From b34d95f1cb507ba1563325561a097622379b31ed Mon Sep 17 00:00:00 2001 From: Marc Smeets Date: Fri, 30 Mar 2018 13:00:10 +0200 Subject: [PATCH] Initial commit --- .gitattributes | 2 + Configs/.gitkeep | 0 Configs/.gitkeep_1 | 0 Configs/labs_config.xml | 217 ++++ Configs/unattend/.gitkeep | 0 Configs/unattend/unattend.win10.xml | 405 ++++++ .../unattend/unattend.win10_regularboot.xml | 341 +++++ Configs/unattend/unattend.win2008R2.xml | 199 +++ .../unattend.win2008R2_regularboot.xml | 155 +++ Configs/unattend/unattend.win2012R2.xml | 192 +++ .../unattend.win2012R2_regularboot.xml | 160 +++ Configs/unattend/unattend.win2016.xml | 169 +++ .../unattend/unattend.win2016_regularboot.xml | 163 +++ Configs/unattend/unattend.win7.xml | 337 +++++ .../unattend/unattend.win7_regularboot.xml | 277 ++++ Configs/unattend/unattend.win8.1.xml | 427 +++++++ .../unattend/unattend.win8.1_regularboot.xml | 365 ++++++ Disks/.gitkeep | 0 Disks/parentdisks/.gitkeep | 0 Invoke-ADLabDeployer.ps1 | 1109 +++++++++++++++++ ...Deployer_consoleoutput_CheckConfigOnly.txt | 87 ++ ...ke-ADLabDeployer_consoleoutput_fullrun.txt | 421 +++++++ LICENSE | 29 + README.md | 232 ++++ SoftwareInstallers/.gitkeep | 0 .../Office14x64_notrecommendbyMSFT/.gitkeep | 0 .../Office14x64_notrecommendbyMSFT/config.xml | 23 + SoftwareInstallers/Office14x86/.gitkeep | 0 SoftwareInstallers/Office14x86/config.xml | 23 + SoftwareInstallers/Office15x64/.gitkeep | 0 SoftwareInstallers/Office15x64/config.xml | 23 + SoftwareInstallers/Office15x86/.gitkeep | 0 SoftwareInstallers/Office15x86/config.xml | 23 + SoftwareInstallers/Office16x64/.gitkeep | 0 SoftwareInstallers/Office16x64/Config.xml | 23 + SoftwareInstallers/Office16x86/.gitkeep | 0 SoftwareInstallers/Office16x86/Config.xml | 23 + 37 files changed, 5425 insertions(+) create mode 100644 .gitattributes create mode 100755 Configs/.gitkeep create mode 100755 Configs/.gitkeep_1 create mode 100755 Configs/labs_config.xml create mode 100755 Configs/unattend/.gitkeep create mode 100755 Configs/unattend/unattend.win10.xml create mode 100755 Configs/unattend/unattend.win10_regularboot.xml create mode 100755 Configs/unattend/unattend.win2008R2.xml create mode 100755 Configs/unattend/unattend.win2008R2_regularboot.xml create mode 100755 Configs/unattend/unattend.win2012R2.xml create mode 100755 Configs/unattend/unattend.win2012R2_regularboot.xml create mode 100755 Configs/unattend/unattend.win2016.xml create mode 100755 Configs/unattend/unattend.win2016_regularboot.xml create mode 100755 Configs/unattend/unattend.win7.xml create mode 100755 Configs/unattend/unattend.win7_regularboot.xml create mode 100755 Configs/unattend/unattend.win8.1.xml create mode 100755 Configs/unattend/unattend.win8.1_regularboot.xml create mode 100755 Disks/.gitkeep create mode 100755 Disks/parentdisks/.gitkeep create mode 100755 Invoke-ADLabDeployer.ps1 create mode 100755 Invoke-ADLabDeployer_consoleoutput_CheckConfigOnly.txt create mode 100755 Invoke-ADLabDeployer_consoleoutput_fullrun.txt create mode 100644 LICENSE create mode 100755 README.md create mode 100755 SoftwareInstallers/.gitkeep create mode 100755 SoftwareInstallers/Office14x64_notrecommendbyMSFT/.gitkeep create mode 100755 SoftwareInstallers/Office14x64_notrecommendbyMSFT/config.xml create mode 100755 SoftwareInstallers/Office14x86/.gitkeep create mode 100755 SoftwareInstallers/Office14x86/config.xml create mode 100755 SoftwareInstallers/Office15x64/.gitkeep create mode 100755 SoftwareInstallers/Office15x64/config.xml create mode 100755 SoftwareInstallers/Office15x86/.gitkeep create mode 100755 SoftwareInstallers/Office15x86/config.xml create mode 100755 SoftwareInstallers/Office16x64/.gitkeep create mode 100755 SoftwareInstallers/Office16x64/Config.xml create mode 100755 SoftwareInstallers/Office16x86/.gitkeep create mode 100755 SoftwareInstallers/Office16x86/Config.xml diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..dfe0770 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,2 @@ +# Auto detect text files and perform LF normalization +* text=auto diff --git a/Configs/.gitkeep b/Configs/.gitkeep new file mode 100755 index 0000000..e69de29 diff --git a/Configs/.gitkeep_1 b/Configs/.gitkeep_1 new file mode 100755 index 0000000..e69de29 diff --git a/Configs/labs_config.xml b/Configs/labs_config.xml new file mode 100755 index 0000000..c45cc18 --- /dev/null +++ b/Configs/labs_config.xml @@ -0,0 +1,217 @@ + + + + 10.202.1.0/24 + 10.202.1.1 + + + 10.202.2.0/24 + 10.202.2.1 + + + . + server1 + Outflank123 + + + windows2012R2x64 + unattend\unattend.win2012R2.xml + ted:Outflank123 + parent-en_windows_server_2012_r2_essentials_with_update_x64_dvd_6052824-updated201704 + net1 + 10.202.1.11/24 + BreakMe.local + True + Chrome\googlechromestandaloneenterprise.msi + 7z\7z1801-x86.msi + npp\npp.7.5.0.installer.x86.msi + + + windows2016x64 + unattend\unattend.win2016.xml + 4GB + ted:Outflank123 + parent-en_windows_server_2016_x64_dvd_9718492-updated201801 + net1 + 10.202.1.12/24 + True + mu_advanced_threat_analytics_ata_version_1.8_x64_dvd_10911683.iso + True + Chrome\googlechromestandaloneenterprise.msi + 7z\7z1801-x86.msi + npp\npp.7.5.0.installer.x86.msi + + + True + windows2016x64 + unattend\unattend.win2016.xml + ted:Outflank123 + parent-en_windows_server_2016_x64_dvd_9718492-updated201801 + net1 + 10.202.1.13/24 + True + BreakMe.local + True + Chrome\googlechromestandaloneenterprise.msi + 7z\7z1801-x86.msi + npp\npp.7.5.0.installer.x86.msi + + + windows2008R2x64 + unattend\unattend.win2008R2.xml + ted:Outflank123 + parent-en_windows_server_2008_r2_with_sp1_vl_build_x64_dvd_617403-updated201801 + net1 + 10.202.1.14/24 + True + BreakMe.local + True + Chrome\googlechromestandaloneenterprise.msi + 7z\7z1801-x86.msi + npp\npp.7.5.0.installer.x86.msi + + + windows2012R2x64 + unattend\unattend.win2012R2.xml + ted:Outflank123 + parent-en_windows_server_2012_r2_essentials_with_update_x64_dvd_6052824-updated201704 + net1 + 10.202.1.15/24 + True + BreakMe.local + True + Chrome\googlechromestandaloneenterprise.msi + 7z\7z1801-x86.msi + npp\npp.7.5.0.installer.x86.msi + + + windows10x86 + unattend\unattend.win10.xml + ted:Outflank123 + parent-en_windows_10_enterprise_version_1709_updated_dec_2017_x86_dvd_100406182-updated201801 + net2 + 10.202.2.11/24 + True + BreakMe.local + True + Office16x86\setup.exe + Office16x86\config.xml + Chrome\googlechromestandaloneenterprise.msi + 7z\7z1801-x86.msi + npp\npp.7.5.0.installer.x86.msi + + + windows10x64 + unattend\unattend.win10.xml + ted:Outflank123 + parent-en_windows_10_enterprise_version_1709_updated_dec_2017_x64_dvd_100406172-updated201801 + net2 + 10.202.2.12/24 + True + BreakMe.local + True + Office16x64\setup.exe + Office16x64\config.xml + Chrome\googlechromestandaloneenterprise.msi + 7z\7z1801-x86.msi + npp\npp.7.5.0.installer.x86.msi + + + windows10x86 + unattend\unattend.win10.xml + ted:Outflank123 + parent-en_windows_10_enterprise_2016_ltsb_n_x86_dvd_9058202-updated201704 + net2 + 10.202.2.13/24 + 10.202.1.11 + True + BreakMe.local + True + Office16x86\setup.exe + Office16x86\config.xml + Chrome\googlechromestandaloneenterprise.msi + 7z\7z1801-x86.msi + npp\npp.7.5.0.installer.x86.msi + + + windows10x64 + unattend\unattend.win10.xml + ted:Outflank123 + parent-en_windows_10_enterprise_2016_ltsb_n_x64_dvd_9057894-updated201801 + net2 + 10.202.2.14/24 + True + BreakMe.local + True + Office16x64\setup.exe + Office16x64\config.xml + Chrome\googlechromestandaloneenterprise.msi + 7z\7z1801-x86.msi + npp\npp.7.5.0.installer.x86.msi + + + windows7x64 + unattend\unattend.win7.xml + ted:Outflank123 + parent-en_windows_7_enterprise_n_with_sp1_x64_dvd_u_677704-updated201801 + net2 + 10.202.2.15/24 + True + BreakMe.local + True + Office16x64\setup.exe + Office16x64\config.xml + Chrome\googlechromestandaloneenterprise.msi + 7z\7z1801-x86.msi + npp\npp.7.5.0.installer.x86.msi + + + windows7x86 + unattend\unattend.win7.xml + ted:Outflank123 + parent-en_windows_7_enterprise_n_with_sp1_x86_dvd_u_677703-updated201801 + net2 + 10.202.2.16/24 + True + BreakMe.local + True + Office14x86\setup.exe + Office14x86\config.xml + Chrome\googlechromestandaloneenterprise.msi + 7z\7z1801-x86.msi + npp\npp.7.5.0.installer.x86.msi + + + windows8.1x64 + unattend\unattend.win8.1.xml + ted:Outflank123 + parent-en_windows_8.1_enterprise_n_with_update_x64_dvd_6050225-updated201801 + net2 + 10.202.2.17/24 + True + BreakMe.local + True + Office15x86\setup.exe + Office15x86\config.xml + Chrome\googlechromestandaloneenterprise.msi + 7z\7z1801-x86.msi + npp\npp.7.5.0.installer.x86.msi + + + windows8.1x86 + unattend\unattend.win8.1.xml + ted:Outflank123 + parent-en_windows_8.1_enterprise_n_with_update_x86_dvd_6050217-updated201801 + net2 + 10.202.2.18/24 + True + BreakMe.local + True + Office15x86\setup.exe + Office15x86\config.xml + Chrome\googlechromestandaloneenterprise.msi + 7z\7z1801-x86.msi + npp\npp.7.5.0.installer.x86.msi + + + diff --git a/Configs/unattend/.gitkeep b/Configs/unattend/.gitkeep new file mode 100755 index 0000000..e69de29 diff --git a/Configs/unattend/unattend.win10.xml b/Configs/unattend/unattend.win10.xml new file mode 100755 index 0000000..a490ba8 --- /dev/null +++ b/Configs/unattend/unattend.win10.xml @@ -0,0 +1,405 @@ + + + + + +en-US + +0409:00000409 +en-US +en-US +en-US +en-US + + + +en-US + +0409:00000409 +en-US +en-US +en-US +en-US + + + + + + +1 +Primary +100 + + +true +2 +Primary + + + + +true +NTFS + +1 +1 +0x27 + + +true +NTFS + +C +2 +2 + + +0 +true + + + + + +0 +2 + +false + + + +true +@@User@@ +@@User@@ + +false + + + + + + +1 +Primary +100 + + +true +2 +Primary + + + + +true +NTFS + +1 +1 +0x27 + + +true +NTFS + +C +2 +2 + + +0 +true + + + + + +0 +2 + +false + + + +true +@@User@@ +@@User@@ + +false + + + + +false + + + + +false + + + + +1 + + + + +1 + + + + +0409:00000409 +en-US +en-US +en-US +en-US + + +0409:00000409 +en-US +en-US +en-US +en-US + + +true + + +true + + +0 + + +0 + + +@@Hostname@@ +W269N-WFGWX-YVC9B-4J6C9-T83GX + + +@@Hostname@@ +W269N-WFGWX-YVC9B-4J6C9-T83GX + + + + + + False + + @@Net1_MAC@@ + + @@Net1_IP@@ + + + + 0 + 0.0.0.0/0 + @@Net1_GW@@ + + + + + + + + + + False + + @@Net1_MAC@@ + + @@Net1_IP@@ + + + + 0 + 0.0.0.0/0 + @@Net1_GW@@ + + + + + + +@@DNS_SUFFIX@@ + + + + @@Net1_DNS@@ + + @@Net1_MAC@@ + + + + +@@DNS_SUFFIX@@ + + + + @@Net1_DNS@@ + + @@Net1_MAC@@ + + + + + + + + +@@Pass@@ +true</PlainText> +</Password> +<Enabled>true</Enabled> +<LogonCount>1</LogonCount> +<Username>@@User@@</Username> +</AutoLogon> +<OOBE> +<HideEULAPage>true</HideEULAPage> +<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> +<HideOnlineAccountScreens>true</HideOnlineAccountScreens> +<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> +<NetworkLocation>Work</NetworkLocation> +<SkipUserOOBE>true</SkipUserOOBE> +<SkipMachineOOBE>true</SkipMachineOOBE> +<ProtectYourPC>3</ProtectYourPC> +</OOBE> +<UserAccounts> +<LocalAccounts> +<LocalAccount wcm:action="add"> +<Password> +<Value>@@Pass@@</Value> +<PlainText>true</PlainText> +</Password> +<Description></Description> +<DisplayName>@@User@@</DisplayName> +<Group>Administrators</Group> +<Name>@@User@@</Name> +</LocalAccount> +</LocalAccounts> +</UserAccounts> +<RegisteredOrganization></RegisteredOrganization> +<RegisteredOwner>@@User@@</RegisteredOwner> +<DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet> +<FirstLogonCommands> +<SynchronousCommand wcm:action="add"> +<Description>Control Panel View</Description> +<Order>1</Order> +<CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v StartupPage /t REG_DWORD /d 1 /f</CommandLine> +<RequiresUserInput>true</RequiresUserInput> +</SynchronousCommand> +<SynchronousCommand wcm:action="add"> +<Order>2</Order> +<Description>Control Panel Icon Size</Description> +<RequiresUserInput>false</RequiresUserInput> +<CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v AllItemsIconView /t REG_DWORD /d 0 /f</CommandLine> +</SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "$NLMType = [Type]::GetTypeFromCLSID('DCB00C01-570F-4A9B-8D69-199FDBA5723B');$INetworkListManager = [Activator]::CreateInstance($NLMType);$INetworks = $INetworkListManager.GetNetworks(1);foreach ($INetwork in $INetworks) { $INetwork.SetCategory(0x01) }"</CommandLine> + <Description>Change network type to Private</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd.exe /c "netsh advfirewall set allprofiles state off"</CommandLine> + <Description>Disable Windows Firewall</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Set-WsManQuickConfig -Force"</CommandLine> + <Description>Enable WsMan</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Enable-PSRemoting -Force"</CommandLine> + <Description>Enable PowerShell Remoting</Description> + </SynchronousCommand> +</FirstLogonCommands> +<TimeZone>W. Europe Standard Time</TimeZone> +</component> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<AutoLogon> +<Password> +<Value>@@Pass@@</Value> +<PlainText>true</PlainText> +</Password> +<Enabled>true</Enabled> +<LogonCount>1</LogonCount> +<Username>@@User@@</Username> +</AutoLogon> +<OOBE> +<HideEULAPage>true</HideEULAPage> +<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> +<HideOnlineAccountScreens>true</HideOnlineAccountScreens> +<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> +<NetworkLocation>Work</NetworkLocation> +<SkipUserOOBE>true</SkipUserOOBE> +<SkipMachineOOBE>true</SkipMachineOOBE> +<ProtectYourPC>3</ProtectYourPC> +</OOBE> +<UserAccounts> +<LocalAccounts> +<LocalAccount wcm:action="add"> +<Password> +<Value>@@Pass@@</Value> +<PlainText>true</PlainText> +</Password> +<Description></Description> +<DisplayName>@@User@@</DisplayName> +<Group>Administrators</Group> +<Name>@@User@@</Name> +</LocalAccount> +</LocalAccounts> +</UserAccounts> +<RegisteredOrganization></RegisteredOrganization> +<RegisteredOwner>@@User@@</RegisteredOwner> +<DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet> +<FirstLogonCommands> +<SynchronousCommand wcm:action="add"> +<Description>Control Panel View</Description> +<Order>1</Order> +<CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v StartupPage /t REG_DWORD /d 1 /f</CommandLine> +<RequiresUserInput>true</RequiresUserInput> +</SynchronousCommand> +<SynchronousCommand wcm:action="add"> +<Order>2</Order> +<Description>Control Panel Icon Size</Description> +<RequiresUserInput>false</RequiresUserInput> +<CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v AllItemsIconView /t REG_DWORD /d 0 /f</CommandLine> +</SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "$NLMType = [Type]::GetTypeFromCLSID('DCB00C01-570F-4A9B-8D69-199FDBA5723B');$INetworkListManager = [Activator]::CreateInstance($NLMType);$INetworks = $INetworkListManager.GetNetworks(1);foreach ($INetwork in $INetworks) { $INetwork.SetCategory(0x01) }"</CommandLine> + <Description>Change network type to Private</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd.exe /c "netsh advfirewall set allprofiles state off"</CommandLine> + <Description>Disable Windows Firewall</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Set-WsManQuickConfig -Force"</CommandLine> + <Description>Enable WsMan</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Enable-PSRemoting -Force"</CommandLine> + <Description>Enable PowerShell Remoting</Description> + </SynchronousCommand> +</FirstLogonCommands> +<TimeZone>W. Europe Standard Time</TimeZone> +</component> +</settings> +</unattend> \ No newline at end of file diff --git a/Configs/unattend/unattend.win10_regularboot.xml b/Configs/unattend/unattend.win10_regularboot.xml new file mode 100755 index 0000000..1af46af --- /dev/null +++ b/Configs/unattend/unattend.win10_regularboot.xml @@ -0,0 +1,341 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend"> +<settings pass="windowsPE"> +<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SetupUILanguage> +<UILanguage>en-US</UILanguage> +</SetupUILanguage> +<InputLocale>0409:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SetupUILanguage> +<UILanguage>en-US</UILanguage> +</SetupUILanguage> +<InputLocale>0409:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<DiskConfiguration> +<Disk wcm:action="add"> +<CreatePartitions> +<CreatePartition wcm:action="add"> +<Order>1</Order> +<Type>Primary</Type> +<Size>100</Size> +</CreatePartition> +<CreatePartition wcm:action="add"> +<Extend>true</Extend> +<Order>2</Order> +<Type>Primary</Type> +</CreatePartition> +</CreatePartitions> +<ModifyPartitions> +<ModifyPartition wcm:action="add"> +<Active>true</Active> +<Format>NTFS</Format> +<Label>System Reserved</Label> +<Order>1</Order> +<PartitionID>1</PartitionID> +<TypeID>0x27</TypeID> +</ModifyPartition> +<ModifyPartition wcm:action="add"> +<Active>true</Active> +<Format>NTFS</Format> +<Label>OS</Label> +<Letter>C</Letter> +<Order>2</Order> +<PartitionID>2</PartitionID> +</ModifyPartition> +</ModifyPartitions> +<DiskID>0</DiskID> +<WillWipeDisk>true</WillWipeDisk> +</Disk> +</DiskConfiguration> +<ImageInstall> +<OSImage> +<InstallTo> +<DiskID>0</DiskID> +<PartitionID>2</PartitionID> +</InstallTo> +<InstallToAvailablePartition>false</InstallToAvailablePartition> +</OSImage> +</ImageInstall> +<UserData> +<AcceptEula>true</AcceptEula> +<FullName>Outflank</FullName> +<Organization>Outflank</Organization> +</UserData> +<EnableFirewall>false</EnableFirewall> +</component> +<component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<DiskConfiguration> +<Disk wcm:action="add"> +<CreatePartitions> +<CreatePartition wcm:action="add"> +<Order>1</Order> +<Type>Primary</Type> +<Size>100</Size> +</CreatePartition> +<CreatePartition wcm:action="add"> +<Extend>true</Extend> +<Order>2</Order> +<Type>Primary</Type> +</CreatePartition> +</CreatePartitions> +<ModifyPartitions> +<ModifyPartition wcm:action="add"> +<Active>true</Active> +<Format>NTFS</Format> +<Label>System Reserved</Label> +<Order>1</Order> +<PartitionID>1</PartitionID> +<TypeID>0x27</TypeID> +</ModifyPartition> +<ModifyPartition wcm:action="add"> +<Active>true</Active> +<Format>NTFS</Format> +<Label>OS</Label> +<Letter>C</Letter> +<Order>2</Order> +<PartitionID>2</PartitionID> +</ModifyPartition> +</ModifyPartitions> +<DiskID>0</DiskID> +<WillWipeDisk>true</WillWipeDisk> +</Disk> +</DiskConfiguration> +<ImageInstall> +<OSImage> +<InstallTo> +<DiskID>0</DiskID> +<PartitionID>2</PartitionID> +</InstallTo> +<InstallToAvailablePartition>false</InstallToAvailablePartition> +</OSImage> +</ImageInstall> +<UserData> +<AcceptEula>true</AcceptEula> +<FullName>Outflank</FullName> +<Organization>Outflank</Organization> +</UserData> +<EnableFirewall>false</EnableFirewall> +</component> +</settings> +<settings pass="offlineServicing"> +<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<EnableLUA>false</EnableLUA> +</component> +</settings> +<settings pass="offlineServicing"> +<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<EnableLUA>false</EnableLUA> +</component> +</settings> +<settings pass="generalize"> +<component name="Microsoft-Windows-Security-SPP" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipRearm>1</SkipRearm> +</component> +</settings> +<settings pass="generalize"> +<component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipRearm>1</SkipRearm> +</component> +</settings> +<settings pass="specialize"> +<component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<InputLocale>0409:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<InputLocale>0409:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipAutoActivation>true</SkipAutoActivation> +</component> +<component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipAutoActivation>true</SkipAutoActivation> +</component> +<component