, add the path and attach it in the post setup tab in ntlite?
I never used post setup feature, i usually run choco manually after installation.
Copy the above script to a batch file, and add your packages at the bottom.
choco install adobereader -y
choco install firefox -y

Run the script from Post-Setup. It will install both Chocolatey and your package list before the first user's logon.

Windows 10 x64-2022-10-25-21-21-43.png
hello, I am playing with the script now, but it won't install anything unless it is run as admin. Is there a way to run this script as admin from the post-setup?

Chocolatey has to run as admin, how else does it get install rights?

W10/11 creates a dilemma: OOBE posts this obscuring animation to hide what would be the Post-Setup "desktop" in W7/8.
- Without the screen, you can watch the progress of choco (or any app installer).
- If you wanted to watch progress, the script has to be moved to User - Execution, except you no longer have admin rights.

A wrapper is required to work around this, maybe I can cobble up something.
Recycling the winget wrapper did the trick. Gotta work on resizing the window, but admin choco's running so you can watch.

Windows 10 x64-2023-01-10-21-52-15.png
here is the script I use it's a ".bat" file:

@echo off

##admin rights
:: BatchGotAdmin
REM --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
goto UACPrompt
) else ( goto gotAdmin )
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
set params = %*:"=""
echo UAC.ShellExecute "cmd.exe", "/c %~s0 %params%", "", "runas", 1 >> "%temp%\getadmin.vbs"
del "%temp%\getadmin.vbs"
exit /B
pushd "%CD%"
CD /D "%~dp0"
## chocolately installation
powershell -NoProfile -ExecutionPolicy Bypass -Command "[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString(''))"
set PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin
## silent installation option
choco feature enable -n allowGlobalConfirmation
## installation of a selection of packages the -y option is to avoid any confimation request
choco install adobereader 7zip firefox notepadplusplus vlc choco-upgrade-all-at-startup -y

in the first part of this script, we grant it with admin rights, then we proceed with a chocolately instllation.
after we set the silent chocolately package installation option and at the end we have the packages installation (adobereader, 7zip, vlc, firefox, notepad++) and their startup check for updates with the package "choco-upgrade-all-at-startup".

in order to work properly the networkcard should be correctly installed, otherwise it won't do anything at all, that means that the iso created should be capable to install the correct networkcard driver.
What bothers me most when running Chocolatey from CMD: Quick Edit is enabled by default.

Quick Edit is the CMD console feature when you have input focus, and hit the space bar, all screen output is paused until you hit space again. Sometimes when you're installing multiple packages, or waiting for a large package to download -- it's too easy to pause choco install by the wrong key press. I found a PS workaround to disable Quick Edit just for the running process.

This script runs Chocolatey in a 120x30 window, so you can watch all progress w/o it taking over your full screen, or getting paused.
If you want to automate choco installs, add a copy of this script to Post-Setup (User).

$Packages = @(

try {
    [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072
    iex ((New-Object System.Net.WebClient).DownloadString(''))
catch {
    Write-EventLog -LogName Application -EventID 1 -EntryType Error -Source Chocolatey -Message "System.Net.WebClient: $_.Exception.Message"
    Exit 1

Add-Type -MemberDefinition @"
    [DllImport("kernel32.dll", SetLastError=true)] public static extern IntPtr GetStdHandle(int handle);
    [DllImport("kernel32.dll", SetLastError=true)] public static extern bool SetConsoleMode(IntPtr hConsoleHandle, int mode);
"@ -Namespace Win32 -Name NativeMethods

$Handle = [Win32.NativeMethods]::GetStdHandle(-10)
$null = [Win32.NativeMethods]::SetConsoleMode($Handle, 0x0080)

$Version = choco | Select-String 'Chocolatey'
$Host.UI.RawUI.WindowTitle = $Version
mode con: cols=120 lines=30

try {
    choco install $Packages -y
catch {
    Write-EventLog -LogName Application -EventID 1 -EntryType Error -Source Chocolatey -Message "choco install: $_.Exception.Message"
    Exit 1
Hello, greetings everyone, in summary this script would look in the iso? Does it go in a folder or does it integrate with NTLite? I ask because I have that doubt, it may be a rookie but I prefer to ask.
Save this script to a new .ps1 file. From the Post-Setup (Before logon) screen, Add the new file. NTLite will stage it on the ISO for you.