jschlackman · November 9, 2025 00:57
diff --git a/Pull-MsiInstall.ps1 b/Pull-MsiInstall.ps1
 <#
    .SYNOPSIS
    Downloads an .msi installer from an internet resource and installs it.

    .DESCRIPTION

    Downloads a signed .msi installer from an internet resource, validates the downloaded file's signature,
    and silently installs it with the option to pass specified arguments.

    Author: James Schlackman <[email protected]>
    Last Modified: Nov 8 2025

    .PARAMETER InstallerUri
    Specifies the Uniform Resource Identifier (URI) of the installer. This parameter supports HTTP or HTTPS only.
    
    .PARAMETER InstallerArgs
    Key-value pairs of additional arguments to pass to the installer.

    .PARAMETER NoRestart
    Stops the device from restarting after the installation completes.

    .EXAMPLE
    Pull-MsiInstall -InstallerUri 'https://downloads.contoso.com/rmmagent.msi' -InstallerArgs @{API_KEY = a1234b1234c1234}
 #>

 function Pull-MsiInstall {

    #Requires -RunAsAdministrator

    Param (
        [Parameter(Mandatory)] [String] [ValidateNotNullOrEmpty()] $InstallerUri,
        [Parameter()] [Hashtable] $InstallerArgs,
        [Parameter()] [Switch] $NoRestart
    )

    $payloadFile = '{0}\{1}' -f $env:TEMP, ($InstallerUri -split '/')[-1]
    $msiArgs = '/q /i "{0}"' -f $payloadFile
    $msiSuccess = 0,1641,3010

    # Try to download the installer
    Invoke-WebRequest -Uri $InstallerUri -OutFile $payloadFile -Method Get

    # Check downloaded installer is valid
    $payloadCert = Get-AuthenticodeSignature -FilePath $payloadFile
    If ($payloadCert.Status -eq 'Valid') {

        Write-Output ('{0} Signed by: {1}' -f $payloadCert.StatusMessage, $payloadCert.SignerCertificate.DnsNameList.Unicode)
        
        # Start logging the install
        Write-Output ('Installing {0}' -f $payloadFile)

        # Add each specified argument to the msiexec command line
        foreach ($Arg in $InstallerArgs.Keys) {
            Write-Output ('{0}: {1}' -f $Arg, $InstallerArgs[$Arg])
            $msiArgs += ' {0}={1}' -f $Arg, $InstallerArgs[$Arg]
        }

        # Add norestart if specified
        If ($NoRestart) {
            $msiArgs += ' /norestart'
        }
        
        # Run the installer and log the exit code
        $msiResult = Start-Process -Wait -FilePath 'msiexec.exe' -ArgumentList $msiArgs -PassThru

        # Remove installer from temp folder if install was successful        
        If ($msiResult.ExitCode -in $msiSuccess) {
            Write-Output 'Install successful.'
            Remove-Item $payloadFile
        } Else {
            Write-Warning 'Install not successful.'
        }

        # Report exit code
        Write-Output ('Exit code: {0}' -f $msiResult.ExitCode)
    } Else {
        Write-Error -Category InvalidData -Message 'Installer signature not valid.'
    }
 }
	<#
	.SYNOPSIS
	Downloads an .msi installer from an internet resource and installs it.

	.DESCRIPTION

	Downloads a signed .msi installer from an internet resource, validates the downloaded file's signature,
	and silently installs it with the option to pass specified arguments.

	Author: James Schlackman <[email protected]>
	Last Modified: Nov 8 2025

	.PARAMETER InstallerUri
	Specifies the Uniform Resource Identifier (URI) of the installer. This parameter supports HTTP or HTTPS only.

	.PARAMETER InstallerArgs
	Key-value pairs of additional arguments to pass to the installer.

	.PARAMETER NoRestart
	Stops the device from restarting after the installation completes.

	.EXAMPLE
	Pull-MsiInstall -InstallerUri 'https://downloads.contoso.com/rmmagent.msi' -InstallerArgs @{API_KEY = a1234b1234c1234}
	#>

	function Pull-MsiInstall {

	#Requires -RunAsAdministrator

	Param (
	[Parameter(Mandatory)] [String] [ValidateNotNullOrEmpty()] $InstallerUri,
	[Parameter()] [Hashtable] $InstallerArgs,
	[Parameter()] [Switch] $NoRestart
	)

	$payloadFile = '{0}\{1}' -f $env:TEMP, ($InstallerUri -split '/')[-1]
	$msiArgs = '/q /i "{0}"' -f $payloadFile
	$msiSuccess = 0,1641,3010

	# Try to download the installer
	Invoke-WebRequest -Uri $InstallerUri -OutFile $payloadFile -Method Get

	# Check downloaded installer is valid
	$payloadCert = Get-AuthenticodeSignature -FilePath $payloadFile
	If ($payloadCert.Status -eq 'Valid') {

	Write-Output ('{0} Signed by: {1}' -f $payloadCert.StatusMessage, $payloadCert.SignerCertificate.DnsNameList.Unicode)

	# Start logging the install
	Write-Output ('Installing {0}' -f $payloadFile)

	# Add each specified argument to the msiexec command line
	foreach ($Arg in $InstallerArgs.Keys) {
	Write-Output ('{0}: {1}' -f $Arg, $InstallerArgs[$Arg])
	$msiArgs += ' {0}={1}' -f $Arg, $InstallerArgs[$Arg]
	}

	# Add norestart if specified
	If ($NoRestart) {
	$msiArgs += ' /norestart'
	}

	# Run the installer and log the exit code
	$msiResult = Start-Process -Wait -FilePath 'msiexec.exe' -ArgumentList $msiArgs -PassThru

	# Remove installer from temp folder if install was successful
	If ($msiResult.ExitCode -in $msiSuccess) {
	Write-Output 'Install successful.'
	Remove-Item $payloadFile
	} Else {
	Write-Warning 'Install not successful.'
	}

	# Report exit code
	Write-Output ('Exit code: {0}' -f $msiResult.ExitCode)
	} Else {
	Write-Error -Category InvalidData -Message 'Installer signature not valid.'
	}
	}
No results found