name="Microsoft-Windows-SQMApi" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<CEIPEnabled>0</CEIPEnabled> +</component> +<component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<CEIPEnabled>0</CEIPEnabled> +</component> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<ComputerName>UNATTENDWIN10</ComputerName> +<ProductKey>W269N-WFGWX-YVC9B-4J6C9-T83GX</ProductKey> +</component> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<ComputerName>UNATTENDWIN10</ComputerName> +<ProductKey>W269N-WFGWX-YVC9B-4J6C9-T83GX</ProductKey> +</component> +</settings> +<settings pass="oobeSystem"> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<AutoLogon> +<Password> +<Value>Outflank123</Value> +<PlainText>true</PlainText> +</Password> +<Enabled>true</Enabled> +<Username>outflank</Username> +</AutoLogon> +<OOBE> +<HideEULAPage>true</HideEULAPage> +<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> +<HideOnlineAccountScreens>true</HideOnlineAccountScreens> +<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> +<NetworkLocation>Work</NetworkLocation> +<SkipUserOOBE>true</SkipUserOOBE> +<SkipMachineOOBE>true</SkipMachineOOBE> +<ProtectYourPC>3</ProtectYourPC> +</OOBE> +<UserAccounts> +<LocalAccounts> +<LocalAccount wcm:action="add"> +<Password> +<Value>Outflank123</Value> +<PlainText>true</PlainText> +</Password> +<Description></Description> +<DisplayName>outflank</DisplayName> +<Group>Administrators</Group> +<Name>outflank</Name> +</LocalAccount> +</LocalAccounts> +</UserAccounts> +<RegisteredOrganization>Outflank</RegisteredOrganization> +<RegisteredOwner>Outflank</RegisteredOwner> +<DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet> +<FirstLogonCommands> +<SynchronousCommand wcm:action="add"> +<Description>Control Panel View</Description> +<Order>1</Order> +<CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v StartupPage /t REG_DWORD /d 1 /f</CommandLine> +<RequiresUserInput>true</RequiresUserInput> +</SynchronousCommand> +<SynchronousCommand wcm:action="add"> +<Order>2</Order> +<Description>Control Panel Icon Size</Description> +<RequiresUserInput>false</RequiresUserInput> +<CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v AllItemsIconView /t REG_DWORD /d 0 /f</CommandLine> +</SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "$NLMType = [Type]::GetTypeFromCLSID('DCB00C01-570F-4A9B-8D69-199FDBA5723B');$INetworkListManager = [Activator]::CreateInstance($NLMType);$INetworks = $INetworkListManager.GetNetworks(1);foreach ($INetwork in $INetworks) { $INetwork.SetCategory(0x01) }"</CommandLine> + <Description>Change network type to Private</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd.exe /c "netsh advfirewall set allprofiles state off"</CommandLine> + <Description>Disable Windows Firewall</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Set-WsManQuickConfig -Force"</CommandLine> + <Description>Enable WsMan</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Enable-PSRemoting -Force"</CommandLine> + <Description>Enable PowerShell Remoting</Description> + </SynchronousCommand> +</FirstLogonCommands> +<TimeZone>W. Europe Standard Time</TimeZone> +</component> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<AutoLogon> +<Password> +<Value>Outflank123</Value> +<PlainText>true</PlainText> +</Password> +<Enabled>true</Enabled> +<Username>outflank</Username> +</AutoLogon> +<OOBE> +<HideEULAPage>true</HideEULAPage> +<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> +<HideOnlineAccountScreens>true</HideOnlineAccountScreens> +<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> +<NetworkLocation>Work</NetworkLocation> +<SkipUserOOBE>true</SkipUserOOBE> +<SkipMachineOOBE>true</SkipMachineOOBE> +<ProtectYourPC>3</ProtectYourPC> +</OOBE> +<UserAccounts> +<LocalAccounts> +<LocalAccount wcm:action="add"> +<Password> +<Value>Outflank123</Value> +<PlainText>true</PlainText> +</Password> +<Description></Description> +<DisplayName>outflank</DisplayName> +<Group>Administrators</Group> +<Name>outflank</Name> +</LocalAccount> +</LocalAccounts> +</UserAccounts> +<RegisteredOrganization>Outflank</RegisteredOrganization> +<RegisteredOwner>Outflank</RegisteredOwner> +<DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet> +<FirstLogonCommands> +<SynchronousCommand wcm:action="add"> +<Description>Control Panel View</Description> +<Order>1</Order> +<CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v StartupPage /t REG_DWORD /d 1 /f</CommandLine> +<RequiresUserInput>true</RequiresUserInput> +</SynchronousCommand> +<SynchronousCommand wcm:action="add"> +<Order>2</Order> +<Description>Control Panel Icon Size</Description> +<RequiresUserInput>false</RequiresUserInput> +<CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v AllItemsIconView /t REG_DWORD /d 0 /f</CommandLine> +</SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "$NLMType = [Type]::GetTypeFromCLSID('DCB00C01-570F-4A9B-8D69-199FDBA5723B');$INetworkListManager = [Activator]::CreateInstance($NLMType);$INetworks = $INetworkListManager.GetNetworks(1);foreach ($INetwork in $INetworks) { $INetwork.SetCategory(0x01) }"</CommandLine> + <Description>Change network type to Private</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd.exe /c "netsh advfirewall set allprofiles state off"</CommandLine> + <Description>Disable Windows Firewall</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Set-WsManQuickConfig -Force"</CommandLine> + <Description>Enable WsMan</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Enable-PSRemoting -Force"</CommandLine> + <Description>Enable PowerShell Remoting</Description> + </SynchronousCommand> +</FirstLogonCommands> +<TimeZone>W. Europe Standard Time</TimeZone> +</component> +</settings> +</unattend> \ No newline at end of file diff --git a/Configs/unattend/unattend.win2008R2.xml b/Configs/unattend/unattend.win2008R2.xml new file mode 100755 index 0000000..bf07452 --- /dev/null +++ b/Configs/unattend/unattend.win2008R2.xml @@ -0,0 +1,199 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend"> +<settings pass="windowsPE"> +<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SetupUILanguage> +<UILanguage>en-US</UILanguage> +</SetupUILanguage> +<InputLocale>0409:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<DiskConfiguration> +<Disk wcm:action="add"> +<CreatePartitions> +<CreatePartition wcm:action="add"> +<Order>1</Order> +<Type>Primary</Type> +<Size>100</Size> +</CreatePartition> +<CreatePartition wcm:action="add"> +<Extend>true</Extend> +<Order>2</Order> +<Type>Primary</Type> +</CreatePartition> +</CreatePartitions> +<ModifyPartitions> +<ModifyPartition wcm:action="add"> +<Active>true</Active> +<Format>NTFS</Format> +<Label>System Reserved</Label> +<Order>1</Order> +<PartitionID>1</PartitionID> +<TypeID>0x27</TypeID> +</ModifyPartition> +<ModifyPartition wcm:action="add"> +<Active>true</Active> +<Format>NTFS</Format> +<Label>OS</Label> +<Letter>C</Letter> +<Order>2</Order> +<PartitionID>2</PartitionID> +</ModifyPartition> +</ModifyPartitions> +<DiskID>0</DiskID> +<WillWipeDisk>true</WillWipeDisk> +</Disk> +</DiskConfiguration> +<ImageInstall> +<OSImage> +<InstallTo> +<DiskID>0</DiskID> +<PartitionID>2</PartitionID> +</InstallTo> +<InstallToAvailablePartition>false</InstallToAvailablePartition> +</OSImage> +</ImageInstall> +<UserData> +<AcceptEula>true</AcceptEula> +<FullName>@@User@@</FullName> +<Organization></Organization> +</UserData> +<EnableFirewall>false</EnableFirewall> +</component> +</settings> +<settings pass="offlineServicing"> +<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<EnableLUA>false</EnableLUA> +</component> +</settings> +<settings pass="generalize"> +<component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipRearm>1</SkipRearm> +</component> +</settings> +<settings pass="specialize"> +<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<InputLocale>0409:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipAutoActivation>true</SkipAutoActivation> +</component> +<component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<CEIPEnabled>0</CEIPEnabled> +</component> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<ComputerName>@@hostname@@</ComputerName> +<ProductKey>489J6-VHDMP-X63PK-3K798-CPX3Y</ProductKey> +</component> +<component name="Microsoft-Windows-TCPIP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<Interfaces> + <Interface wcm:action="add"> + <Ipv4Settings> + <DhcpEnabled>False</DhcpEnabled> + </Ipv4Settings> + <UnicastIpAddresses> + <IpAddress wcm:action="add" wcm:keyValue="1">@@Net1_IP@@</IpAddress> + </UnicastIpAddresses> + <Identifier>@@Net1_MAC@@</Identifier> + <Routes> + <Route wcm:action="add"> + <Identifier>0</Identifier> + <Prefix>0.0.0.0/0</Prefix> + <NextHopAddress>@@Net1_GW@@</NextHopAddress> + </Route> + </Routes> + </Interface> +</Interfaces> +</component> +<component name="Microsoft-Windows-DNS-Client" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<DNSDomain>@@DNS_SUFFIX@@</DNSDomain> +<Interfaces> + <Interface wcm:action="add"> + <DNSServerSearchOrder> + <IpAddress wcm:action="add" wcm:keyValue="1">@@Net1_DNS@@</IpAddress> + </DNSServerSearchOrder> + <Identifier>@@Net1_MAC@@</Identifier> + </Interface> + </Interfaces> +</component> +</settings> +<settings pass="oobeSystem"> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<AutoLogon> +<Password> +<Value>@@Pass@@</Value> +<PlainText>true</PlainText> +</Password> +<Enabled>true</Enabled> +<LogonCount>1</LogonCount> +<Username>@@User@@</Username> +</AutoLogon> +<OOBE> +<HideEULAPage>true</HideEULAPage> +<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> +<NetworkLocation>Work</NetworkLocation> +<ProtectYourPC>3</ProtectYourPC> +<SkipUserOOBE>true</SkipUserOOBE> +<SkipMachineOOBE>true</SkipMachineOOBE> +</OOBE> +<FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <Order>1</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "$NLMType = [Type]::GetTypeFromCLSID('DCB00C01-570F-4A9B-8D69-199FDBA5723B');$INetworkListManager = [Activator]::CreateInstance($NLMType);$INetworks = $INetworkListManager.GetNetworks(1);foreach ($INetwork in $INetworks) { $INetwork.SetCategory(0x01) }"</CommandLine> + <Description>Change network type to Private</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>2</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd.exe /c "netsh advfirewall set allprofiles state off"</CommandLine> + <Description>Disable Windows Firewall</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Set-WsManQuickConfig -Force"</CommandLine> + <Description>Enable WsMan</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Enable-PSRemoting -Force"</CommandLine> + <Description>Enable PowerShell Remoting</Description> + </SynchronousCommand> +</FirstLogonCommands> +<UserAccounts> +<LocalAccounts> +<LocalAccount wcm:action="add"> +<Password> +<Value>@@Pass@@</Value> +<PlainText>true</PlainText> +</Password> +<Description></Description> +<DisplayName>@@User@@</DisplayName> +<Group>Administrators</Group> +<Name>@@User@@</Name> +</LocalAccount> +</LocalAccounts> +</UserAccounts> +<RegisteredOrganization></RegisteredOrganization> +<RegisteredOwner>@@User@@</RegisteredOwner> +<DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet> +<TimeZone>W. Europe Standard Time</TimeZone> +</component> +<component name="Microsoft-Windows-ehome-reg-inf" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="NonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<RestartEnabled>true</RestartEnabled> +</component> +<component name="Microsoft-Windows-ehome-reg-inf" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="NonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<RestartEnabled>true</RestartEnabled> +</component> +</settings> +</unattend> \ No newline at end of file diff --git a/Configs/unattend/unattend.win2008R2_regularboot.xml b/Configs/unattend/unattend.win2008R2_regularboot.xml new file mode 100755 index 0000000..5b3307c --- /dev/null +++ b/Configs/unattend/unattend.win2008R2_regularboot.xml @@ -0,0 +1,155 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend"> +<settings pass="windowsPE"> +<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SetupUILanguage> +<UILanguage>en-US</UILanguage> +</SetupUILanguage> +<InputLocale>0409:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<DiskConfiguration> +<Disk wcm:action="add"> +<CreatePartitions> +<CreatePartition wcm:action="add"> +<Order>1</Order> +<Type>Primary</Type> +<Size>100</Size> +</CreatePartition> +<CreatePartition wcm:action="add"> +<Extend>true</Extend> +<Order>2</Order> +<Type>Primary</Type> +</CreatePartition> +</CreatePartitions> +<ModifyPartitions> +<ModifyPartition wcm:action="add"> +<Active>true</Active> +<Format>NTFS</Format> +<Label>System Reserved</Label> +<Order>1</Order> +<PartitionID>1</PartitionID> +<TypeID>0x27</TypeID> +</ModifyPartition> +<ModifyPartition wcm:action="add"> +<Active>true</Active> +<Format>NTFS</Format> +<Label>OS</Label> +<Letter>C</Letter> +<Order>2</Order> +<PartitionID>2</PartitionID> +</ModifyPartition> +</ModifyPartitions> +<DiskID>0</DiskID> +<WillWipeDisk>true</WillWipeDisk> +</Disk> +</DiskConfiguration> +<ImageInstall> +<OSImage> +<InstallTo> +<DiskID>0</DiskID> +<PartitionID>2</PartitionID> +</InstallTo> +<InstallToAvailablePartition>false</InstallToAvailablePartition> +</OSImage> +</ImageInstall> +<UserData> +<AcceptEula>true</AcceptEula> +<FullName>Outflank</FullName> +<Organization>Outflank</Organization> +</UserData> +<EnableFirewall>false</EnableFirewall> +</component> +</settings> +<settings pass="offlineServicing"> +<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<EnableLUA>false</EnableLUA> +</component> +</settings> +<settings pass="generalize"> +<component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipRearm>1</SkipRearm> +</component> +</settings> +<settings pass="specialize"> +<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<InputLocale>0409:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipAutoActivation>true</SkipAutoActivation> +</component> +<component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<CEIPEnabled>0</CEIPEnabled> +</component> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<ComputerName>UNATTEND2008R2</ComputerName> +<ProductKey>489J6-VHDMP-X63PK-3K798-CPX3Y</ProductKey> +</component> +</settings> +<settings pass="oobeSystem"> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<AutoLogon> +<Password> +<Value>Outflank123</Value> +<PlainText>true</PlainText> +</Password> +<Enabled>true</Enabled> +<Username>Outflank</Username> +</AutoLogon> +<OOBE> +<HideEULAPage>true</HideEULAPage> +<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> +<NetworkLocation>Work</NetworkLocation> +<ProtectYourPC>3</ProtectYourPC> +<SkipUserOOBE>true</SkipUserOOBE> +<SkipMachineOOBE>true</SkipMachineOOBE> +</OOBE> +<FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <Order>1</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd.exe /c "netsh advfirewall set allprofiles state off"</CommandLine> + <Description>Disable Windows Firewall</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>2</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Enable-PSRemoting -Force"</CommandLine> + <Description>Enable PowerShell Remoting</Description> + </SynchronousCommand> +</FirstLogonCommands> +<UserAccounts> +<LocalAccounts> +<LocalAccount wcm:action="add"> +<Password> +<Value>Outflank123</Value> +<PlainText>true</PlainText> +</Password> +<Description></Description> +<DisplayName>Outflank</DisplayName> +<Group>Administrators</Group> +<Name>Outflank</Name> +</LocalAccount> +</LocalAccounts> +</UserAccounts> +<RegisteredOrganization>Outflank</RegisteredOrganization> +<RegisteredOwner>Outflank</RegisteredOwner> +<DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet> +<TimeZone>W. Europe Standard Time</TimeZone> +</component> +<component name="Microsoft-Windows-ehome-reg-inf" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="NonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<RestartEnabled>true</RestartEnabled> +</component> +<component name="Microsoft-Windows-ehome-reg-inf" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="NonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<RestartEnabled>true</RestartEnabled> +</component> +</settings> +</unattend> \ No newline at end of file diff --git a/Configs/unattend/unattend.win2012R2.xml b/Configs/unattend/unattend.win2012R2.xml new file mode 100755 index 0000000..bb66d7d --- /dev/null +++ b/Configs/unattend/unattend.win2012R2.xml @@ -0,0 +1,192 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend"> +<settings pass="windowsPE"> +<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SetupUILanguage> +<UILanguage>en-US</UILanguage> +</SetupUILanguage> +<InputLocale>0409:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<DiskConfiguration> +<Disk wcm:action="add"> +<CreatePartitions> +<CreatePartition wcm:action="add"> +<Order>1</Order> +<Type>Primary</Type> +<Size>100</Size> +</CreatePartition> +<CreatePartition wcm:action="add"> +<Extend>true</Extend> +<Order>2</Order> +<Type>Primary</Type> +</CreatePartition> +</CreatePartitions> +<ModifyPartitions> +<ModifyPartition wcm:action="add"> +<Active>true</Active> +<Format>NTFS</Format> +<Label>System Reserved</Label> +<Order>1</Order> +<PartitionID>1</PartitionID> +<TypeID>0x27</TypeID> +</ModifyPartition> +<ModifyPartition wcm:action="add"> +<Active>true</Active> +<Format>NTFS</Format> +<Label>OS</Label> +<Letter>C</Letter> +<Order>2</Order> +<PartitionID>2</PartitionID> +</ModifyPartition> +</ModifyPartitions> +<DiskID>0</DiskID> +<WillWipeDisk>true</WillWipeDisk> +</Disk> +</DiskConfiguration> +<ImageInstall> +<OSImage> +<InstallTo> +<DiskID>0</DiskID> +<PartitionID>2</PartitionID> +</InstallTo> +<InstallToAvailablePartition>false</InstallToAvailablePartition> +</OSImage> +</ImageInstall> +<UserData> +<AcceptEula>true</AcceptEula> +<FullName>@@User@@</FullName> +<Organization></Organization> +</UserData> +<EnableFirewall>false</EnableFirewall> +</component> +</settings> +<settings pass="offlineServicing"> +<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<EnableLUA>false</EnableLUA> +</component> +</settings> +<settings pass="generalize"> +<component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipRearm>1</SkipRearm> +</component> +</settings> +<settings pass="specialize"> +<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<InputLocale>0409:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipAutoActivation>true</SkipAutoActivation> +</component> +<component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<CEIPEnabled>0</CEIPEnabled> +</component> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<ComputerName>@@Hostname@@</ComputerName> +<ProductKey>2W8JV-NTQG3-MGGX4-VYF7D-974WJ</ProductKey> +</component> +<component name="Microsoft-Windows-TCPIP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<Interfaces> + <Interface wcm:action="add"> + <Ipv4Settings> + <DhcpEnabled>False</DhcpEnabled> + </Ipv4Settings> + <UnicastIpAddresses> + <IpAddress wcm:action="add" wcm:keyValue="1">@@Net1_IP@@</IpAddress> + </UnicastIpAddresses> + <Identifier>@@Net1_MAC@@</Identifier> + <Routes> + <Route wcm:action="add"> + <Identifier>0</Identifier> + <Prefix>0.0.0.0/0</Prefix> + <NextHopAddress>@@Net1_GW@@</NextHopAddress> + </Route> + </Routes> + </Interface> +</Interfaces> +</component> +<component name="Microsoft-Windows-DNS-Client" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<DNSDomain>@@DNS_SUFFIX@@</DNSDomain> +<Interfaces> + <Interface wcm:action="add"> + <DNSServerSearchOrder> + <IpAddress wcm:action="add" wcm:keyValue="1">@@Net1_DNS@@</IpAddress> + </DNSServerSearchOrder> + <Identifier>@@Net1_MAC@@</Identifier> + </Interface> + </Interfaces> +</component> +</settings> +<settings