; Copyright (c) uib gmbh (www.uib.de) ; This sourcecode is owned by uib ; and published under the Terms of the General Public License. ; credits: http://www.opsi.org/en/credits/ [Actions] requiredWinstVersion >= "4.10.8.6" DefVar $MsiId$ DefVar $UninstallProgram$ DefVar $LogDir$ DefVar $ProductId$ DefVar $MinimumSpace$ DefVar $InstallDir$ DefVar $ExitCode$ DefVar $LicenseRequired$ DefVar $LicenseKey$ DefVar $LicensePool$ DefVar $RegKeyRebootCounter$ DefVar $RebootCounter$ Set $RegKeyRebootCounter$ = "[HKLM\SOFTWARE\opsi.org\custom\bitlocker]" DefVar $TpmPassword$ DefVar $RecoveryPassword$ Set $LogDir$ = "%SystemDrive%\tmp" ; ---------------------------------------------------------------- ; - Please edit the following values - ; ---------------------------------------------------------------- ;$ProductId$ should be the name of the product in opsi ; therefore please: only lower letters, no umlauts, ; no white space use '-' as a seperator Set $ProductId$ = "bitlocker" Set $MinimumSpace$ = "1 MB" ; the path were we find the product after the installation ;Set $InstallDir$ = "%ProgramFiles32Dir%\" ;Set $LicenseRequired$ = "false" ;Set $LicensePool$ = "p_" + $ProductId$ ; ---------------------------------------------------------------- if not(HasMinimumSpace ("%SystemDrive%", $MinimumSpace$)) LogError "Not enough space on %SystemDrive%, " + $MinimumSpace$ + " on drive %SystemDrive% needed for " + $ProductId$ isFatalError ; Stop process and set installation status to failed else comment "Show product picture" ShowBitmap "%ScriptPath%\logo.png" $ProductId$ ;if FileExists("%ScriptPath%\delsub.ins") ; comment "Start uninstall sub section" ; Sub "%ScriptPath%\delsub.ins" ;endif sub_get_rebootcounter comment "rebootcounter = $RebootCounter$" Message "Installing " + $ProductId$ + ", Counter: " + $RebootCounter$ comment "Start setup program" set $TpmPassword$ = GetProductProperty("TpmPassword", "none") set $RecoveryPassword$ = GetProductProperty("RecoveryPassword", "none") ShellInAnIcon_status winst /sysnative if (( $RebootCounter$ = "" ) or ( $RebootCounter$ = "0" )) #winbatch_tpm_activate #sub_check_exitcode_tpm_activate ShellInAnIcon_tpm_activate winst /sysnative set $RebootCounter$ = "1" sub_do_reboot endif #winbatch_tpm_TakeOwnerShip #sub_check_exitcode_tpm_TakeOwnerShip ShellInAnIcon_tpm_TakeOwnerShip winst /sysnative #winbatch_bitlocker_activate #sub_check_exitcode_bitlocker_activate ShellInAnIcon_tpm_bitlocker_activate winst /sysnative ExitWindows /Reboot ShellInAnIcon_status winst /sysnative endif [ShellInAnIcon_status] manage-bde -status manage-bde -protectors c: -get [ShellInAnIcon_tpm_activate] manage-bde -tpm -TurnOn [winbatch_tpm_activate] manage-bde -tpm -TurnOn [sub_check_exitcode_tpm_activate] comment "Test exit code" # WARNING: # There are systems, that return 0, even if the TPM is already activated. # This results in an endless loop # set $ExitCode$ = getLastExitCode if ($ExitCode$ = "0") comment "Looks good: setup program gives exitcode zero. Reboot required" ExitWindows /ImmediateReboot else if ($ExitCode$ = "-1") comment "TPM is already activated, ignored" else logError "Fatal: unknown error code ("+$ExitCode$+"), giving up" isFatalError endif endif [ShellInAnIcon_tpm_TakeOwnerShip] manage-bde -tpm -TakeOwnerShip $TpmPassword$ [winbatch_tpm_TakeOwnerShip] manage-bde -tpm -TakeOwnerShip $TpmPassword$ [sub_check_exitcode_tpm_TakeOwnerShip] comment "Test exit code" set $ExitCode$ = getLastExitCode if ($ExitCode$ = "0") comment "Looks good: setup program gives exitcode zero" else if ($ExitCode$ = "-1") comment "TPM has an owner. ignored" else logError "Fatal: unknown error code ("+$ExitCode$+"), giving up" isFatalError endif endif [ShellInAnIcon_bitlocker_activate] manage-bde -on c: -RecoveryPassword $RecoveryPassword$ [winbatch_bitlocker_activate] manage-bde -on c: -RecoveryPassword $RecoveryPassword$ [sub_check_exitcode_bitlocker_activate] comment "Test exit code" set $ExitCode$ = getLastExitCode if ($ExitCode$ = "0") comment "Looks good: setup program gives exitcode zero" ExitWindows /Reboot else logError "Fatal: unknown error code ("+$ExitCode$+"), giving up" isFatalError endif [Sub_check_exitcode] comment "Test for installation success via exit code" set $ExitCode$ = getLastExitCode ; informations to exit codes see ; http://msdn.microsoft.com/en-us/library/aa372835(VS.85).aspx ; http://msdn.microsoft.com/en-us/library/aa368542.aspx if ($ExitCode$ = "0") comment "Looks good: setup program gives exitcode zero" else comment "Setup program gives a exitcode unequal zero: " + $ExitCode$ if ($ExitCode$ = "1605") comment "ERROR_UNKNOWN_PRODUCT 1605 This action is only valid for products that are currently installed." comment "Uninstall of a not installed product failed - no problem" else if ($ExitCode$ = "1641") comment "looks good: setup program gives exitcode 1641" comment "ERROR_SUCCESS_REBOOT_INITIATED 1641 The installer has initiated a restart. This message is indicative of a success." else if ($ExitCode$ = "3010") comment "looks good: setup program gives exitcode 3010" comment "ERROR_SUCCESS_REBOOT_REQUIRED 3010 A restart is required to complete the install. This message is indicative of a success." else logError "Fatal: Setup program gives an unknown exitcode unequal zero: " + $ExitCode$ isFatalError endif endif endif endif [sub_get_rebootcounter] Set $RebootCounter$ = GetRegistryStringValue( $RegKeyRebootCounter$ + "RebootCounter") if ( $RebootCounter$ = "" ) set $RebootCounter$ = "0" endif [sub_set_rebootcounter] if ( $RebootCounter$ = "" ) set $RebootCounter$ = "0" endif registry_rebootcounter [sub_do_reboot] sub_set_rebootcounter ExitWindows /ImmediateReboot [registry_rebootcounter] openkey $RegKeyRebootCounter$ set "RebootCounter" = "$Rebootcounter$"