Param( [int] $Privacy = 1, [int] $Security = 0, [string] $DataFile = ".\data.json", [string] $TexFile = ".\telemetry.tex", [string] $LogFile = $null, [switch] $Verbose ) # Powershell does not catch "non terminating errors" -> make all exceptons "terminating" $ErrorActionPreference = "Stop" function logV([string] $text) { if ($Verbose) { log($text) } } function log([string] $text) { Write-Host $text if ("" -ne $LogFile) { Write-Output $text | Out-File -Append -FilePath $LogFile } } function check_key($key) { $message = "`nTesting key: $( $key.path )\$( $key.name )`n" $out = "" Try { $entry = Get-ItemProperty -Path $key.path -Name $key.name $value = $entry.($key.name) if ($value -eq $key.value) { logV("$message Correct value set: $value") return $out } else { log("$message Incorrect value: $value; Expected: $( $key.value )") } } Catch [System.Security.SecurityException] { log("$message Access denied, try again as administrator") return $out } Catch [System.Management.Automation.ItemNotFoundException] { log("$message Key Not Found") $value = $null } Catch [System.Management.Automation.PSArgumentException] { log("$message Subkey not found") $value = $null } Catch { log("$message Unexpected error") log($_.Exception) return $out } $out += $texItemTmpl -f$($key.path -replace "\\", "\\"), $( $key.name -replace "_", "\$&" ), ` $( $key.type -replace "_", "\$&" ), $key.value, $( if ($null -eq $value) { "Not set" } else { $value } ) return $out } $user = [Security.Principal.WindowsIdentity]::GetCurrent(); $isAdmin = (New-Object Security.Principal.WindowsPrincipal $user).IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator) if (-not$isAdmin) { logV("Started as a non admin") Write-Host "--------------------------------------------------------------------" Write-Host "!!! Your are running this Script as a non Admin !!!" Write-Host "Access to several registry keys might be denied" Write-Host "This will be shown in the resulting output" Write-Host "It is recommended to start this script as admin" Write-Host "--------------------------------------------------------------------" Write-Host "Press any key to continue ...`n" $host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") | Out-Null } if (("" -ne $LogFile) -And (Test-Path $LogFile)) { logV("Clear old log file") Remove-Item $LogFile } logV("Reading JSON file from $DataFile") $data = Get-Content -Encoding UTF8 -Raw -Path $DataFile | ConvertFrom-Json $texOut = "\begin{landscape}`n\section{Windows 10 Telemetry}`n" $texCatTmpl = "\multicolumn{{5}}{{l}}{{\textbf{{\textrm{{\ifgerman{{{0}}}{{{1}}}}}}}}}\\`n" $texItemTmpl = "\url{{{0}}} & {1} & {2} & {3} & {4}\\`n" ForEach ($scope in "Security", "Privacy") { if ($( Get-Variable -Name $scope -ValueOnly ) -eq 0) { logV("`nSkipping scope '$scope'") continue } $texOut += "\subsection{$scope}`n\begin{sytable}[\ifgerman{Abweichende Registrierungsschlüssel}{Differing registry keys}]{X-l-l-l-l} { \ifgerman{Schlüsselpfad}{Key path} & Name & \ifgerman{Typ}{Type} & \ifgerman{Soll}{To-be} & \ifgerman{Ist}{As-is} }`n" ForEach ($cat in $data.$($scope.tolower() )) { if ($cat.level -gt $( Get-Variable -Name $scope -ValueOnly )) { logV("`nSkipping category '$( $cat.name.en )'") continue } logV("`nProcessing category '$( $cat.name.en )'") $first = $true # Processing keys ForEach ($key in $cat.keys) { $retValue = check_key($key) if ($retValue -eq "") { <# check local GPO as well: for "HKLM:\SOFTWARE\Policies\Microsoft\Windows\X" check "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\X"#> if ( $key.path.Contains("SOFTWARE\Policies\Microsoft\Windows")) { $key.path.Replace("Policies\Microsoft\Windows", "Microsoft\Windows\CurrentVersion\Policies") $retValue = check_key($key) } if ($retValue -eq "") { continue } } if ($first) { $texOut += $texCatTmpl -f $cat.name.de, $cat.name.en $first = $false } $texOut += $retValue } } $texOut += "\end{sytable}`n" } $texOut += "\end{landscape}`n`n" Out-File -InputObject $texOut -FilePath $TexFile