pass="oobeSystem"> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<AutoLogon> +<Password> +<Value>@@Pass@@</Value> +<PlainText>true</PlainText> +</Password> +<Enabled>true</Enabled> +<LogonCount>1</LogonCount> +<Username>@@User@@</Username> +</AutoLogon> +<OOBE> +<HideEULAPage>true</HideEULAPage> +<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> +<HideOnlineAccountScreens>true</HideOnlineAccountScreens> +<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> +<NetworkLocation>Work</NetworkLocation> +<ProtectYourPC>3</ProtectYourPC> +<SkipUserOOBE>true</SkipUserOOBE> +<SkipMachineOOBE>true</SkipMachineOOBE> +</OOBE> +<FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <Order>1</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd.exe /c "netsh advfirewall set allprofiles state off"</CommandLine> + <Description>Disable Windows Firewall</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>2</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Enable-PSRemoting -Force"</CommandLine> + <Description>Enable PowerShell Remoting</Description> + </SynchronousCommand> +</FirstLogonCommands> +<UserAccounts> +<LocalAccounts> +<LocalAccount wcm:action="add"> +<Password> +<Value>@@Pass@@</Value> +<PlainText>true</PlainText> +</Password> +<Description></Description> +<DisplayName>@@User@@</DisplayName> +<Group>Administrators</Group> +<Name>@@User@@</Name> +</LocalAccount> +</LocalAccounts> +</UserAccounts> +<RegisteredOrganization></RegisteredOrganization> +<RegisteredOwner>@@User@@</RegisteredOwner> +<DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet> +<TimeZone>W. Europe Standard Time</TimeZone> +<VisualEffects> +<SystemDefaultBackgroundColor>2</SystemDefaultBackgroundColor> +</VisualEffects> +</component> +<component name="Microsoft-Windows-ehome-reg-inf" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="NonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<RestartEnabled>true</RestartEnabled> +</component> +<component name="Microsoft-Windows-ehome-reg-inf" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="NonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<RestartEnabled>true</RestartEnabled> +</component> +</settings> +</unattend> \ No newline at end of file diff --git a/Configs/unattend/unattend.win2012R2_regularboot.xml b/Configs/unattend/unattend.win2012R2_regularboot.xml new file mode 100755 index 0000000..0afd87d --- /dev/null +++ b/Configs/unattend/unattend.win2012R2_regularboot.xml @@ -0,0 +1,160 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend"> +<settings pass="windowsPE"> +<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SetupUILanguage> +<UILanguage>en-US</UILanguage> +</SetupUILanguage> +<InputLocale>0409:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<DiskConfiguration> +<Disk wcm:action="add"> +<CreatePartitions> +<CreatePartition wcm:action="add"> +<Order>1</Order> +<Type>Primary</Type> +<Size>100</Size> +</CreatePartition> +<CreatePartition wcm:action="add"> +<Extend>true</Extend> +<Order>2</Order> +<Type>Primary</Type> +</CreatePartition> +</CreatePartitions> +<ModifyPartitions> +<ModifyPartition wcm:action="add"> +<Active>true</Active> +<Format>NTFS</Format> +<Label>System Reserved</Label> +<Order>1</Order> +<PartitionID>1</PartitionID> +<TypeID>0x27</TypeID> +</ModifyPartition> +<ModifyPartition wcm:action="add"> +<Active>true</Active> +<Format>NTFS</Format> +<Label>OS</Label> +<Letter>C</Letter> +<Order>2</Order> +<PartitionID>2</PartitionID> +</ModifyPartition> +</ModifyPartitions> +<DiskID>0</DiskID> +<WillWipeDisk>true</WillWipeDisk> +</Disk> +</DiskConfiguration> +<ImageInstall> +<OSImage> +<InstallTo> +<DiskID>0</DiskID> +<PartitionID>2</PartitionID> +</InstallTo> +<InstallToAvailablePartition>false</InstallToAvailablePartition> +</OSImage> +</ImageInstall> +<UserData> +<AcceptEula>true</AcceptEula> +<FullName>Outflank</FullName> +<Organization>Outflank</Organization> +</UserData> +<EnableFirewall>false</EnableFirewall> +</component> +</settings> +<settings pass="offlineServicing"> +<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<EnableLUA>false</EnableLUA> +</component> +</settings> +<settings pass="generalize"> +<component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipRearm>1</SkipRearm> +</component> +</settings> +<settings pass="specialize"> +<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<InputLocale>0409:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipAutoActivation>true</SkipAutoActivation> +</component> +<component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<CEIPEnabled>0</CEIPEnabled> +</component> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<ComputerName>UNATTEND2012R2</ComputerName> +<ProductKey>KNC87-3J2TX-XB4WP-VCPJV-M4FWM</ProductKey> +</component> +</settings> +<settings pass="oobeSystem"> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<AutoLogon> +<Password> +<Value>Outflank123</Value> +<PlainText>true</PlainText> +</Password> +<Enabled>true</Enabled> +<Username>Outflank</Username> +</AutoLogon> +<OOBE> +<HideEULAPage>true</HideEULAPage> +<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> +<HideOnlineAccountScreens>true</HideOnlineAccountScreens> +<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> +<NetworkLocation>Work</NetworkLocation> +<ProtectYourPC>3</ProtectYourPC> +<SkipUserOOBE>true</SkipUserOOBE> +<SkipMachineOOBE>true</SkipMachineOOBE> +</OOBE> +<FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <Order>1</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd.exe /c "netsh advfirewall set allprofiles state off"</CommandLine> + <Description>Disable Windows Firewall</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>2</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Enable-PSRemoting -Force"</CommandLine> + <Description>Enable PowerShell Remoting</Description> + </SynchronousCommand> +</FirstLogonCommands> +<UserAccounts> +<LocalAccounts> +<LocalAccount wcm:action="add"> +<Password> +<Value>Outflank123</Value> +<PlainText>true</PlainText> +</Password> +<Description></Description> +<DisplayName>Outflank</DisplayName> +<Group>Administrators</Group> +<Name>Outflank</Name> +</LocalAccount> +</LocalAccounts> +</UserAccounts> +<RegisteredOrganization>Outflank</RegisteredOrganization> +<RegisteredOwner>Outflank</RegisteredOwner> +<DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet> +<TimeZone>W. Europe Standard Time</TimeZone> +<VisualEffects> +<SystemDefaultBackgroundColor>2</SystemDefaultBackgroundColor> +</VisualEffects> +</component> +<component name="Microsoft-Windows-ehome-reg-inf" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="NonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<RestartEnabled>true</RestartEnabled> +</component> +<component name="Microsoft-Windows-ehome-reg-inf" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="NonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<RestartEnabled>true</RestartEnabled> +</component> +</settings> +</unattend> \ No newline at end of file diff --git a/Configs/unattend/unattend.win2016.xml b/Configs/unattend/unattend.win2016.xml new file mode 100755 index 0000000..69a5297 --- /dev/null +++ b/Configs/unattend/unattend.win2016.xml @@ -0,0 +1,169 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend"> +<settings pass="windowsPE"> +<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SetupUILanguage> +<UILanguage>en-US</UILanguage> +</SetupUILanguage> +<InputLocale>0c09:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<ImageInstall> +<OSImage> +<InstallTo> +<DiskID>0</DiskID> +<PartitionID>2</PartitionID> +</InstallTo> +</OSImage> +</ImageInstall> +<UserData> +<AcceptEula>true</AcceptEula> +<FullName>@@User@@</FullName> +<Organization></Organization> +<ProductKey> +<Key>WC2BQ-8NRM3-FDDYY-2BFGV-KHKQY</Key> +</ProductKey> +</UserData> +<EnableFirewall>true</EnableFirewall> +<DiskConfiguration> +<Disk wcm:action="add"> +<CreatePartitions> +<CreatePartition wcm:action="add"> +<Order>1</Order> +<Size>350</Size> +<Type>Primary</Type> +</CreatePartition> +<CreatePartition wcm:action="add"> +<Extend>true</Extend> +<Order>2</Order> +<Type>Primary</Type> +</CreatePartition> +</CreatePartitions> +<ModifyPartitions> +<ModifyPartition wcm:action="add"> +<Format>NTFS</Format> +<Label>System</Label> +<Order>1</Order> +<PartitionID>1</PartitionID> +<TypeID>0x27</TypeID> +</ModifyPartition> +<ModifyPartition wcm:action="add"> +<Order>2</Order> +<PartitionID>2</PartitionID> +<Letter>C</Letter> +<Label>OS</Label> +<Format>NTFS</Format> +</ModifyPartition> +</ModifyPartitions> +<DiskID>0</DiskID> +<WillWipeDisk>false</WillWipeDisk> +</Disk> +</DiskConfiguration> +</component> +</settings> +<settings pass="offlineServicing"> +<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<EnableLUA>false</EnableLUA> +</component> +</settings> +<settings pass="generalize"> +<component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipRearm>1</SkipRearm> +</component> +</settings> +<settings pass="specialize"> +<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<InputLocale>0809:00000809</InputLocale> +<SystemLocale>nl-NL</SystemLocale> +<UILanguage>nl-NL</UILanguage> +<UILanguageFallback>nl-NL</UILanguageFallback> +<UserLocale>nl-NL</UserLocale> +</component> +<component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipAutoActivation>true</SkipAutoActivation> +</component> +<component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<CEIPEnabled>0</CEIPEnabled> +</component> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<ComputerName>@@hostname@@</ComputerName> +</component> +<component name="Microsoft-Windows-TCPIP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<Interfaces> + <Interface wcm:action="add"> + <Ipv4Settings> + <DhcpEnabled>False</DhcpEnabled> + </Ipv4Settings> + <UnicastIpAddresses> + <IpAddress wcm:action="add" wcm:keyValue="1">@@Net1_IP@@</IpAddress> + </UnicastIpAddresses> + <Identifier>@@Net1_MAC@@</Identifier> + <Routes> + <Route wcm:action="add"> + <Identifier>0</Identifier> + <Prefix>0.0.0.0/0</Prefix> + <NextHopAddress>@@Net1_GW@@</NextHopAddress> + </Route> + </Routes> + </Interface> +</Interfaces> +</component> +<component name="Microsoft-Windows-DNS-Client" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<DNSDomain>@@DNS_SUFFIX@@</DNSDomain> +<Interfaces> + <Interface wcm:action="add"> + <DNSServerSearchOrder> + <IpAddress wcm:action="add" wcm:keyValue="1">@@Net1_DNS@@</IpAddress> + </DNSServerSearchOrder> + <Identifier>@@Net1_MAC@@</Identifier> + </Interface> + </Interfaces> +</component> +</settings> +<settings pass="oobeSystem"> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<AutoLogon> +<Password> +<Value>@@Pass@@</Value> +<PlainText>true</PlainText> +</Password> +<Enabled>true</Enabled> +<LogonCount>2</LogonCount> +<Username>@@User@@</Username> +</AutoLogon> +<OOBE> +<HideEULAPage>true</HideEULAPage> +<HideLocalAccountScreen>true</HideLocalAccountScreen> +<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> +<HideOnlineAccountScreens>true</HideOnlineAccountScreens> +<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> +<NetworkLocation>Work</NetworkLocation> +<ProtectYourPC>1</ProtectYourPC> +<SkipMachineOOBE>true</SkipMachineOOBE> +<SkipUserOOBE>true</SkipUserOOBE> +</OOBE> +<UserAccounts> +<AdministratorPassword> +<Value>@@Pass@@</Value> +<PlainText>true</PlainText> +</AdministratorPassword> +<LocalAccounts> +<LocalAccount wcm:action="add"> +<Description>@@User@@</Description> +<DisplayName>@@User@@</DisplayName> +<Group>Administrators</Group> +<Name>@@User@@</Name> +</LocalAccount> +</LocalAccounts> +</UserAccounts> +<RegisteredOrganization></RegisteredOrganization> +<RegisteredOwner>@@User@@</RegisteredOwner> +<DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet> +<TimeZone>W. Europe Standard Time</TimeZone> +</component> +</settings> +</unattend> \ No newline at end of file diff --git a/Configs/unattend/unattend.win2016_regularboot.xml b/Configs/unattend/unattend.win2016_regularboot.xml new file mode 100755 index 0000000..f082479 --- /dev/null +++ b/Configs/unattend/unattend.win2016_regularboot.xml @@ -0,0 +1,163 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend"> +<settings pass="windowsPE"> +<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SetupUILanguage> +<UILanguage>en-US</UILanguage> +</SetupUILanguage> +<InputLocale>0c09:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<ImageInstall> +<OSImage> +<InstallTo> +<DiskID>0</DiskID> +<PartitionID>2</PartitionID> +</InstallTo> +</OSImage> +</ImageInstall> +<UserData> +<AcceptEula>true</AcceptEula> +<FullName>outflank</FullName> +<Organization></Organization> +<ProductKey> +<Key>WC2BQ-8NRM3-FDDYY-2BFGV-KHKQY</Key> +</ProductKey> +</UserData> +<EnableFirewall>false</EnableFirewall> +<DiskConfiguration> +<Disk wcm:action="add"> +<CreatePartitions> +<CreatePartition wcm:action="add"> +<Order>1</Order> +<Size>350</Size> +<Type>Primary</Type> +</CreatePartition> +<CreatePartition wcm:action="add"> +<Extend>true</Extend> +<Order>2</Order> +<Type>Primary</Type> +</CreatePartition> +</CreatePartitions> +<ModifyPartitions> +<ModifyPartition wcm:action="add"> +<Format>NTFS</Format> +<Label>System</Label> +<Order>1</Order> +<PartitionID>1</PartitionID> +<TypeID>0x27</TypeID> +</ModifyPartition> +<ModifyPartition wcm:action="add"> +<Order>2</Order> +<PartitionID>2</PartitionID> +<Letter>C</Letter> +<Label>OS</Label> +<Format>NTFS</Format> +</ModifyPartition> +</ModifyPartitions> +<DiskID>0</DiskID> +<WillWipeDisk>true</WillWipeDisk> +</Disk> +</DiskConfiguration> +</component> +</settings> +<settings pass="offlineServicing"> +<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<EnableLUA>false</EnableLUA> +</component> +</settings> +<settings pass="generalize"> +<component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipRearm>1</SkipRearm> +</component> +</settings> +<settings pass="specialize"> +<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<InputLocale>0409:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipAutoActivation>true</SkipAutoActivation> +</component> +<component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<CEIPEnabled>0</CEIPEnabled> +</component> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<ComputerName>UNATTEND2016</ComputerName> +</component> +</settings> +<settings pass="oobeSystem"> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<AutoLogon> +<Password> +<Value>Outflank123</Value> +<PlainText>true</PlainText> +</Password> +<Enabled>true</Enabled> +<Username>outflank</Username> +</AutoLogon> +<OOBE> +<HideEULAPage>true</HideEULAPage> +<HideLocalAccountScreen>true</HideLocalAccountScreen> +<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> +<HideOnlineAccountScreens>true</HideOnlineAccountScreens> +<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> +<NetworkLocation>Work</NetworkLocation> +<ProtectYourPC>3</ProtectYourPC> +<SkipMachineOOBE>true</SkipMachineOOBE> +<SkipUserOOBE>true</SkipUserOOBE> +</OOBE> +<UserAccounts> +<LocalAccounts> +<LocalAccount wcm:action="add"> +<Password> +<Value>Outflank123</Value> +<PlainText>true</PlainText> +</Password> +<Description></Description> +<DisplayName>Outflank</DisplayName> +<Group>Administrators</Group> +<Name>Outflank</Name> +</LocalAccount> +</LocalAccounts> +</UserAccounts> +<RegisteredOrganization></RegisteredOrganization> +<RegisteredOwner>outflank</RegisteredOwner> +<DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet> +<FirstLogonCommands> +<SynchronousCommand wcm:action="add"> + <Order>1</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "$NLMType = [Type]::GetTypeFromCLSID('DCB00C01-570F-4A9B-8D69-199FDBA5723B');$INetworkListManager = [Activator]::CreateInstance($NLMType);$INetworks = $INetworkListManager.GetNetworks(1);foreach ($INetwork in $INetworks) { $INetwork.SetCategory(0x01) }"</CommandLine> + <Description>Change network type to Private</Description> +</SynchronousCommand> +<SynchronousCommand wcm:action="add"> + <Order>2</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd.exe /c "netsh advfirewall set allprofiles state off"</CommandLine> + <Description>Disable Windows Firewall</Description> +</SynchronousCommand> +<SynchronousCommand wcm:action="add"> + <Order>3</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Set-WsManQuickConfig -Force"</CommandLine> + <Description>Enable WsMan</Description> +</SynchronousCommand> +<SynchronousCommand wcm:action="add"> + <Order>4</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Enable-PSRemoting -Force"</CommandLine> + <Description>Enable PowerShell Remoting</Description> +</SynchronousCommand> +</FirstLogonCommands> +<TimeZone>W. Europe Standard Time</TimeZone> +</component> +</settings> +</unattend> \ No newline at end of file diff --git a/Configs/unattend/unattend.win7.xml b/Configs/unattend/unattend.win7.xml new file mode 100755 index 0000000..c57d01e --- /dev/null +++ b/Configs/unattend/unattend.win7.xml @@ -0,0 +1,337 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend"> + <settings pass="windowsPE"> + <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <SetupUILanguage> + <UILanguage>en-US</UILanguage> + </SetupUILanguage> + <InputLocale>1033:00000409</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <SetupUILanguage> + <UILanguage>en-US</UILanguage> + </SetupUILanguage> + <InputLocale>1033:00000409</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <Diagnostics> + <OptIn>false</OptIn> + </Diagnostics> + <UserData> + <AcceptEula>true</AcceptEula> + <FullName>@@User@@</FullName> + <Organization> + </Organization> + </UserData> + <EnableFirewall>false</EnableFirewall> + </component> + <component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <Diagnostics> + <OptIn>false</OptIn> + </Diagnostics> + <UserData> + <AcceptEula>true</AcceptEula> + <FullName>@@User@@</FullName> + <Organization> + </Organization> + </UserData> + <EnableFirewall>false</EnableFirewall> + </component> + </settings> + <settings pass="generalize"> + <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <SkipRearm>1</SkipRearm> + </component> + <component name="Microsoft-Windows-Security-SPP" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <SkipRearm>1</SkipRearm> + </component> + </settings> + <settings pass="specialize"> + <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <SkipAutoActivation>false</SkipAutoActivation> + </component> + <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <SkipAutoActivation>false</SkipAutoActivation> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <ComputerName>@@Hostname@@</ComputerName> + <ProductKey>YDRBP-3D83W-TY26F-D46B2-XCKRJ</ProductKey> + <TimeZone>W. Europe Standard Time</TimeZone> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <ComputerName>@@Hostname@@</ComputerName> + <ProductKey>YDRBP-3D83W-TY26F-D46B2-XCKRJ</ProductKey> + <TimeZone>W. Europe Standard Time</TimeZone> + </component> + <component name="Microsoft-Windows-TCPIP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <Interfaces> + <Interface wcm:action="add"> + <Ipv4Settings> + <DhcpEnabled>False</DhcpEnabled> + </Ipv4Settings> + <Identifier>@@Net1_MAC@@</Identifier> + <UnicastIpAddresses> + <IpAddress wcm:action="add" wcm:keyValue="1">@@Net1_IP@@</IpAddress> + </UnicastIpAddresses> + <Routes> + <Route wcm:action="add"> + <Identifier>0</Identifier> + <Prefix>0.0.0.0/0</Prefix> + <NextHopAddress>@@Net1_GW@@</NextHopAddress> + </Route> + </Routes> + </Interface> + </Interfaces> + </component> + <component name="Microsoft-Windows-TCPIP" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <Interfaces> + <Interface wcm:action="add"> + <Ipv4Settings> + <DhcpEnabled>False</DhcpEnabled> + </Ipv4Settings> + <Identifier>@@Net1_MAC@@</Identifier> + <UnicastIpAddresses> + <IpAddress wcm:action="add" wcm:keyValue="1">@@Net1_IP@@</IpAddress> + </UnicastIpAddresses> + <Routes> + <Route wcm:action="add"> + <Identifier>0</Identifier> + <Prefix>0.0.0.0/0</Prefix> + <NextHopAddress>@@Net1_GW@@</NextHopAddress> + </Route> + </Routes> + </Interface> + </Interfaces> + </component> + <component name="Microsoft-Windows-DNS-Client" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <Interfaces> + <Interface wcm:action="add"> + <DNSServerSearchOrder> + <IpAddress wcm:action="add" wcm:keyValue="1">@@Net1_DNS@@</IpAddress> + </DNSServerSearchOrder> + <Identifier>@@Net1_MAC@@</Identifier> + </Interface> + </Interfaces> + </component> + <component name="Microsoft-Windows-DNS-Client" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <Interfaces> + <Interface wcm:action="add"> + <DNSServerSearchOrder> + <IpAddress wcm:action="add" wcm:keyValue="1">@@Net1_DNS@@</IpAddress> + </DNSServerSearchOrder> + <Identifier>@@Net1_MAC@@</Identifier> + </Interface> + </Interfaces> + </component> + </settings> + <settings pass="oobeSystem"> + <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <InputLocale>1033:00000409</InputLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <InputLocale>1033:00000409</InputLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <AutoLogon> + <Password> + <Value>@@Pass@@</Value> + <PlainText>true</PlainText> + </Password> + <Enabled>true</Enabled> + <LogonCount>1</LogonCount> + <Username>@@User@@</Username> + </AutoLogon> + <RegisteredOwner>@@User@@</RegisteredOwner> + <OOBE> + <HideEULAPage>true</HideEULAPage> + <NetworkLocation>Work</NetworkLocation> + <ProtectYourPC>3</ProtectYourPC> + <HideWirelessSetupInOOBE>false</HideWirelessSetupInOOBE> + <SkipMachineOOBE>true</SkipMachineOOBE> + <SkipUserOOBE>true</SkipUserOOBE> + </OOBE> + <DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet> + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <RequiresUserInput>false</RequiresUserInput> + <Order>1</Order> + <Description>Disable Auto Updates</Description> + <CommandLine>reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v AUOptions /t REG_DWORD /d 1 /f</CommandLine> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Description>Control Panel View</Description> + <Order>2</Order> + <CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v StartupPage /t REG_DWORD /d 1 /f</CommandLine> + <RequiresUserInput>true</RequiresUserInput> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <Description>Control Panel Icon Size</Description> + <RequiresUserInput>false</RequiresUserInput> + <CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v AllItemsIconView /t REG_DWORD /d 0 /f</CommandLine> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd /c reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f</CommandLine> + <Description>Disable LUA</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd /c reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 0 /f</CommandLine> + <Description>Disable LUA2</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "$NLMType = [Type]::GetTypeFromCLSID('DCB00C01-570F-4A9B-8D69-199FDBA5723B');$INetworkListManager = [Activator]::CreateInstance($NLMType);$INetworks = $INetworkListManager.GetNetworks(1);foreach ($INetwork in $INetworks) { $INetwork.SetCategory(0x01) }"</CommandLine> + <Description>Change network type to Private</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd.exe /c "netsh advfirewall set allprofiles state off"</CommandLine> + <Description>Disable Windows Firewall</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>8</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Set-WsManQuickConfig -Force"</CommandLine> + <Description>Enable WsMan</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>9</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Enable-PSRemoting -Force"</CommandLine> + <Description>Enable PowerShell Remoting</Description> + </SynchronousCommand> + </FirstLogonCommands> + <UserAccounts> + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Password> + <Value>@@Pass@@</Value> + <PlainText>true</PlainText> + </Password> + <Description> + </Description> + <DisplayName>@@User@@</DisplayName> + <Group>Administrators</Group> + <Name>@@User@@</Name> + </LocalAccount> + </LocalAccounts> + </UserAccounts> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <AutoLogon> + <Password> + <Value>@@Pass@@</Value> + <PlainText>true</PlainText> + </Password> + <Enabled>true</Enabled> + <LogonCount>1</LogonCount> + <Username>@@User@@</Username> + </AutoLogon> + <RegisteredOwner>@@User@@</RegisteredOwner> + <OOBE> + <HideEULAPage>true</HideEULAPage> + <NetworkLocation>Work</NetworkLocation> + <ProtectYourPC>3</ProtectYourPC> + <HideWirelessSetupInOOBE>false</HideWirelessSetupInOOBE> + <SkipMachineOOBE>true</SkipMachineOOBE> + <SkipUserOOBE>true</SkipUserOOBE> + </OOBE> + <DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet> + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <RequiresUserInput>false</RequiresUserInput> + <Order>1</Order> + <Description>Disable Auto Updates</Description> + <CommandLine>reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v AUOptions /t REG_DWORD /d 1 /f</CommandLine> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Description>Control Panel View</Description> + <Order>2</Order> + <CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v StartupPage /t REG_DWORD /d 1 /f</CommandLine> + <RequiresUserInput>true</RequiresUserInput> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <Description>Control Panel Icon Size</Description> + <RequiresUserInput>false</RequiresUserInput> + <CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v AllItemsIconView /t REG_DWORD /d 0 /f</CommandLine> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd /c reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f</CommandLine> + <Description>Disable LUA</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd /c reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 0 /f</CommandLine> + <Description>Disable LUA2</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "$NLMType = [Type]::GetTypeFromCLSID('DCB00C01-570F-4A9B-8D69-199FDBA5723B');$INetworkListManager = [Activator]::CreateInstance($NLMType);$INetworks = $INetworkListManager.GetNetworks(1);foreach ($INetwork in $INetworks) { $INetwork.SetCategory(0x01) }"</CommandLine> + <Description>Change network type to Private</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd.exe /c "netsh advfirewall set allprofiles state off"</CommandLine> + <Description>Disable Windows Firewall</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>8</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Set-WsManQuickConfig -Force"</CommandLine> + <Description>Enable WsMan</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>9</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Enable-PSRemoting -Force"</CommandLine> + <Description>Enable PowerShell Remoting</Description> + </SynchronousCommand> + </FirstLogonCommands> + <UserAccounts> + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Password> + <Value>@@Pass@@</Value> + <PlainText>true</PlainText> + </Password> + <Description> + </Description> + <DisplayName>@@User@@</DisplayName> + <Group>Administrators</Group> + <Name>@@User@@</Name> + </LocalAccount> + </LocalAccounts> + </UserAccounts> + </component> + </settings> + <settings pass="offlineServicing"> + <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <EnableLUA>false</EnableLUA> + </component> + <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <EnableLUA>false</EnableLUA> + </component> + </settings> +</unattend> \ No newline at end of file diff --git a/Configs/unattend/unattend.win7_regularboot.xml b/Configs/unattend/unattend.win7_regularboot.xml new file mode 100755 index 0000000..49ff7b0 --- /dev/null +++ b/Configs/unattend/unattend.win7_regularboot.xml @@ -0,0 +1,277 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend"> + <settings pass="windowsPE"> + <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <SetupUILanguage> + <UILanguage>en-US</UILanguage> + </SetupUILanguage> + <InputLocale>1033:00000409</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <SetupUILanguage> + <UILanguage>en-US</UILanguage> + </SetupUILanguage> + <InputLocale>1033:00000409</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <Diagnostics> + <OptIn>false</OptIn> + </Diagnostics> + <UserData> + <AcceptEula>true</AcceptEula> + <FullName>Outflank</FullName> + <Organization> + </Organization> + </UserData> + <EnableFirewall>false</EnableFirewall> + </component> + <component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <Diagnostics> + <OptIn>false</OptIn> + </Diagnostics> + <UserData> + <AcceptEula>true</AcceptEula> + <FullName>Outflank</FullName> + <Organization> + </Organization> + </UserData> + <EnableFirewall>false</EnableFirewall> + </component> + </settings> + <settings pass="generalize"> + <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <SkipRearm>1</SkipRearm> + </component> + <component name="Microsoft-Windows-Security-SPP" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <SkipRearm>1</SkipRearm> + </component> + </settings> + <settings pass="specialize"> + <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <SkipAutoActivation>false</SkipAutoActivation> + </component> + <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <SkipAutoActivation>false</SkipAutoActivation> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <ComputerName>UNATTENDWIN7</ComputerName> + <ProductKey>YDRBP-3D83W-TY26F-D46B2-XCKRJ</ProductKey> + <TimeZone>W. Europe Standard Time</TimeZone> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <ComputerName>UNATTENDWIN7</ComputerName> + <ProductKey>YDRBP-3D83W-TY26F-D46B2-XCKRJ</ProductKey> + <TimeZone>W. Europe Standard Time</TimeZone> + </component> + </settings> + <settings pass="oobeSystem"> + <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <InputLocale>1033:00000409</InputLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <InputLocale>1033:00000409</InputLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <AutoLogon> + <Password> + <Value>Outflank123</Value> + <PlainText>true</PlainText> + </Password> + <Enabled>true</Enabled> + <LogonCount>3</LogonCount> + <Username>outflank</Username> + </AutoLogon> + <RegisteredOwner>Outflank</RegisteredOwner> + <OOBE> + <HideEULAPage>true</HideEULAPage> + <NetworkLocation>Work</NetworkLocation> + <ProtectYourPC>3</ProtectYourPC> + <HideWirelessSetupInOOBE>false</HideWirelessSetupInOOBE> + <SkipMachineOOBE>true</SkipMachineOOBE> + <SkipUserOOBE>true</SkipUserOOBE> + </OOBE> + <DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet> + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <RequiresUserInput>false</RequiresUserInput> + <Order>1</Order> + <Description>Disable Auto Updates</Description> + <CommandLine>reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v AUOptions /t REG_DWORD /d 1 /f</CommandLine> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Description>Control Panel View</Description> + <Order>2</Order> + <CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v StartupPage /t REG_DWORD /d 1 /f</CommandLine> + <RequiresUserInput>true</RequiresUserInput> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <Description>Control Panel Icon Size</Description> + <RequiresUserInput>false</RequiresUserInput> + <CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v AllItemsIconView /t REG_DWORD /d 0 /f</CommandLine> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd /c reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f</CommandLine> + <Description>Disable LUA</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd /c reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 0 /f</CommandLine> + <Description>Disable LUA2</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "$NLMType = [Type]::GetTypeFromCLSID('DCB00C01-570F-4A9B-8D69-199FDBA5723B');$INetworkListManager = [Activator]::CreateInstance($NLMType);$INetworks = $INetworkListManager.GetNetworks(1);foreach ($INetwork in $INetworks) { $INetwork.SetCategory(0x01) }"</CommandLine> + <Description>Change network type to Private</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd.exe /c "netsh advfirewall set allprofiles state off"</CommandLine> + <Description>Disable Windows Firewall</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>8</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Set-WsManQuickConfig -Force"</CommandLine> + <Description>Enable WsMan</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>9</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Enable-PSRemoting -Force"</CommandLine> + <Description>Enable PowerShell Remoting</Description> + </SynchronousCommand> + </FirstLogonCommands> + <UserAccounts> + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Password> + <Value>Outflank123</Value> + <PlainText>true</PlainText> + </Password> + <Description> + </Description> + <DisplayName>outflank</DisplayName> + <Group>Administrators</Group> + <Name>outflank</Name> + </LocalAccount> + </LocalAccounts> + </UserAccounts> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <AutoLogon> + <Password> + <Value>Outflank123</Value> + <PlainText>true</PlainText> + </Password> + <Enabled>true</Enabled> + <LogonCount>3</LogonCount> + <Username>outflank</Username> + </AutoLogon> + <RegisteredOwner>Outflank</RegisteredOwner> + <OOBE> + <HideEULAPage>true</HideEULAPage> + <NetworkLocation>Work</NetworkLocation> + <ProtectYourPC>3</ProtectYourPC> + <HideWirelessSetupInOOBE>false</HideWirelessSetupInOOBE> + <SkipMachineOOBE>true</SkipMachineOOBE> + <SkipUserOOBE>true</SkipUserOOBE> + </OOBE> + <DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet> + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <RequiresUserInput>false</RequiresUserInput> + <Order>1</Order> + <Description>Disable Auto Updates</Description> + <CommandLine>reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v AUOptions /t REG_DWORD /d 1 /f</CommandLine> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Description>Control Panel View</Description> + <Order>2</Order> + <CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v StartupPage /t REG_DWORD /d 1 /f</CommandLine> + <RequiresUserInput>true</RequiresUserInput> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>3</Order> + <Description>Control Panel Icon Size</Description> + <RequiresUserInput>false</RequiresUserInput> + <CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v AllItemsIconView /t REG_DWORD /d 0 /f</CommandLine> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd /c reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f</CommandLine> + <Description>Disable LUA</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd /c reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 0 /f</CommandLine> + <Description>Disable LUA2</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "$NLMType = [Type]::GetTypeFromCLSID('DCB00C01-570F-4A9B-8D69-199FDBA5723B');$INetworkListManager = [Activator]::CreateInstance($NLMType);$INetworks = $INetworkListManager.GetNetworks(1);foreach ($INetwork in $INetworks) { $INetwork.SetCategory(0x01) }"</CommandLine> + <Description>Change network type to Private</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd.exe /c "netsh advfirewall set allprofiles state off"</CommandLine> + <Description>Disable Windows Firewall</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>8</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Set-WsManQuickConfig -Force"</CommandLine> + <Description>Enable WsMan</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>9</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Enable-PSRemoting -Force"</CommandLine> + <Description>Enable PowerShell Remoting</Description> + </SynchronousCommand> + </FirstLogonCommands> + <UserAccounts> + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Password> + <Value>Outflank123</Value> + <PlainText>true</PlainText> + </Password> + <Description> + </Description> + <DisplayName>outflank</DisplayName> + <Group>Administrators</Group> + <Name>outflank</Name> + </LocalAccount> + </LocalAccounts> + </UserAccounts> + </component> + </settings> + <settings pass="offlineServicing"> + <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <EnableLUA>false</EnableLUA> + </component> + <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <EnableLUA>false</EnableLUA> + </component> + </settings> +</unattend> \ No newline at end of file diff --git a/Configs/unattend/unattend.win8.1.xml b/Configs/unattend/unattend.win8.1.xml new file mode 100755 index 0000000..6b7aa3c --- /dev/null +++ b/Configs/unattend/unattend.win8.1.xml @@ -0,0 +1,427 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend"> +<settings pass="windowsPE"> +<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SetupUILanguage> +<UILanguage>en-US</UILanguage> +</SetupUILanguage> +<InputLocale>0409:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SetupUILanguage> +<UILanguage>en-US</UILanguage> +</SetupUILanguage> +<InputLocale>0409:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<DiskConfiguration> +<Disk wcm:action="add"> +<CreatePartitions> +<CreatePartition wcm:action="add"> +<Order>1</Order> +<Type>Primary</Type> +<Size>100</Size> +</CreatePartition> +<CreatePartition wcm:action="add"> +<Extend>true</Extend> +<Order>2</Order> +<Type>Primary</Type> +</CreatePartition> +</CreatePartitions> +<ModifyPartitions> +<ModifyPartition wcm:action="add"> +<Active>true</Active> +<Format>NTFS</Format> +<Label>System Reserved</Label> +<Order>1</Order> +<PartitionID>1</PartitionID> +<TypeID>0x27</TypeID> +</ModifyPartition> +<ModifyPartition wcm:action="add"> +<Active>true</Active> +<Format>NTFS</Format> +<Label>OS</Label> +<Letter>C</Letter> +<Order>2</Order> +<PartitionID>2</PartitionID> +</ModifyPartition> +</ModifyPartitions> +<DiskID>0</DiskID> +<WillWipeDisk>true</WillWipeDisk> +</Disk> +</DiskConfiguration> +<ImageInstall> +<OSImage> +<InstallTo> +<DiskID>0</DiskID> +<PartitionID>2</PartitionID> +</InstallTo> +<InstallToAvailablePartition>false</InstallToAvailablePartition> +</OSImage> +</ImageInstall> +<UserData> +<AcceptEula>true</AcceptEula> +<FullName>@@User@@</FullName> +<Organization></Organization> +</UserData> +<EnableFirewall>false</EnableFirewall> +</component> +<component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<DiskConfiguration> +<Disk wcm:action="add"> +<CreatePartitions> +<CreatePartition wcm:action="add"> +<Order>1</Order> +<Type>Primary</Type> +<Size>100</Size> +</CreatePartition> +<CreatePartition wcm:action="add"> +<Extend>true</Extend> +<Order>2</Order> +<Type>Primary</Type> +</CreatePartition> +</CreatePartitions> +<ModifyPartitions> +<ModifyPartition wcm:action="add"> +<Active>true</Active> +<Format>NTFS</Format> +<Label>System Reserved</Label> +<Order>1</Order> +<PartitionID>1</PartitionID> +<TypeID>0x27</TypeID> +</ModifyPartition> +<ModifyPartition wcm:action="add"> +<Active>true</Active> +<Format>NTFS</Format> +<Label>OS</Label> +<Letter>C</Letter> +<Order>2</Order> +<PartitionID>2</PartitionID> +</ModifyPartition> +</ModifyPartitions> +<DiskID>0</DiskID> +<WillWipeDisk>true</WillWipeDisk> +</Disk> +</DiskConfiguration> +<ImageInstall> +<OSImage> +<InstallTo> +<DiskID>0</DiskID> +<PartitionID>2</PartitionID> +</InstallTo> +<InstallToAvailablePartition>false</InstallToAvailablePartition> +</OSImage> +</ImageInstall> +<UserData> +<AcceptEula>true</AcceptEula> +<FullName>@@User@@</FullName> +<Organization></Organization> +</UserData> +<EnableFirewall>false</EnableFirewall> +</component> +</settings> +<settings pass="offlineServicing"> +<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<EnableLUA>false</EnableLUA> +</component> +</settings> +<settings pass="offlineServicing"> +<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<EnableLUA>false</EnableLUA> +</component> +</settings> +<settings pass="generalize"> +<component name="Microsoft-Windows-Security-SPP" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipRearm>1</SkipRearm> +</component> +</settings> +<settings pass="generalize"> +<component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipRearm>1</SkipRearm> +</component> +</settings> +<settings pass="specialize"> +<component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<InputLocale>0409:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<InputLocale>0409:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipAutoActivation>true</SkipAutoActivation> +</component> +<component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipAutoActivation>true</SkipAutoActivation> +</component> +<component name="Microsoft-Windows-SQMApi" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<CEIPEnabled>0</CEIPEnabled> +</component> +<component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<CEIPEnabled>0</CEIPEnabled> +</component> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<ComputerName>@@hostname@@</ComputerName> +<ProductKey>GCRJD-8NW9H-F2CDX-CCM8D-9D6T9</ProductKey> +</component> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<ComputerName>@@hostname@@</ComputerName> +<ProductKey>GCRJD-8NW9H-F2CDX-CCM8D-9D6T9</ProductKey> +</component> + <component name="Microsoft-Windows-TCPIP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <Interfaces> + <Interface wcm:action="add"> + <Ipv4Settings> + <DhcpEnabled>False</DhcpEnabled> + </Ipv4Settings> + <Identifier>@@Net1_MAC@@</Identifier> + <UnicastIpAddresses> + <IpAddress wcm:action="add" wcm:keyValue="1">@@Net1_IP@@</IpAddress> + </UnicastIpAddresses> + <Routes> + <Route wcm:action="add"> + <Identifier>0</Identifier> + <Prefix>0.0.0.0/0</Prefix> + <NextHopAddress>@@Net1_GW@@</NextHopAddress> + </Route> + </Routes> + </Interface> + </Interfaces> + </component> + <component name="Microsoft-Windows-TCPIP" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <Interfaces> + <Interface wcm:action="add"> + <Ipv4Settings> + <DhcpEnabled>False</DhcpEnabled> + </Ipv4Settings> + <Identifier>@@Net1_MAC@@</Identifier> + <UnicastIpAddresses> + <IpAddress wcm:action="add" wcm:keyValue="1">@@Net1_IP@@</IpAddress> + </UnicastIpAddresses> + <Routes> + <Route wcm:action="add"> + <Identifier>0</Identifier> + <Prefix>0.0.0.0/0</Prefix> + <NextHopAddress>@@Net1_GW@@</NextHopAddress> + </Route> + </Routes> + </Interface> + </Interfaces> + </component> + <component name="Microsoft-Windows-DNS-Client" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <Interfaces> + <Interface wcm:action="add"> + <DNSServerSearchOrder> + <IpAddress wcm:action="add" wcm:keyValue="1">@@Net1_DNS@@</IpAddress> + </DNSServerSearchOrder> + <Identifier>@@Net1_MAC@@</Identifier> + </Interface> + </Interfaces> + </component> + <component name="Microsoft-Windows-DNS-Client" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <Interfaces> + <Interface wcm:action="add"> + <DNSServerSearchOrder> + <IpAddress wcm:action="add" wcm:keyValue="1">@@Net1_DNS@@</IpAddress> + </DNSServerSearchOrder> + <Identifier>@@Net1_MAC@@</Identifier> + </Interface> + </Interfaces> + </component> +</settings> +<settings pass="oobeSystem"> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<AutoLogon> + <Password> + <Value>@@Pass@@</Value> + <PlainText>true</PlainText> + </Password> + <Enabled>true</Enabled> + <LogonCount>1</LogonCount> + <Username>@@User@@</Username> +</AutoLogon> +<OOBE> +<HideEULAPage>true</HideEULAPage> +<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> +<HideOnlineAccountScreens>true</HideOnlineAccountScreens> +<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> +<NetworkLocation>Work</NetworkLocation> +<ProtectYourPC>3</ProtectYourPC> +<SkipUserOOBE>true</SkipUserOOBE> +<SkipMachineOOBE>true</SkipMachineOOBE> +</OOBE> +<UserAccounts> +<LocalAccounts> +<LocalAccount wcm:action="add"> +<Password> +<Value>@@Pass@@</Value> +<PlainText>true</PlainText> +</Password> +<Description></Description> +<DisplayName>@@User@@</DisplayName> +<Group>Administrators</Group> +<Name>@@User@@</Name> +</LocalAccount> +</LocalAccounts> +</UserAccounts> +<RegisteredOrganization></RegisteredOrganization> +<RegisteredOwner>@@User@@</RegisteredOwner> +<DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet> +<FirstLogonCommands> +<SynchronousCommand wcm:action="add"> +<RequiresUserInput>false</RequiresUserInput> +<Order>1</Order> +<Description>Disable Auto Updates</Description> +<CommandLine>reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v AUOptions /t REG_DWORD /d 1 /f</CommandLine> +</SynchronousCommand> +<SynchronousCommand wcm:action="add"> +<Description>Control Panel View</Description> +<Order>2</Order> +<CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v StartupPage /t REG_DWORD /d 1 /f</CommandLine> +<RequiresUserInput>true</RequiresUserInput> +</SynchronousCommand> +<SynchronousCommand wcm:action="add"> +<Order>3</Order> +<Description>Control Panel Icon Size</Description> +<RequiresUserInput>false</RequiresUserInput> +<CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v AllItemsIconView /t REG_DWORD /d 0 /f</CommandLine> +</SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "$NLMType = [Type]::GetTypeFromCLSID('DCB00C01-570F-4A9B-8D69-199FDBA5723B');$INetworkListManager = [Activator]::CreateInstance($NLMType);$INetworks = $INetworkListManager.GetNetworks(1);foreach ($INetwork in $INetworks) { $INetwork.SetCategory(0x01) }"</CommandLine> + <Description>Change network type to Private</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd.exe /c "netsh advfirewall set allprofiles state off"</CommandLine> + <Description>Disable Windows Firewall</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Set-WsManQuickConfig -Force"</CommandLine> + <Description>Enable WsMan</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Enable-PSRemoting -Force"</CommandLine> + <Description>Enable PowerShell Remoting</Description> + </SynchronousCommand> +</FirstLogonCommands> +<TimeZone>W. Europe Standard Time</TimeZone> +<VisualEffects> +<SystemDefaultBackgroundColor>2</SystemDefaultBackgroundColor> +</VisualEffects> +</component> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<AutoLogon> +<Password> +<Value>@@Pass@@</Value> +<PlainText>true</PlainText> +</Password> +<Enabled>true</Enabled> +<LogonCount>1</LogonCount> +<Username>@@User@@</Username> +</AutoLogon> +<OOBE> +<HideEULAPage>true</HideEULAPage> +<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> +<HideOnlineAccountScreens>true</HideOnlineAccountScreens> +<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> +<NetworkLocation>Work</NetworkLocation> +<ProtectYourPC>3</ProtectYourPC> +<SkipUserOOBE>true</SkipUserOOBE> +<SkipMachineOOBE>true</SkipMachineOOBE> +</OOBE> +<UserAccounts> +<LocalAccounts> +<LocalAccount wcm:action="add"> +<Password> +<Value>@@Pass@@</Value> +<PlainText>true</PlainText> +</Password> +<Description></Description> +<DisplayName>@@User@@</DisplayName> +<Group>Administrators</Group> +<Name>@@User@@</Name> +</LocalAccount> +</LocalAccounts> +</UserAccounts> +<RegisteredOrganization></RegisteredOrganization> +<RegisteredOwner>@@User@@</RegisteredOwner> +<DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet> +<FirstLogonCommands> +<SynchronousCommand wcm:action="add"> +<RequiresUserInput>false</RequiresUserInput> +<Order>1</Order> +<Description>Disable Auto Updates</Description> +<CommandLine>reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v AUOptions /t REG_DWORD /d 1 /f</CommandLine> +</SynchronousCommand> +<SynchronousCommand wcm:action="add"> +<Description>Control Panel View</Description> +<Order>2</Order> +<CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v StartupPage /t REG_DWORD /d 1 /f</CommandLine> +<RequiresUserInput>true</RequiresUserInput> +</SynchronousCommand> +<SynchronousCommand wcm:action="add"> +<Order>3</Order> +<Description>Control Panel Icon Size</Description> +<RequiresUserInput>false</RequiresUserInput> +<CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v AllItemsIconView /t REG_DWORD /d 0 /f</CommandLine> +</SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "$NLMType = [Type]::GetTypeFromCLSID('DCB00C01-570F-4A9B-8D69-199FDBA5723B');$INetworkListManager = [Activator]::CreateInstance($NLMType);$INetworks = $INetworkListManager.GetNetworks(1);foreach ($INetwork in $INetworks) { $INetwork.SetCategory(0x01) }"</CommandLine> + <Description>Change network type to Private</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd.exe /c "netsh advfirewall set allprofiles state off"</CommandLine> + <Description>Disable Windows Firewall</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Set-WsManQuickConfig -Force"</CommandLine> + <Description>Enable WsMan</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Enable-PSRemoting -Force"</CommandLine> + <Description>Enable PowerShell Remoting</Description> + </SynchronousCommand> +</FirstLogonCommands> +<TimeZone>W. Europe Standard Time</TimeZone> +<VisualEffects> +<SystemDefaultBackgroundColor>2</SystemDefaultBackgroundColor> +</VisualEffects> +</component> +<component name="Microsoft-Windows-ehome-reg-inf" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="NonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<RestartEnabled>true</RestartEnabled> +</component> +<component name="Microsoft-Windows-ehome-reg-inf" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="NonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<RestartEnabled>true</RestartEnabled> +</component> +</settings> +</unattend> \ No newline at end of file diff --git a/Configs/unattend/unattend.win8.1_regularboot.xml b/Configs/unattend/unattend.win8.1_regularboot.xml new file mode 100755 index 0000000..622c5fb --- /dev/null +++ b/Configs/unattend/unattend.win8.1_regularboot.xml @@ -0,0 +1,365 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend"> +<settings pass="windowsPE"> +<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SetupUILanguage> +<UILanguage>en-US</UILanguage> +</SetupUILanguage> +<InputLocale>0409:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SetupUILanguage> +<UILanguage>en-US</UILanguage> +</SetupUILanguage> +<InputLocale>0409:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<DiskConfiguration> +<Disk wcm:action="add"> +<CreatePartitions> +<CreatePartition wcm:action="add"> +<Order>1</Order> +<Type>Primary</Type> +<Size>100</Size> +</CreatePartition> +<CreatePartition wcm:action="add"> +<Extend>true</Extend> +<Order>2</Order> +<Type>Primary</Type> +</CreatePartition> +</CreatePartitions> +<ModifyPartitions> +<ModifyPartition wcm:action="add"> +<Active>true</Active> +<Format>NTFS</Format> +<Label>System Reserved</Label> +<Order>1</Order> +<PartitionID>1</PartitionID> +<TypeID>0x27</TypeID> +</ModifyPartition> +<ModifyPartition wcm:action="add"> +<Active>true</Active> +<Format>NTFS</Format> +<Label>OS</Label> +<Letter>C</Letter> +<Order>2</Order> +<PartitionID>2</PartitionID> +</ModifyPartition> +</ModifyPartitions> +<DiskID>0</DiskID> +<WillWipeDisk>true</WillWipeDisk> +</Disk> +</DiskConfiguration> +<ImageInstall> +<OSImage> +<InstallTo> +<DiskID>0</DiskID> +<PartitionID>2</PartitionID> +</InstallTo> +<InstallToAvailablePartition>false</InstallToAvailablePartition> +</OSImage> +</ImageInstall> +<UserData> +<AcceptEula>true</AcceptEula> +<FullName>Outflank</FullName> +<Organization>Outflank</Organization> +</UserData> +<EnableFirewall>false</EnableFirewall> +</component> +<component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<DiskConfiguration> +<Disk wcm:action="add"> +<CreatePartitions> +<CreatePartition wcm:action="add"> +<Order>1</Order> +<Type>Primary</Type> +<Size>100</Size> +</CreatePartition> +<CreatePartition wcm:action="add"> +<Extend>true</Extend> +<Order>2</Order> +<Type>Primary</Type> +</CreatePartition> +</CreatePartitions> +<ModifyPartitions> +<ModifyPartition wcm:action="add"> +<Active>true</Active> +<Format>NTFS</Format> +<Label>System Reserved</Label> +<Order>1</Order> +<PartitionID>1</PartitionID> +<TypeID>0x27</TypeID> +</ModifyPartition> +<ModifyPartition wcm:action="add"> +<Active>true</Active> +<Format>NTFS</Format> +<Label>OS</Label> +<Letter>C</Letter> +<Order>2</Order> +<PartitionID>2</PartitionID> +</ModifyPartition> +</ModifyPartitions> +<DiskID>0</DiskID> +<WillWipeDisk>true</WillWipeDisk> +</Disk> +</DiskConfiguration> +<ImageInstall> +<OSImage> +<InstallTo> +<DiskID>0</DiskID> +<PartitionID>2</PartitionID> +</InstallTo> +<InstallToAvailablePartition>false</InstallToAvailablePartition> +</OSImage> +</ImageInstall> +<UserData> +<AcceptEula>true</AcceptEula> +<FullName>Outflank</FullName> +<Organization></Organization> +</UserData> +<EnableFirewall>false</EnableFirewall> +</component> +</settings> +<settings pass="offlineServicing"> +<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<EnableLUA>false</EnableLUA> +</component> +</settings> +<settings pass="offlineServicing"> +<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<EnableLUA>false</EnableLUA> +</component> +</settings> +<settings pass="generalize"> +<component name="Microsoft-Windows-Security-SPP" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipRearm>1</SkipRearm> +</component> +</settings> +<settings pass="generalize"> +<component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipRearm>1</SkipRearm> +</component> +</settings> +<settings pass="specialize"> +<component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<InputLocale>0409:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<InputLocale>0409:00000409</InputLocale> +<SystemLocale>en-US</SystemLocale> +<UILanguage>en-US</UILanguage> +<UILanguageFallback>en-US</UILanguageFallback> +<UserLocale>en-US</UserLocale> +</component> +<component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipAutoActivation>true</SkipAutoActivation> +</component> +<component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<SkipAutoActivation>true</SkipAutoActivation> +</component> +<component name="Microsoft-Windows-SQMApi" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<CEIPEnabled>0</CEIPEnabled> +</component> +<component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<CEIPEnabled>0</CEIPEnabled> +</component> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<ComputerName>UNATTENDWIN81</ComputerName> +<ProductKey>GCRJD-8NW9H-F2CDX-CCM8D-9D6T9</ProductKey> +</component> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<ComputerName>UNATTENDWIN81</ComputerName> +<ProductKey>GCRJD-8NW9H-F2CDX-CCM8D-9D6T9</ProductKey> +</component> +</settings> +<settings pass="oobeSystem"> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<AutoLogon> +<Password> +<Value>Outflank123</Value> +<PlainText>true</PlainText> +</Password> +<Enabled>true</Enabled> +<Username>outflank</Username> +</AutoLogon> +<OOBE> +<HideEULAPage>true</HideEULAPage> +<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> +<HideOnlineAccountScreens>true</HideOnlineAccountScreens> +<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> +<NetworkLocation>Work</NetworkLocation> +<ProtectYourPC>3</ProtectYourPC> +<SkipUserOOBE>true</SkipUserOOBE> +<SkipMachineOOBE>true</SkipMachineOOBE> +</OOBE> +<UserAccounts> +<LocalAccounts> +<LocalAccount wcm:action="add"> +<Password> +<Value>Outflank123</Value> +<PlainText>true</PlainText> +</Password> +<Description></Description> +<DisplayName>outflank</DisplayName> +<Group>Administrators</Group> +<Name>outflank</Name> +</LocalAccount> +</LocalAccounts> +</UserAccounts> +<RegisteredOrganization></RegisteredOrganization> +<RegisteredOwner>Outflank</RegisteredOwner> +<DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet> +<FirstLogonCommands> +<SynchronousCommand wcm:action="add"> +<RequiresUserInput>false</RequiresUserInput> +<Order>1</Order> +<Description>Disable Auto Updates</Description> +<CommandLine>reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v AUOptions /t REG_DWORD /d 1 /f</CommandLine> +</SynchronousCommand> +<SynchronousCommand wcm:action="add"> +<Description>Control Panel View</Description> +<Order>2</Order> +<CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v StartupPage /t REG_DWORD /d 1 /f</CommandLine> +<RequiresUserInput>true</RequiresUserInput> +</SynchronousCommand> +<SynchronousCommand wcm:action="add"> +<Order>3</Order> +<Description>Control Panel Icon Size</Description> +<RequiresUserInput>false</RequiresUserInput> +<CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v AllItemsIconView /t REG_DWORD /d 0 /f</CommandLine> +</SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "$NLMType = [Type]::GetTypeFromCLSID('DCB00C01-570F-4A9B-8D69-199FDBA5723B');$INetworkListManager = [Activator]::CreateInstance($NLMType);$INetworks = $INetworkListManager.GetNetworks(1);foreach ($INetwork in $INetworks) { $INetwork.SetCategory(0x01) }"</CommandLine> + <Description>Change network type to Private</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd.exe /c "netsh advfirewall set allprofiles state off"</CommandLine> + <Description>Disable Windows Firewall</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Set-WsManQuickConfig -Force"</CommandLine> + <Description>Enable WsMan</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Enable-PSRemoting -Force"</CommandLine> + <Description>Enable PowerShell Remoting</Description> + </SynchronousCommand> +</FirstLogonCommands> +<TimeZone>W. Europe Standard Time</TimeZone> +<VisualEffects> +<SystemDefaultBackgroundColor>2</SystemDefaultBackgroundColor> +</VisualEffects> +</component> +<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<AutoLogon> +<Password> +<Value>Outflank123</Value> +<PlainText>true</PlainText> +</Password> +<Enabled>true</Enabled> +<Username>Outflank</Username> +</AutoLogon> +<OOBE> +<HideEULAPage>true</HideEULAPage> +<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> +<HideOnlineAccountScreens>true</HideOnlineAccountScreens> +<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> +<NetworkLocation>Work</NetworkLocation> +<ProtectYourPC>3</ProtectYourPC> +<SkipUserOOBE>true</SkipUserOOBE> +<SkipMachineOOBE>true</SkipMachineOOBE> +</OOBE> +<UserAccounts> +<LocalAccounts> +<LocalAccount wcm:action="add"> +<Password> +<Value>Outflank123</Value> +<PlainText>true</PlainText> +</Password> +<Description></Description> +<DisplayName>Outflank</DisplayName> +<Group>Administrators</Group> +<Name>Outflank</Name> +</LocalAccount> +</LocalAccounts> +</UserAccounts> +<RegisteredOrganization></RegisteredOrganization> +<RegisteredOwner>Outflank</RegisteredOwner> +<DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet> +<FirstLogonCommands> +<SynchronousCommand wcm:action="add"> +<RequiresUserInput>false</RequiresUserInput> +<Order>1</Order> +<Description>Disable Auto Updates</Description> +<CommandLine>reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v AUOptions /t REG_DWORD /d 1 /f</CommandLine> +</SynchronousCommand> +<SynchronousCommand wcm:action="add"> +<Description>Control Panel View</Description> +<Order>2</Order> +<CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v StartupPage /t REG_DWORD /d 1 /f</CommandLine> +<RequiresUserInput>true</RequiresUserInput> +</SynchronousCommand> +<SynchronousCommand wcm:action="add"> +<Order>3</Order> +<Description>Control Panel Icon Size</Description> +<RequiresUserInput>false</RequiresUserInput> +<CommandLine>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel" /v AllItemsIconView /t REG_DWORD /d 0 /f</CommandLine> +</SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>4</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "$NLMType = [Type]::GetTypeFromCLSID('DCB00C01-570F-4A9B-8D69-199FDBA5723B');$INetworkListManager = [Activator]::CreateInstance($NLMType);$INetworks = $INetworkListManager.GetNetworks(1);foreach ($INetwork in $INetworks) { $INetwork.SetCategory(0x01) }"</CommandLine> + <Description>Change network type to Private</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>5</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>cmd.exe /c "netsh advfirewall set allprofiles state off"</CommandLine> + <Description>Disable Windows Firewall</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>6</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Set-WsManQuickConfig -Force"</CommandLine> + <Description>Enable WsMan</Description> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>7</Order> + <RequiresUserInput>true</RequiresUserInput> + <CommandLine>powershell -Command "Enable-PSRemoting -Force"</CommandLine> + <Description>Enable PowerShell Remoting</Description> + </SynchronousCommand> +</FirstLogonCommands> +<TimeZone>W. Europe Standard Time</TimeZone> +<VisualEffects> +<SystemDefaultBackgroundColor>2</SystemDefaultBackgroundColor> +</VisualEffects> +</component> +<component name="Microsoft-Windows-ehome-reg-inf" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="NonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<RestartEnabled>true</RestartEnabled> +</component> +<component name="Microsoft-Windows-ehome-reg-inf" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="NonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> +<RestartEnabled>true</RestartEnabled> +</component> +</settings> +</unattend> \ No newline at end of file diff --git a/Disks/.gitkeep b/Disks/.gitkeep new file mode 100755 index 0000000..e69de29 diff --git a/Disks/parentdisks/.gitkeep b/Disks/parentdisks/.gitkeep new file mode 100755 index 0000000..e69de29 diff --git a/Invoke-ADLabDeployer.ps1 b/Invoke-ADLabDeployer.ps1 new file mode 100755 index 0000000..aa3ced1 --- /dev/null +++ b/Invoke-ADLabDeployer.ps1 @@ -0,0 +1,1109 @@ + +<# + Invoke-ADLabDeployer - Automated Windows and AD testlab deployments for red and blue teams + Author: Marc Smeets / Outflank B.V. + License: BSD 3-Clause + Version: 0.8 + Date: 30 March 2018 + Link: https://github.com/OutflankNL/Invoke-ADLabDeployer / https://outflank.nl/blog/2018/03/30/automated-ad-and-windows-test-lab-deployments-with-invoke-adlabdeployer + +#> + + +function Invoke-ADLabDeployer { + <# + .Synopsis + Start of the automated AD lab deployment. + + .DESCRIPTION + Main function to start for the automated lab deployment. Requires the following parameters: + 1. path to lab definition file. + 2. The name of the lab you want to build -as defined in the lab definition file. + + .EXAMPLE + Deploy the network LabX as defined in lab-config file .\configs\lab.xml + InvokeAD-LabDeployment -LabConfigFile configs\lab.xml -LabName LabX + + .EXAMPLE + Deploy a lab with verbose intermediate output + Invoke-ADLabDeployment -LabConfigFile configs\lab.xml -LabName LabX -Verbose + + .EXAMPLE + Check the configuration of LabX for validity + Invoke-LabDeployment -LabConfigFile configs\lab.xml -LabName LabX -CheckConfigOnly + + .EXAMPLE + Check the config andstore the resulting objects as local objects + $return_net,$return_sys,$return_adds = Invoke-ADLabDeployer -LabConfigFile configs\lab.xml -Name LabX -CheckConfigOnly + + .PARAMETER $LabConfigFile + The file containing the lab configuration - mandatory + + .PARAMETER $Name + The name of the lab inside the lab config file - mandatory + + .PARAMETER $CheckConfigOnly + When set will only parse the config file but will not deploy the lab - not mandatory + + #> + + [CmdletBinding()] + Param + ( + [Parameter(Mandatory = $True)] + [String] + [ValidateNotNullOrEmpty()] + $LabConfigFile, + + [Parameter(Mandatory=$True)] + [string] + $Name, + + [parameter(Mandatory=$false)] + [switch] + $CheckConfigOnly = $false + ) + + [hashtable]$HTSystems = [ordered]@{} # hash table with details of systems to deploy + [hashtable]$HTNetworks =[ordered]@{} # hash table with details of networks to deploy + [hashtable]$HTAdds =[ordered]@{} # hash table with details of AD domains to deploy + + if (-not($CheckConfigOnly)) { + Write-Verbose "[*] Start lab deployment" + $StartTime = Get-Date + } + + ## Opening the lab config file - exit on error. + try { + [xml]$LabConfig = Get-Content -Path "$LabConfigFile" + } + catch { + $_ + Write-Error "[X] ERROR: could not read $LabConfigFile. Now exiting." + Break + } + finally { + Write-Verbose "[+] Successfully opened $LabConfigFile" + } + + ## Getting network info from lab config file - exit on error. + try { + foreach ($Net in $LabConfig.SelectNodes("/Labs/Lab[@LabName=`""+ $Name + "`"]/Network")) { + [hashtable]$HTTempNetwork= [ordered]@{} + $HTTempNetwork.Add("NetName", $Net.NetName) + $HTTempNetwork.Add("Subnet", $Net.Subnet) + $HTTempNetwork.Add("GW", $Net.GW) + $HTNetworks.Add($Net.NetName, $HTTempNetwork) + Write-Verbose "[+] Successfully processed config of network: $($Net.NetName)" + } + } + catch { + Write-Error "[X] ERROR: could not process network config in XML. Exiting." + Break + } + finally { + Write-Verbose "[+] Successfully processed network config. Amount of networks read: $($HTNetworks.Count)." + } + + ## getting system config from lab config file - exit on error + try { + foreach ($VM in $LabConfig.SelectNodes("/Labs/Lab[@LabName=`""+ $Name + "`"]/System")) { + [hashtable]$HTTempSystem= [ordered]@{} + if (-not ($VM.SkipDeploy -like "True")) { + $HTTempSystem.Add("Hostname", $VM.Hostname) + $HTTempSystem.Add("OS", $VM.OS) + if ( ($VM.OS -like "*indows7*") -or ($VM.OS -like "*indows8*") -or ($VM.OS -like "*indows8.1*") -or ($VM.OS -like "*indows10*") ) { + $HTTempSystem.Add("Type", "Client") + } else { + $HTTempSystem.Add("Type", "Server") + } + if (-not (get-ChildItem "configs\$($VM.UnattendFile)" -ErrorAction SilentlyContinue )) { + Write-Error "[X] ERROR: could not find unattend file for system "($VM.Hostname).ToString() + Break + } else { $HTTempSystem.Add("UnattendFile", $VM.UnattendFile) } + $HTTempSystem.Add("User", $(($VM.LocalCreds).split(':')[0])) + $HTTempSystem.Add("Pass", $(($VM.LocalCreds).split(':')[1])) + if (-not (get-ChildItem "disks\parentdisks\$($VM.ParentDisk).vhdx" -ErrorAction SilentlyContinue)) { + Write-Error "[X] ERROR: could not find parent disk for system "($VM.Hostname).ToString() + Break + } else { $HTTempSystem.Add("ParentDisk", $VM.ParentDisk) } + $HTTempSystem.Add("Net1_Name", $VM.Net1_Name) + $HTTempSystem.Add("Net1_MAC", $(Get-MacAddress)) + $HTTempSystem.Add("Net1_IP", $VM.Net1_IP) + # If not explicitly set in lab config file, set DNS server to IP address of PDC if system is in Domain, or to 9.9.9.9 if not in domain. + # We havent parsed the ADDS settings yet, and so dont know PDC value yet. We'll just set a temp value 'PDC' here and alter after ADDS parsing. + if (-not ($VM.Net1_DNS)) { + if ($VM.Domain) { + $HTTempSystem.Add("Net1_DNS","PDC") + } else { + $HTTempSystem.Add("Net1_DNS","9.9.9.9") + } + } else { + $HTTempSystem.Add("Net1_DNS", $VM.Net1_DNS) + } + #setting the Gateway to the value defined in the network definition + $GWAddress = $HTNetworks.item($vm.Net1_Name).item("GW") + $HTTempSystem.Add("Net1_GW", $GWAddress) + + if ($VM.Win_Update) { + $HTTempSystem.Add("Win_Update", $VM.Win_Update) + } + if ($VM.Domain) { + $HTTempSystem.Add("Domain", $VM.Domain) + } + if ($VM.RDP_Allow) { + $HTTempSystem.Add("RDP_Allow", $VM.RDP_Allow) + } + # Setting the VMname to labname + hostname + ip address + OS name ( + office version if lab xml contains office settings) + if ($VM.OfficeInstaller) { + $HTTempSystem.Add("OfficeInstaller", $VM.OfficeInstaller) + $HTTempSystem.Add("OfficeConfig", $VM.OfficeConfig) + $HTTempSystem.Add("VMName", $($Name+"_"+$VM.HostName+"_"+$(($VM.Net1_IP).split('/')[0])+"_"+$VM.OS+"_"+$(($VM.OfficeConfig).split('\')[0]))) + } else { + $HTTempSystem.Add("VMName", $($Name+"_"+$VM.HostName+"_"+$(($VM.Net1_IP).split('/')[0])+"_"+$VM.OS)) + } + # Adding SW_JustCopy if set + if ($VM.SW_JustCopy) { + $HTTempSystem.Add("SW_JustCopy", $VM.SW_JustCopy) + } + # Adding SW_Install if set + if ($VM.SW_Install) { $HTTempSystem.Add("SW_Install", $VM.SW_Install) } + + # Setting memory from value in lab config file, or based on Type. Servers = 2GB, Clients = 4GB + if ($VM.Mem) { + $HTTempSystem.Add("Mem", $VM.Mem) + } else { + if ($($HTTempSystem.item("Type")) -match "Client") { + $HTTempSystem.Add("Mem", "4GB") + } else { + $HTTempSystem.Add("Mem", "2GB") + } + } + + # Adding it all to the hashtable + $HTSystems.Add($VM.Hostname, $HTTempSystem) + Write-Verbose "[+] Successfully processed config of system: $($VM.Hostname)" + } + } + } + catch { + Write-Error "[X] ERROR: could not process system config in XML. Exiting." + Write-Error "[X] ERROR: have processed so far: "+$HTTempSystem + Break + } + finally { + Write-Verbose "[*] Done processing system config in XML. Amount of systems read: $($HTSystems.Count)." + } + + ## getting AD config from lab config file - exit on error + try { + foreach ($Domain in $LabConfig.SelectNodes("/Labs/Lab[@LabName=`""+ $Name + "`"]/ADDS")) { + Write-Verbose "[*] Start processing config of an ActiveDirectory Domain Services." + [hashtable]$HTTempDomain= [ordered]@{} + $HTTempDomain.Add("ADDSName", $Domain.ADDSName) + $HTTempDomain.Add("ParentDomain", $Domain.ParentDomain) + $HTTempDomain.Add("PDC", $Domain.PDC) + $HTTempDomain.Add("SafeModeAdminPass", $Domain.SafeModeAdminPass) + $HTTempDomain.Add("PDC_IP", $($HTSystems.$($Domain.PDC).Net1_IP).split('/')[0]) + $HTTempDomain.Add("PDC_LocalUser", $($HTSystems.$($Domain.PDC).User)) + $HTTempDomain.Add("PDC_LocalPass", $($HTSystems.$($Domain.PDC).Pass)) + $HTAdds.Add($Domain.ADDSName, $HTTempDomain) + Write-Verbose "[+] Successfully processed config of AD domain: $($Domain.ADDSName)" + } + } + catch { + Write-Error "[X] ERROR: could not process AD config in XML. Exiting." + Break + } + finally { + Write-Verbose "[*] Done processing AD config in XML. Amount of AD domains read: $($HTAdds.Count)." + } + + # Revisiting DNS info now that we have parsed the ADDS info + Try { + foreach ($VM in $HTSystems.Values) { + if ( $vm.item("Net1_DNS") -Like "PDC" ) { + $domainName = $HTSystems.item($($vm.Hostname)).item("Domain") + $nameOfPDC = $HTAdds.item($domainName).item("PDC") + # if we are processing the Domain Controller itself, we better set it to 127.0.0.1 as it will also run a DNS server + if ($nameOfPDC -Like $vm.Hostname) { + $ipOfPDC = "127.0.0.1" + } + else { + $ipOfPDC = ($HTSystems.item($nameOfPDC).item("Net1_IP").split('/')[0]) + } + $HTSystems.item($($vm.Hostname)).item("Net1_DNS") = $ipOfPDC + } + } + } + catch { + Write-Error "[X] ERROR: could not set DNS address from PDC info. Exiting." + Break + } + finally { + Write-Verbose "[*] Done adjusting DNS info for Domain joined systems." + } + + if ($Debug) { + Write-Debug "Networks found: " + $HTNetworks + write-debug "Details of networks found." + $HTNetworks.values + Write-Debug "AD domains found: " + $HTAdds + write-Debug "Details of AD domains found" + $HTAdds.values + Write-Debug "Systems found: " + $HTSystems + write-debug "Details of systems found" + $HTSystems.values + } + write-Verbose "[*] Done reading the lab config file" + + # Exit and return objects if parameter -CheckCOnfigOnly was set + if ($CheckConfigOnly) { + return $HTNetworks,$HTSystems,$HTAdds + Break + } + + # Start deployment of network stuff - call one function to do this all + Invoke-ADLabDeployNetwork -Networks $HTNetworks -LabName $Name + + # Create directory for vhd storage for this lab + if (-not (Test-Path -Path disks\$LabName )) { New-Item "disks\$LabName" -type directory } + + # start deployment of systems - call function per machine + write-Verbose "[*] Start setting up systems" + foreach ($VM in $HTSystems.Values) { + Invoke-ADLabDeployVM -Machine $VM -LabName $Name + } + Write-Verbose "[+] Done setting up the VM(s) and now starting them up. Giving them 180s to boot." + Start-Sleep -Seconds 180 + + # Start deployment of AD Services - call function per domain/forest + if ($HTadds) { + $DomainName = $HTAdds.Addsname + Write-Verbose "[*] Checking if PDC is up" + # Check if specific system is up + foreach ($Domain in $htadds.Values) { + if (Get-ADLabSystemUpStatus -ip $Domain.item("PDC_IP") -username $Domain.item("PDC_LocalUser") -password $Domain.item("PDC_LocalPass") -timeout 120) { + Write-Verbose "[*] System is up. Start building ADDS" + Invoke-ADLabDeployADDS -Domain $Domain -LabName $Name + } else { + # Host system is slow in bringing up systems, so wait another few minutes + Write-Verbose "[*] System is not up. Sleeping 180 seconds" + Start-Sleep -Seconds 180 + Invoke-ADLabDeployADDS -Domain $Domain -LabName $Name + } + } + } else { + Write-Verbose "[*] No ADDS defined in config file, skipping ADDS setup." + } + + # Have system join the domain + if ($HTAdds) { + foreach ($Domain in $HTAdds.Values) { + $DNSSearchString = "_ldap._tcp.pdc._msdcs."+$Domain.item("ADDSName") + $DNSServerIP = $Domain.item("PDC_IP") + $ADDSIsUp = $False + # check if ADDS is up by doing a dns lookup for the srv record _ldap._tcp.pdc._msdcs.ADDSNAME + while (-not($ADDSIsUp)) { + Write-Verbose "[*] Verifying if DNS server $DNSServerIP is giving out a SRV type record on $DNSSearchString" + $result = Resolve-DnsName -Name $DNSSearchString -type SRV -Server $DNSServerIP -ErrorAction SilentlyContinue + if ($?) { + Write-Verbose "[+] SRV record found. Continuing with domain join." + $ADDSIsUp = $True + } else { + Write-Verbose "[+] SRV record not found. Sleeping for 10 seconds." + Start-Sleep -Seconds 10 + } + } + } + # Now we know for sure that the ADDS is up and DNS SRC record available, Start deployment of systems by joining the domain first - call function per system + Write-Verbose "[*] Joining systems to AD Domains" + foreach ($VM in $HTSystems.Values) { + if ($VM.containskey("Domain")) { + Invoke-ADLabJoinDOmain -Machine $VM -DomainAdminUsername "administrator" -DomainAdminPassword $($HTAdds.item($($VM.item("Domain"))).item("SafeModeAdminPass")) -DCname $($HTAdds.item($($VM.item("Domain"))).item("PDC")) + } + } + } + + # Start installation of software packages - call function per system + Write-Verbose "[*] Starting installation of software packages." + foreach ($VM in $HTSystems.Values) { + Invoke-ADLabSystemInstallSoftware -Machine $VM + } + + # Start local configuration of system - call function per system + Write-Verbose "[*] Starting local configuration." + foreach ($VM in $HTSystems.Values) { + Invoke-ADLabSystemLocalConfig -Machine $VM + } + + if (-not($CheckConfigOnly)) { + Write-Verbose "[*] Done with lab deployment." + $RunTime = [math]::Round((New-Timespan -Start $StartTime -End (Get-Date)).TotalMinutes) + Write-verbose "[*] Deployed $($HTNetworks.Count) networks, $($HTAdds.Count) Domain and $($HTSystems.count) systems in $RunTime minutes." + } +} # end of function Invoke-ADLabDeployer + +function Get-MacAddress { + <# + .Synopsis + Get an unique and valid MAC address. + + .DESCRIPTION + Generates and returns a MAC address that is not used on any VM registerd on the current host. + Mac address is in XX-XX-XX-XX-XX-XX format. + + Its not a fully random generated address as these can become invalid addresses. + This function lets the address start with 06 to have a locally generated unicast address + + #> + + $currentMacs = get-vm|ForEach-Object{(Get-VMNetworkAdapter -VMName $_.Name).MacAddress } + + $unique = $False + while (-not $unique) { + $mac = "06-"+$((0..4 | ForEach-Object { '{0:x}{1:x}' -f (Get-Random -Minimum 0 -Maximum 15),(Get-Random -Minimum 0 -Maximum 15)}) -join '-') + if (-not($currentMacs -contains $mac)) {$unique = $true} + } + return $mac +} + +Function Invoke-ADLabDeployNetwork { +<# + .Synopsis + Deploy virtual network + + .DESCRIPTION + Function to deploy the virtual network. + + .EXAMPLE + Invoke-ADLabDeployNetwork -Networks $HTNetworks -LabName $Name + + .PARAMETER $Networks + hashtable with info on the networks - mandatory + + .PARAMETER $LabName + String with the name of the lab - required for naming the virtual switches - mandatory +#> + + [CmdletBinding()] + param ( + [Parameter(Mandatory = $True)] + [hashtable] + [ValidateNotNullOrEmpty()] + $Networks, + + [Parameter(Mandatory=$True)] + [string] + $LabName + ) + + ############################################ + ###### 1. Setting up the network + # Todo: do more advanced networking, where lab config file can be used to determine detailed routing setup. + # Preferably using true Hyper-V Network Virtualization (RRIDs, CA, PA, etc.). + # For now we use old skool style RRAS server functionality installed on the Hyper-V server. This setup is not officially supported by MSFT but it works. Yolo! + # + # Todo: cleaner way of setting current configs. + # Now we rather brute force delete several existing configs: NetNat switches, RRAS configs and vEthernet internal switches. + write-Verbose "[*] Start setting up the virtual network" + Write-Verbose "[+] Removing netnat networks as they interfere with our desired setup" + get-netnat|remove-netnat + + # Check if RRAS Windows feaute is installed. If not, warn and exit. + if (-not(Get-Service remoteaccess -RequiredServices)) { + write-Error "[X] Remote Access deamon RRAS not installed. This is required." + Write-Error "[X] To install run:" + Write-Error "[X] 1. Install-WindowsFeature Routing -IncludeManagementTools" + Write-Error "[X] 2. Set-Service remoteaccess -StartupType automatic" + Write-Error "[X] 3. Set-Service rasman -StartupType automatic" Write-Error "[X] 4. Restart-Computer" + Write-Error "[X] Can't continue, exiting now." Break + } + + # check if Routing is enabled. If not do so. + $routingEnabled = (Get-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters -Name IPEnableRouter).IPEnableRouter + if ($rouingEnabled -match "0") { + write-verbose "[+] Enabling routing" + New-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters -Name IPEnableRouter -value 1 -Force + } else { + write-verbose "[*] Routing already enabled" + } + + ## Setting up the virtual switches and networks for the VMs + foreach ($Net in $Networks.Values) { + # setting the name of the switch to labname_netname + $SwitchName = $LabName+"_"+$Net.item("NetName") + Write-Verbose "[*] Processing virtual switch $SwitchName" + + # Check if switch name not exists or GW IP address not exists - if both not exist we can safely make the new switch + if ((-not(get-vmswitch $SwitchName -ErrorAction SilentlyContinue)) -and ( -not(Get-NetIPAddress -IPAddress $($Net.item("GW")) -ErrorAction SilentlyContinue))) { + # Make new switch + Write-Verbose "[+] Virtual switch $SwitchName not found, creating." + New-VMSwitch -Name $SwitchName -SwitchType Internal -Notes "Internal switch for lab $LabName" | Out-Null + + # Set the adapter for the switch + Write-Verbose "[+] Setting up the new interface $SwitchName" + New-NetIPAddress -interfaceAlias "vEthernet ($SwitchName)" -IPAddress $($Net.item("GW")) -PrefixLength $(($Net.item("Subnet")).split('/')[1]) | Out-Null + + } else { # either switchname exists or GW ip address exsits + # check if the interface with correct IP address is attached to correct switchname, if not something is wrong and we exit + if (Get-NetIPAddress -IPAddress $($Net.item("GW")) | select interfaceAlias | where {$_.InterfaceAlias -match $SwitchName } ) { + Write-Verbose "[*] Virtual switch $SwitchName found with correct IP address, no further config needed." + + } else { + Write-Error "[X] Interface found with GW IP address, but not attached to virtual switch $SwitchName." + Write-Error "[X] Something is wrong, please fix this manually." + Break + } + } + } + + Write-verbose "[+] Successfully setup virtual network." +} # end of function Invoke-ADLabDeployNetwork + +function Invoke-ADLabDeployVM { + <# + .Synopsis + Deploy a virtual machine + + .DESCRIPTION + Function to deploy a virtual machine. + + .EXAMPLE + Invoke-ADLabDeployVM -Machine $VM -LabName $Name + + .PARAMETER $VM + Hastable with info on the virtual machine - mandatory + + .PARAMETER $LabName + String with the name of the virtual machine - mandatory + + .PARAMETER $UpdateParent + Boolean required when updating updates on the parent images - not mandatory + Most likely only used when called from Invoke-ADLabImageUpdater + + #> + + [CmdletBinding()] + param ( + [Parameter(Mandatory = $True)] + [hashtable] + [ValidateNotNullOrEmpty()] + $Machine, + + [Parameter(Mandatory=$True)] + [string] + $LabName, + + [Parameter(Mandatory = $False)] + [Boolean] + $UpdateParent = $False + ) + + # We prefer generation 2 vms. But this is only supported if 64bit desktop OS is Win8 or later, or server OS is win2012 or later (32 and 64bit) + # We use the Lab XML config file OS property to check this. Isnt fool proof, but works for now. + if (($($Machine.item("OS")) -like "*windows7*") -or ($($Machine.item("OS")) -like "*windows8x86*") -or ($($Machine.item("OS")) -like "*windows8.1x86*") -or ($($Machine.item("OS")) -like "*windows10x86*") -or ($($Machine.item("OS")) -like "*windows2008*")) { + $Gen = 1 + } else { + $Gen = 2 + } + Write-Verbose "[+] Creating new VM: $($Machine.item("VMName"))" + + if ($UpdateParent) { + $Disk = $("disks\parentdisks\"+$Machine.Item("BaseDisk")) + } else { + $Disk = "disks\$LabName\$($Machine.item("VMName")).vhdx" + New-VHD -Differencing -Path $Disk -ParentPath "disks\parentdisks\$($Machine.item("ParentDisk")).vhdx" | Out-Null + } + + # Make the new VM, attach disk, set amount of memory and attach network + New-VM -Name $Machine.item("VMName") -Generation $Gen -SwitchName $($LabName+"_"+$Machine.item("Net1_Name")) | Out-Null + Add-VMHardDiskDrive -VMName $Machine.item("VMName") -Path $Disk | Out-Null + Set-VMMemory -VMName $Machine.item("VMName") -DynamicMemoryEnabled $True -MaximumBytes $(invoke-expression $Machine.item("Mem")) | Out-Null + Set-VMNetworkAdapter -VMName $Machine.item("VMName") -StaticMacAddress $Machine.item("Net1_MAC") | Out-Null + + # set boot priority to boot form hard disk to speed up booting proces: different commands for gen1 and gen2 + if ( $Gen -eq 1 ) { + Set-VMBios -VMName $Machine.item("VMName") -StartupOrder @("IDE","CD","LegacyNetworkAdapter","Floppy") + } else { + Set-VMFirmware -VMName $Machine.item("VMName") -FirstBootDevice $(Get-VMHardDiskDrive -VMName $Machine.item("VMName")) + } + + # Performing post install config by mounting the VHD drive and adjusting the unattend.xml. + # first mount the VHD drive and get the drive letter it is mounted on + try{ + $drive = Mount-VHD -Path $Disk -Passthru | Get-Disk | Get-Partition|Get-Volume + # We need to figure out which drive letter the Windows partition is mounted on. + # Modern Windows disks have multiple partitions with a recovery partition that also get automounted with 'Mount-VHD'. + # So checking for drive letter larger than 500MB, and no recovery||reserved in disk label to get the Windows partition + if ( $drive.count -gt 1 ) { + foreach ($part in $drive) { + if ( $part.size -gt 5000000000 -and $part.filesystemlabel -notlike "*Reserve*" -and $part.FileSystemLabel -notlike "*recovery*") { + Write-Debug "[*] partition $($part.DriveLetter) with size $($part.size) selected" + $driveletter = $part.DriveLetter + } + } + } else { + # Only 1 partition. + $driveletter = $part.DriveLetter + } + + # Read and modify the unattend.xml file on the new VHD. + try { + # Post boot commands to add to the unattend.xml file + Write-Debug "[*] Attempting to read example xml file configs\$($machine.item("UnattendFile"))" + Write-Debug "[*] Amount of DNS servers found in config file: $(($machine.item("Net1_DNS")).split(',').count)" + if ( ($machine.item("Net1_DNS")).split(',').count -eq 1 ) { + (Get-Content configs\$($machine.item("UnattendFile"))) | Foreach-Object { + $_ -replace '@@Hostname@@', $machine.item("Hostname") ` + -replace '@@Net1_MAC@@', $machine.item("Net1_MAC") ` + -replace '@@Net1_IP@@', $machine.item("Net1_IP") ` + -replace '@@Net1_GW@@', $machine.item("Net1_GW") ` + -replace '@@Net1_DNS@@', $machine.item("Net1_DNS") ` + -replace '@@DNS_SUFFIX@@', $machine.item("Domain") ` + -replace '@@User@@', $machine.item("User") ` + -replace '@@Pass@@', $machine.item("Pass") + } | Set-Content "${driveletter}:\windows\Panther\unattend.xml" + } else { + # Unattand file requires full XML format for multiple DNS servers, nasty but working way to add the XML format for the 2nd DNS server. + $dnsstring = ($machine.item("Net1_DNS")).split(',')[0] + '</IpAddress> <IpAddress wcm:action="add" wcm:keyValue="2">'+($machine.item("Net1_DNS")).split(',')[1] + '</IpAddress>' + Write-Debug "[*] Writing DNS info $dnsstring" + (Get-Content configs\$($machine.item("UnattendFile"))) | Foreach-Object { + $_ -replace '@@Hostname@@', $machine.item("Hostname") ` + -replace '@@Net1_MAC@@', $machine.item("Net1_MAC") ` + -replace '@@Net1_IP@@', $machine.item("Net1_IP") ` + -replace '@@Net1_GW@@', $machine.item("Net1_GW") ` + -replace '@@Net1_DNS@@</IpAddress>', $dnsstring ` + -replace '@@DNS_SUFFIX@@', $machine.item("Domain") ` + -replace '@@User@@', $machine.item("User") ` + -replace '@@Pass@@', $machine.item("Pass") + } | Set-Content "${driveletter}:\windows\Panther\unattend.xml" + } + } catch { + Write-Warning "[!] WARNING: something went wrong with editing the xml file. It may still be good (by accident), continuing with that positive vibe...." + } + } catch { + Write-Error "[X] ERROR: could not mount VHD disk to modify unattend.xml file. Exiting." + break + } + Dismount-VHD -Path $Disk + Write-Verbose "[+] VM $($Machine.item("VMName")) created, now booting." + Start-VM $machine.item("VMName") + + # Adding system to local Trusted Host list for WSMan if TrustedHost is not already set to wildcard * + $trustedHostList = Get-Item WSMan:\localhost\Client\TrustedHosts + if ( -not($trustedHostList.value -Like "*")) { + Set-Item WSMan:\localhost\Client\TrustedHosts -Value $machine.item("Net1_IP") -Concatenate -Force + } + +} # end of function Invoke-ADLabDeployVMs + +function Get-ADLabSystemUpStatus { + <# + .Synopsis + Check if a system is up + + .DESCRIPTION + Helper function for checking status of system. + Returns True if system is up and able to log in. + + .EXAMPLE + Get-ADLabSystemUpStatus -ip $domain.item("PDC_IP") -username $domain.item("PDC_LocalUser") -password $domain.item("PDC_LocalPass") -timeout 15 + + .EXAMPLE + Get-ADLabSystemUpStatus -ip "1.2.3.4" -username "localdminuser" -password "str0ngPasswd!" -timeout 15 + + .PARAMETER $IP + String with the IP address of the host we want to check - mandatory + + .PARAMETER $Username + String with the username ofa local user on the remote system - mandatory + + .PARAMETER $Password + String with the password of the local user on the remote system - mandatory + + .PARAMETER $TimeOut + Integer with value of timeout in seconds to keep trying the remote system - not mandatory + The timeout value is not accurate. Expect it to be surpassed by ~20sec. + #> + + [CmdletBinding()] + param + ( + [Parameter(Mandatory = $True)] + [String] + [ValidateNotNullOrEmpty()] + $IP, + + [Parameter(Mandatory = $True)] + [String] + [ValidateNotNullOrEmpty()] + $Username, + + [Parameter(Mandatory = $True)] + [String] + [ValidateNotNullOrEmpty()] + $Password, + + [Parameter(Mandatory = $False)] + [Int] + $TimeOut = 60 + ) + + $Pass = ConvertTo-SecureString $Password -AsPlainText -Force + $Creds = New-Object -TypeName System.Management.Automation.PSCredential $Username,$Pass + + $StopTime = (get-date).AddSeconds($TimeOut) + while ((get-date) -lt ($StopTime)) { + # first do a ping, if successful try a login + if (Test-Connection -Computername $IP -Count 1 -Quiet|Out-Null) { + Invoke-Command -ComputerName $IP -Credential $Creds -ScriptBlock { hostname }|out-null + if ($?) { + return $True + } + } + } + # Just in case ping is disabled on the remote host, just one final try with invoke-command + Invoke-Command -ComputerName $IP -Credential $Creds -ScriptBlock { hostname }|out-null + if ($?) { + return $True + } + return $False + } # end of function Get-ADLabSystemUpStatus + +function Invoke-ADLabDeployADDS { + <# + .Synopsis + Deploy the ADDS + + .DESCRIPTION + Function to deploy the Active Directory Domain Services. + + .EXAMPLE + Invoke-ADLabDeployADDS -Domain $Domain -LabName $Name + + .PARAMETER $Domain + Hastable with info on the AD setup - mandatory + + .PARAMETER $LabName + String with the name of the lab - mandatory + + #> + + [CmdletBinding()] + param ( + [Parameter(Mandatory = $True)] + [hashtable] + [ValidateNotNullOrEmpty()] + $Domain, + + [Parameter(Mandatory=$True)] + [string] + $LabName + ) + + # we need 2 sets of creds: + # 1 for the regular local account as defined in the system section of the xml + # 2 for the built-in administrator account. This account needs to be enabled on the PDC as safe mode administrator. + $Pass = ConvertTo-SecureString $($domain.item("PDC_LocalPass")) -AsPlainText -Force + $Creds = New-Object -TypeName System.Management.Automation.PSCredential $($domain.item("PDC_LocalUser")),$pass + $SafeModeAdminPassClearText = $($domain.item("SafeModeAdminPass")) + $SafeModeAdminPass = ConvertTo-SecureString $($domain.item("SafeModeAdminPass")) -AsPlainText -Force + $SafeModeAdminCreds = New-Object -TypeName System.Management.Automation.PSCredential "administrator",$SafeModeAdminPass + + # setting these variables so we can easy pass into scriptblock + $NetUserString = "net user administrator $SafeModeAdminPassClearText /active:yes" + $DomainName = $($domain.item("ADDSName")) + + Write-Verbose "[*] Starting Installation of ADDS Roles/Features" + $Results = Invoke-Command -ComputerName $domain.item("PDC_IP") -Credential $Creds -ScriptBlock { + # Installing the ADDS Roles + install-windowsfeature AD-Domain-Services -IncludeManagementTools |Format-List exitcode,restartneeded + } + # Check if the previous command went ok. + if($?) { + Write-Verbose "[+] Successfully installed ADDS Roles/Features." + } else { # command did not go ok + Write-Error "[X] ERROR: could not install ADDS Roles/Features. Exiting." + Break + } + + Write-Verbose "[*] Enabling local administrator account" + $Results = Invoke-Command -ComputerName $domain.item("PDC_IP") -Credential $creds -ScriptBlock { + param($NetUserString) + #Enable local admin password - required by MSFT - Set-LocalUser and Enable-LocalUser arent availabel on all Windows Server versions + cmd.exe /c "$NetUserString" + } -ArgumentList $NetUserString + # Check if the previous command went ok. + if($?) { + Write-Verbose "[+] Local administrator account enabled." + } else { + Write-Warning "[!] WARNING: could not enable local administrator account. Trying to continue." + } + + # Install the Forest + $Results = "" + Write-Verbose "[*] Installing the Forest - this may take several minutes" + $Results = Invoke-Command -ComputerName $domain.item("PDC_IP") -Credential $creds -ScriptBlock { + param($Domainname,$SafeModeAdminPass) + Install-ADDSForest -Force -DomainName $Domainname -SafeModeAdministratorPassword $SafeModeAdminPass | Format-List exitcode,restartneeded + } -ArgumentList $Domainname,$SafeModeAdminPass + + # Check if the previous installation went ok. + if($?) { + # the computer just rebooted to finish the ADDS installation, giving it some time to come back before trying for 1st time. + $TimeStart = Get-Date + $TimeEnd = $timeStart.addminutes(5) + $InstallOK = $False + Write-Verbose "[*] PDC is rebooting for Forest and Domain to be effective. This can take a while depending on your hardware." + Write-verbose "[*] We will wait up till 5 minutes, but check periodically." + Start-Sleep -Seconds 60 + while ((-not($InstallOK)) -and ($TimeEnd -ge $TimeStart) ) { + if (Get-ADLabSystemUpStatus -ip $domain.item("PDC_IP") -username $domain.item("PDC_LocalUser") -password $domain.item("PDC_LocalPass") -timeout 15 ) { + Write-Verbose "[+] PDC is back up. Now checking if ADDS is up and running." + $Res = Invoke-Command -computername $domain.item("PDC_IP") -Credential $creds -ScriptBlock { (Get-CimInstance win32_computersystem).Domain } + if ( $Res = $DomainName ) { # install went ok + Start-Sleep -Seconds 30 # letting the PDC advertise itself on the network + Write-Verbose "[+] Forest and Domain $Domainname successfully installed." + $InstallOK = $True + } + } + Start-Sleep -Seconds 30 + } + if ($InstallOK = $false) { Write-Warning "[!] WARNING: ADDS installer ran, but couldn't evaluate the results of domain $DomainName."} + } else {Write-Error "[!] Error installing the Forest. More things will probably fail now."} + + #### Todo Add-DnsServerPrimaryZone -DynamicUpdate Secure -NetworkId ‘10.1.1.0/24’ -ReplicationScope Domain + +} # end of function Invoke-ADLabInvokeADDS + +Function Invoke-ADLabJoinDomain { +<# + .Synopsis + Join a domain + + .DESCRIPTION + Function to join a system to a ADDS domain. + + .EXAMPLE + Invoke-ADLabJoinDOmain -Machine $VM -DomainAdminUsername "administrator" -DomainAdminPassword $($HTAdds.item($($VM.item("Domain"))).item("SafeModeAdminPass")) -DCname $($HTAdds.item($($VM.item("Domain"))).item("PDC")) + + .PARAMETER $Machine + Hastable with info on the system we are joing to a domain - mandatory + + .PARAMETER $DomainAdminUsername + String with the username of the domain admin account used for joing the domain - mandatory + + .PARAMETER $DomainAdminPassword + String with the password of the domain admin account used for joing the domain - mandatory + + .PARAMETER $DCName + String with the IP/hostname of the domain controller - mandatory + +#> + + [CmdletBinding()] + param ( + [Parameter(Mandatory = $True)] + [hashtable] + [ValidateNotNullOrEmpty()] + $Machine, + + [Parameter(Mandatory=$True)] + [string] + $DomainAdminUsername, + + [Parameter(Mandatory=$True)] + [string] + $DomainAdminPassword, + + [Parameter(Mandatory = $True)] + [string] + $DCname + ) + + $Pass = ConvertTo-SecureString $Machine.item("Pass") -AsPlainText -Force + $Creds = New-Object -TypeName System.Management.Automation.PSCredential $(".\"+$Machine.item("User")),$pass + $DomainPass = ConvertTo-SecureString $DomainAdminPassword -AsPlainText -Force + $DomainCreds = New-Object -TypeName System.Management.Automation.PSCredential $($Machine.item("Domain")+"\"+$DomainAdminUsername),$DomainPass + + + # Enable WinRM Service to start not delayed in the future + Write-Verbose "[+] System $($Machine.item("Hostname")) : Enabling quick start of WinRM" + Invoke-Command -ComputerName $($Machine.item("Net1_IP").split('/')[0]) -Credential $Creds -ScriptBlock { cmd /c "sc config WinRM start= auto" } | Out-Null + + Write-verbose "[*] System $($Machine.item("Hostname")) : Starting domain join." + # Check if domain joined, if not do so. + $Results = Invoke-Command -ComputerName $($Machine.item("Net1_IP").split('/')[0]) -Credential $Creds -ScriptBlock { (Get-WmiObject win32_computersystem).Domain } + if (($?) -and ($results -eq $Machine.item("Domain"))){ + write-Verbose "[*] System $($Machine.item("Hostname")) : already in that domain. Nothing to do." + } else { # command didnt go well or not in domain + # Actually join the domain and reboot. + Write-Verbose "[*] System $($Machine.item("Hostname")) : not joined, about to do so." + Add-Computer -ComputerName $($Machine.item("Net1_IP").split('/')[0]) -LocalCredential $Creds -DomainName $Machine.item("Domain") -Credential $DomainCreds -Restart -Force # -server $($DCname+"."+$Machine.item("Domain")) + if (-not ($?)) { Write-Warning "[!] System $($Machine.item("Hostname")) WARNING: could not join domain $($Machine.item("Domain"))" } + else { # let the VM reboot for 60sec atfter joing the domain + Write-Verbose "[+] System $($Machine.item("Hostname")) : Successfully joined the domain. Now rebooting." + } + } +} # end of function Invoke-ADLabJoinDomain + +Function Invoke-ADLabSystemInstallSoftware { +<# + .Synopsis + Install local software packages + + .DESCRIPTION + Function to install software packages on the local system. + + .EXAMPLE + Invoke-ADLabSystemInstallSoftware -Machine $VM + + .PARAMETER $Machine + Hastable with info on the system we are installing software on - mandatory + +#> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $True)] + [hashtable] + [ValidateNotNullOrEmpty()] + $Machine + ) + + $Pass = ConvertTo-SecureString $Machine.item("Pass") -AsPlainText -Force + $Creds = New-Object -TypeName System.Management.Automation.PSCredential $(".\"+$Machine.item("User")),$pass + + # Check if system is up and if we can log in + if (-not(Get-ADLabSystemUpStatus -ip $($Machine.item("Net1_IP").split('/')[0]) -username $Machine.item("User") -password $Machine.item("Pass") -timeout 60)) { + Write-Warning "[!] system $($Machine.item("Hostname")) WARNING: system down or can't log in." + } + + + Write-verbose "[*] System $($Machine.item("Hostname")) : Starting package installations." + + # Disable bug in Customer Experience thingie that could make msi installs slow or even fail. + Write-Verbose "[+] System $($Machine.item("Hostname")) : Removing specific reg key of CEIP that is a known bug for slow msi installs." + Invoke-Command -ComputerName $($Machine.item("Net1_IP").split('/')[0]) -Credential $Creds -ScriptBlock { + if (Test-Path HKLM:\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions) { cmd /c "reg delete HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions /va /f" } + } | Out-Null + + # stop spooler service as its known to casue slow Office installs - will be auto enabled after first reboot + Write-Verbose "[+] System $($Machine.item("Hostname")) : Stopping Spooler service" + Invoke-Command -ComputerName $($Machine.item("Net1_IP").split('/')[0]) -Credential $Creds -ScriptBlock { cmd /c "sc stop spooler" } | Out-Null + + # Disable Volume Shadow copy for now - we will enable again later on + Write-Verbose "[+] System $($Machine.item("Hostname")) : Disabling Volume Shadow Copy Service." + Invoke-Command -ComputerName $($Machine.item("Net1_IP").split('/')[0]) -Credential $Creds -ScriptBlock { cmd /c "sc config vss start= disabled" } |Out-Null + + # Install Software programs. + # We're copying the files to the local disk of the VM as some installers may need to write to dir where it is run from. + # + # Couldnt get new-PSDrive to work reliable, so we are using copy-item directly. But copy-item cant work with creds. + # Solution is nasty trick to pre cache the creds by running old skool cmd command 'net use \\ip\c$ pass /user:username'. + # + $NetUseCmd = "`"net use \\"+$($Machine.item("Net1_IP").split('/')[0])+"\c`$ "+$Machine.item("Pass")+" /user:"+$Machine.item("User")+"`"" + & cmd /c $NetUseCmd | out-null + + ## Install software - Just Copy files + if ($Machine.item("SW_JustCopy")) { + Write-Verbose "[*] System $($Machine.item("Hostname")) : Copying software files." + foreach ($sw in $Machine.item("SW_JustCopy")) { + Write-Verbose "[+] System $($Machine.item("Hostname")) : Copying software package $(($sw).split('\')[1]) " + $SWPathSrc = $((Get-Item -Path ".\"-Verbose).FullName)+"\SoftwareInstallers\"+$sw + $SWPathDest = "\\"+$($Machine.item("Net1_IP").split('/')[0])+"\C$\SoftwareInstallers\" + New-item $SWPathDest -ItemType Directory -Force |Out-null + Copy-Item "$SWPathSrc" -Destination "$SWPathDest" -Recurse -Force + } + } else { + Write-Verbose "[*] System $($Machine.item("Hostname")) : No software files to copy." + } + + ## Install software - run installers + if ($Machine.item("SW_Install")) { + Write-Verbose "[*] System $($Machine.item("Hostname")) : running msi software installers." + foreach ($sw in $Machine.item("SW_Install")) { + Write-Verbose "[+] System $($Machine.item("Hostname")) : Installing software package $(($sw).split('\')[1]). This may take some time. " + $SWPathSrc = $((Get-Item -Path ".\"-Verbose).FullName)+"\SoftwareInstallers\"+$sw + $SWPathDest = "\\"+$($Machine.item("Net1_IP").split('/')[0])+"\C$\SoftwareInstallers\" + New-item $SWPathDest -ItemType Directory -Force |Out-null + Copy-Item "$SWPathSrc" -Destination "$SWPathDest" -Recurse -Force + $InstallString = "msiexec.exe /i C:\SoftwareInstallers\"+$(($sw).split('\')[1])+" /QN /L*V c:\SoftwareInstallers\sw-install-"+$(($sw).split('\')[1])+".log" + Invoke-Command -ComputerName $($Machine.item("Net1_IP").split('/')[0]) -Credential $creds -ScriptBlock { + param($Installstring) + & cmd /c $Installstring + } -ArgumentList $InstallString + } + } + + ## Install Office + if ($Machine.item("OfficeInstaller")) { + $OfficePathSrc = $((Get-Item -Path ".\"-Verbose).FullName)+"\SoftwareInstallers\"+$($Machine.item("OfficeInstaller").split('\')[0])+"\" + $OfficePathDest = "\\"+$($Machine.item("Net1_IP").split('/')[0])+"\C$\SoftwareInstallers\" + + # Setting the Office setup vars. I dont know why MSFT switched from /config to /configure with Office 2016, but it took me hours to realize. + $OfficeSetup = "c:\SoftwareInstallers\"+$Machine.item("OfficeInstaller") + if ( ($OfficePathSrc -like "*14*") -or ($OfficePathSrc -like "*15*") -or ($OfficePathSrc -like "*2010*") -or ($OfficePathSrc -like "*2013*") ) { + $OfficeSetupArg = " /config c:\SoftwareInstallers\"+$Machine.item("OfficeConfig") + } else { + $OfficeSetupArg = " /configure c:\SoftwareInstallers\"+$Machine.item("OfficeConfig") + } + + Write-Verbose "[+] System $($Machine.item("Hostname")) : Copying Office installer files." + New-item $OfficePathDest -ItemType Directory -Force |Out-null + Copy-Item "$OfficePathSrc" -Destination "$OfficePathDest" -Recurse -Force + + # Starting the Office installer remotely + Write-verbose "[*] System $($Machine.item("Hostname")) : Starting Office install. This may take some time." + $Results = Invoke-Command -ComputerName $($Machine.item("Net1_IP").split('/')[0]) -Credential $creds -ScriptBlock { + param($OfficeSetup,$OfficeSetupArg,$InstallOK=$False) + Start-Process -FilePath $OfficeSetup -ArgumentList $OfficeSetupArg -Verb runas -wait + if ((Get-WmiObject -Class win32_operatingsystem).osarchitecture -match "32-bit") { + $res = get-itemproperty hklm:\software\microsoft\windows\currentversion\uninstall\* | select DisplayName|where { $_.DisplayName -match “Office”} + if ($res.count -ne 1) { + $InstallOK = $True + #Get-ChildItem "C:\SoftwareInstallers\Office*" -Recurse | Remove-Item -Force + rm -r -fo "C:\SoftwareInstallers\Office*" + } + } else { + $res = get-itemproperty hklm:\software\wow6432node\microsoft\windows\currentversion\uninstall\* | select DisplayName|where { $_.DisplayName -match “Office”} + if ($res.count -ne 1) { + $InstallOK = $True + #Get-ChildItem "C:\SoftwareInstallers\Office*" -Recurse | Remove-Item -Force + rm -r -fo "C:\SoftwareInstallers\Office*" + } + } + Return $InstallOK + } -ArgumentList $OfficeSetup,$OfficeSetupArg + + if ($Results) { + Write-verbose "[+] System $($Machine.item("Hostname")) : Office installation successful." + } else { + Write-Warning "[!] System $($Machine.item("Hostname")) : Office installation not successful." + } + } else { + Write-Verbose "[*] System $($Machine.item("Hostname")) : No Office to install." + } + + # Enable Volume Shadow copy back to manual state + Write-Verbose "[+] System $($Machine.item("Hostname")) : Enabling Volume Shadow Copy Service." + Invoke-Command -ComputerName $($Machine.item("Net1_IP").split('/')[0]) -Credential $Creds -ScriptBlock { cmd /c "sc config vss start= manual" } |Out-Null + + # removing the 'net use' drive mapping + $NetUseCmd = "`"net use \\"+$($Machine.item("Net1_IP").split('/')[0])+"\c`$ /delete`"" + & cmd /c $NetUseCmd | out-null + + Write-Verbose "[*] System $($Machine.item("Hostname")) : Done with software installation on this system." +} # end of function Invoke-ADLabSystemInstallSoftware + +Function Invoke-ADLabSystemLocalConfig { +<# + .Synopsis + Perform local system configurations + + .DESCRIPTION + Function to perform local configurations on the system. + + .EXAMPLE + Invoke-ADLabSystemLocalConfig -Machine $VM + + .PARAMETER $Machine + Hastable with info on the system we are installing software on - mandatory + +#> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $True)] + [hashtable] + [ValidateNotNullOrEmpty()] + $Machine, + + [Parameter(Mandatory=$False)] + [string] + $DomainUsername, + + [Parameter(Mandatory=$False)] + [string] + $DomainUserPass + ) + + $Pass = ConvertTo-SecureString $Machine.item("Pass") -AsPlainText -Force + $Creds = New-Object -TypeName System.Management.Automation.PSCredential $(".\"+$Machine.item("User")),$pass + + Write-verbose "[*] System $($Machine.item("Hostname")) : Starting local configurations." + + $IsDomainJoined = $False + + # Verify if we need to do domain related actions + if ($vm.ContainsKey("Domain")) { + Write-verbose "[*] System $($Machine.item("Hostname")) : Running with domain creds - will do domain related local tasks." + $IsDomainJoined = $True + } + + # Check if system is up and if we can log in + if (-not(Get-ADLabSystemUpStatus -ip $($Machine.item("Net1_IP").split('/')[0]) -username $Machine.item("User") -password $Machine.item("Pass") -timeout 60)) { + Write-Warning "[!] system $($Machine.item("Hostname")) WARNING: system down or can't log in." + } + + # Setting RDP stuff + Write-verbose "[*] System $($Machine.item("Hostname")) : Setting RDP settings." + if ($Machine.item("RDP_Allow") -match "True" ) { + Write-verbose "[+] System $($Machine.item("Hostname")) : Enabling RDP." + Invoke-Command -ComputerName $($Machine.item("Net1_IP").split('/')[0]) -Credential $Creds -ScriptBlock { + cmd /c 'reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f' | Out-Null + } + if ($IsDomainJoined) { + Write-verbose "[+] System $($Machine.item("Hostname")) : Allowing 'Domain users' group to RDP." + Invoke-Command -ComputerName $($Machine.item("Net1_IP").split('/')[0]) -Credential $Creds -ScriptBlock { + cmd /c 'net localgroup "Remote Desktop Users" "Domain Users" /add' | Out-Null + } + } + } + + # Disable Restore Point making - only available on client OSes + if ($($Machine.item("Type")) -like "Client") { + Write-Verbose "[+] System $($Machine.item("Hostname")) : Disabling Restore Points." + Invoke-Command -ComputerName $($Machine.item("Net1_IP").split('/')[0]) -Credential $Creds -ScriptBlock { Disable-ComputerRestore -Drive "c:\" } | Out-Null + } + + # Setting windows update settings according to lab config file - by default disabled + if ($Machine.item("Win_Update") -and ($Machine.item("Win_Update") -match "True")) { + Write-Verbose "[+] System $($Machine.item("Hostname")) : Setting Windows Update settings to Auto-Update" + Invoke-Command -ComputerName $($Machine.item("Net1_IP").split('/')[0]) -Credential $Creds -ScriptBlock { + # Setting registry keys in policies subdir + New-Item "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" -ErrorAction SilentlyContinue + New-Item "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" -ErrorAction SilentlyContinue + New-ItemProperty "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\" -Name NoAutoUpdate -Value 0 -PropertyType DWORD -Force -ErrorAction SilentlyContinue + New-ItemProperty "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\" -Name AUOptions -Value 4 -PropertyType DWORD -Force -ErrorAction SilentlyContinue + New-ItemProperty "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\" -Name ScheduledInstallDay -Value 0 -PropertyType DWORD -Force -ErrorAction SilentlyContinue + New-ItemProperty "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\" -Name ScheduledInstallTime -Value 8 -PropertyType DWORD -Force -ErrorAction SilentlyContinue + New-ItemProperty "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\" -Name NoAutoRebootWithLoggedOnUsers -Value 0 -PropertyType DWORD -Force -ErrorAction SilentlyContinue + # restarting auto update service and make sure it auto starts + cmd /c 'net stop wuauserv > nul 2> nul' # redirect error out as the service may already be stopped, causing to prompt an error + cmd /c 'net start wuauserv > nul 2>nul' + cmd /c 'sc config wuauserv start= auto' + } | Out-NUll + # Windows 10 and Server 2016 have different commands for forcing checks of updates + if ( ($Machine.item("OS") -like "*indows2016*") -or ($Machine.item("OS") -like "*indows10*") ) { + Invoke-Command -ComputerName $($Machine.item("Net1_IP").split('/')[0]) -Credential $Creds -ScriptBlock { + cmd /c 'UsoClient.exe ScanInstallWait' + } + } else { + Invoke-Command -ComputerName $($Machine.item("Net1_IP").split('/')[0]) -Credential $Creds -ScriptBlock { + cmd /c 'wuauclt.exe /checknow' + cmd /c 'wuauclt.exe /updatenow' + } + } + } else { + Invoke-Command -ComputerName $($Machine.item("Net1_IP").split('/')[0]) -Credential $Creds -ScriptBlock { + New-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" -Name AUOptions -Value 1 -PropertyType DWORD -Force -ErrorAction SilentlyContinue + New-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" -Name NoAutoUpdate -Value 2 -PropertyType DWORD -Force -ErrorAction SilentlyContinue + cmd /c 'sc config wuauserv start= disabled' + } |Out-Null + } + + Write-Verbose "[*] System $($Machine.item("Hostname")) : Done with local configurations." +} # end of function Invoke-ADLabSystemLocalConfig \ No newline at end of file diff --git a/Invoke-ADLabDeployer_consoleoutput_CheckConfigOnly.txt b/Invoke-ADLabDeployer_consoleoutput_CheckConfigOnly.txt new file mode 100755 index 0000000..c7f1e65 --- /dev/null +++ b/Invoke-ADLabDeployer_consoleoutput_CheckConfigOnly.txt @@ -0,0 +1,87 @@ +PS D:\ADLabDeployer> $return_net,$return_sys,$return_ads = Invoke-ADLabDeployer -LabConfigFile configs\labs_config.xml -Name FooBar -CheckConfigOnly +PS D:\ADLabDeployer> $return_net + +Name Value +---- ----- +net2 {NetName, Subnet, GW} +net1 {NetName, Subnet, GW} + + +PS D:\ADLabDeployer> $return_net.values + +Name Value +---- ----- +NetName net2 +Subnet 10.202.2.0/24 +GW 10.202.2.1 +NetName net1 +Subnet 10.202.1.0/24 +GW 10.202.1.1 + + +PS D:\ADLabDeployer> $return_ads + +Name Value +---- ----- +BreakMe.local {PDC_LocalPass, SafeModeAdminPass, ADDSName, PDC...} + + +PS D:\ADLabDeployer> $return_ads.Values + +Name Value +---- ----- +PDC_LocalPass Outflank123 +SafeModeAdminPass Outflank123 +ADDSName BreakMe.local +PDC server1 +PDC_IP 10.202.1.11 +ParentDomain . +PDC_LocalUser ted + + +PS D:\ADLabDeployer> $return_sys + +Name Value +---- ----- +client8 {VMName, OfficeInstaller, Mem, Net1_GW...} +server4 {VMName, Mem, Net1_GW, OS...} +server5 {VMName, Mem, Net1_GW, OS...} +server2 {VMName, Mem, Net1_GW, OS...} +client6 {VMName, OfficeInstaller, Mem, Net1_GW...} +client7 {VMName, OfficeInstaller, Mem, Net1_GW...} +server1 {VMName, Mem, Net1_GW, OS...} +client5 {VMName, OfficeInstaller, Mem, Net1_GW...} +client2 {VMName, OfficeInstaller, Mem, Net1_GW...} +client3 {VMName, OfficeInstaller, Mem, Net1_GW...} +client1 {VMName, OfficeInstaller, Mem, Net1_GW...} +client4 {VMName, OfficeInstaller, Mem, Net1_GW...} +server3 {VMName, Mem, Net1_GW, OS...} + + +PS D:\ADLabDeployer> $return_sys.client1 + +Name Value +---- ----- +VMName FooBar_client1_10.202.2.11_windows10x86_Office16x86 +OfficeInstaller Office16x86\setup.exe +Mem 4GB +Net1_GW 10.202.2.1 +OS windows10x86 +UnattendFile unattend\unattend.win10.xml +SW_Install {Chrome\googlechromestandaloneenterprise.msi, 7z\7z1801-x86.msi, npp\npp.7.5.0.installer.x86.msi} +Pass Outflank123 +User ted +Net1_IP 10.202.2.11/24 +Hostname client1 +Win_Update True +Net1_MAC 06-59-6a-31-a5-e8 +Net1_DNS 10.202.1.11 +Net1_Name net2 +RDP_Allow True +Domain BreakMe.local +ParentDisk parent-en_windows_10_enterprise_version_1709_updated_dec_2017_x86_dvd_100406182-updated201801 +OfficeConfig Office16x86\config.xml +Type Client + + +PS D:\ADLabDeployer> diff --git a/Invoke-ADLabDeployer_consoleoutput_fullrun.txt b/Invoke-ADLabDeployer_consoleoutput_fullrun.txt new file mode 100755 index 0000000..6bfbe08 --- /dev/null +++ b/Invoke-ADLabDeployer_consoleoutput_fullrun.txt @@ -0,0 +1,421 @@ +PS D:\ADLabDeployer> Invoke-ADLabDeployer -LabConfigFile configs\labs_config.xml -Name FooBar -Verbose +VERBOSE: [*] Start lab deployment +VERBOSE: [+] Successfully opened configs\labs_config.xml +VERBOSE: [+] Successfully processed config of network: net1 +VERBOSE: [+] Successfully processed config of network: net2 +VERBOSE: [+] Successfully processed network config. Amount of networks read: 2. +VERBOSE: [+] Successfully processed config of system: server1 +VERBOSE: [+] Successfully processed config of system: server2 +VERBOSE: [+] Successfully processed config of system: server3 +VERBOSE: [+] Successfully processed config of system: server4 +VERBOSE: [+] Successfully processed config of system: server5 +VERBOSE: [+] Successfully processed config of system: client1 +VERBOSE: [+] Successfully processed config of system: client2 +VERBOSE: [+] Successfully processed config of system: client3 +VERBOSE: [+] Successfully processed config of system: client4 +VERBOSE: [+] Successfully processed config of system: client5 +VERBOSE: [+] Successfully processed config of system: client6 +VERBOSE: [+] Successfully processed config of system: client7 +VERBOSE: [+] Successfully processed config of system: client8 +VERBOSE: [*] Done processing system config in XML. Amount of systems read: 13. +VERBOSE: [*] Start processing config of an ActiveDirectory Domain Services. +VERBOSE: [+] Successfully processed config of AD domain: BreakMe.local +VERBOSE: [*] Done processing AD config in XML. Amount of AD domains read: 1. +VERBOSE: [*] Done adjusting DNS info for Domain joined systems. +VERBOSE: [*] Done reading the lab config file +VERBOSE: [*] Start setting up the virtual network +VERBOSE: [+] Removing netnat networks as they interfere with our desired setup +VERBOSE: [*] Routing already enabled +VERBOSE: [*] Processing virtual switch FooBar_net2 +VERBOSE: [*] Virtual switch FooBar_net2 found with correct IP address, no further config needed. +VERBOSE: [*] Processing virtual switch FooBar_net1 +VERBOSE: [*] Virtual switch FooBar_net1 found with correct IP address, no further config needed. +VERBOSE: [+] Successfully setup virtual network. +VERBOSE: [*] Start setting up systems +VERBOSE: [+] Creating new VM: FooBar_client8_10.202.2.18_windows8.1x86_Office15x86 +VERBOSE: [+] VM FooBar_client8_10.202.2.18_windows8.1x86_Office15x86 created, now booting. +VERBOSE: [+] Creating new VM: FooBar_server4_10.202.1.14_windows2008R2x64 +VERBOSE: [+] VM FooBar_server4_10.202.1.14_windows2008R2x64 created, now booting. +VERBOSE: [+] Creating new VM: FooBar_server5_10.202.1.15_windows2012R2x64 +VERBOSE: [+] VM FooBar_server5_10.202.1.15_windows2012R2x64 created, now booting. +VERBOSE: [+] Creating new VM: FooBar_server2_10.202.1.12_windows2016x64 +VERBOSE: [+] VM FooBar_server2_10.202.1.12_windows2016x64 created, now booting. +VERBOSE: [+] Creating new VM: FooBar_client6_10.202.2.16_windows7x86_Office14x86 +VERBOSE: [+] VM FooBar_client6_10.202.2.16_windows7x86_Office14x86 created, now booting. +VERBOSE: [+] Creating new VM: FooBar_client7_10.202.2.17_windows8.1x64_Office15x86 +VERBOSE: [+] VM FooBar_client7_10.202.2.17_windows8.1x64_Office15x86 created, now booting. +VERBOSE: [+] Creating new VM: FooBar_server1_10.202.1.11_windows2012R2x64 +VERBOSE: [+] VM FooBar_server1_10.202.1.11_windows2012R2x64 created, now booting. +VERBOSE: [+] Creating new VM: FooBar_client5_10.202.2.15_windows7x64_Office16x64 +VERBOSE: [+] VM FooBar_client5_10.202.2.15_windows7x64_Office16x64 created, now booting. +VERBOSE: [+] Creating new VM: FooBar_client2_10.202.2.12_windows10x64_Office16x64 +VERBOSE: [+] VM FooBar_client2_10.202.2.12_windows10x64_Office16x64 created, now booting. +VERBOSE: [+] Creating new VM: FooBar_client3_10.202.2.13_windows10x86_Office16x86 +VERBOSE: [+] VM FooBar_client3_10.202.2.13_windows10x86_Office16x86 created, now booting. +VERBOSE: [+] Creating new VM: FooBar_client1_10.202.2.11_windows10x86_Office16x86 +VERBOSE: [+] VM FooBar_client1_10.202.2.11_windows10x86_Office16x86 created, now booting. +VERBOSE: [+] Creating new VM: FooBar_client4_10.202.2.14_windows10x64_Office16x64 +VERBOSE: [+] VM FooBar_client4_10.202.2.14_windows10x64_Office16x64 created, now booting. +VERBOSE: [+] Creating new VM: FooBar_server3_10.202.1.13_windows2016x64 +VERBOSE: [+] VM FooBar_server3_10.202.1.13_windows2016x64 created, now booting. +VERBOSE: [+] Done setting up the VM(s) and now starting them up. Giving them 180s to boot. +VERBOSE: [*] Checking if PDC is up +VERBOSE: [*] System is up. Start building ADDS +VERBOSE: [*] Starting Installation of ADDS Roles/Features +WARNING: Windows automatic updating is not enabled. To ensure that your newly-installed role or feature is automatically +updated, turn on Windows Update. +VERBOSE: [+] Successfully installed ADDS Roles/Features. +VERBOSE: [*] Enabling local administrator account +VERBOSE: [+] Local administrator account enabled. +VERBOSE: [*] Installing the Forest - this may take several minutes +WARNING: Windows Server 2012 R2 domain controllers have a default for the security setting named "Allow cryptography +algorithms compatible with Windows NT 4.0" that prevents weaker cryptography algorithms when establishing security channel +sessions. + +For more information about this setting, see Knowledge Base article 942564 (http://go.microsoft.com/fwlink/?LinkId=104751). + +WARNING: A delegation for this DNS server cannot be created because the authoritative parent zone cannot be found or it does +not run Windows DNS server. If you are integrating with an existing DNS infrastructure, you should manually create a +delegation to this DNS server in the parent zone to ensure reliable name resolution from outside the domain "BreakMe.local". +Otherwise, no action is required. + +WARNING: Windows Server 2012 R2 domain controllers have a default for the security setting named "Allow cryptography +algorithms compatible with Windows NT 4.0" that prevents weaker cryptography algorithms when establishing security channel +sessions. + +For more information about this setting, see Knowledge Base article 942564 (http://go.microsoft.com/fwlink/?LinkId=104751). + +WARNING: A delegation for this DNS server cannot be created because the authoritative parent zone cannot be found or it does +not run Windows DNS server. If you are integrating with an existing DNS infrastructure, you should manually create a +delegation to this DNS server in the parent zone to ensure reliable name resolution from outside the domain "BreakMe.local". +Otherwise, no action is required. + +VERBOSE: [*] PDC is rebooting for Forest and Domain to be effective. This can take a while depending on your hardware. +VERBOSE: [*] We will wait up till 5 minutes, but check periodically. +VERBOSE: [+] PDC is back up. Now checking if ADDS is up and running. +VERBOSE: [+] Forest and Domain BreakMe.local successfully installed. +VERBOSE: [*] Verifying if DNS server 10.202.1.11 is giving out a SRV type record on _ldap._tcp.pdc._msdcs.BreakMe.local +VERBOSE: _ldap._tcp.pdc._msdcs.BreakMe.local +VERBOSE: [+] SRV record found. Continuing with domain join. +VERBOSE: [*] Joining systems to AD Domains +VERBOSE: [+] System client8 : Enabling quick start of WinRM +VERBOSE: [*] System client8 : Starting domain join. +VERBOSE: [*] System client8 : not joined, about to do so. +VERBOSE: [+] System client8 : Successfully joined the domain. Now rebooting. +VERBOSE: [+] System server4 : Enabling quick start of WinRM +VERBOSE: [*] System server4 : Starting domain join. +VERBOSE: [*] System server4 : not joined, about to do so. +VERBOSE: [+] System server4 : Successfully joined the domain. Now rebooting. +VERBOSE: [+] System server5 : Enabling quick start of WinRM +VERBOSE: [*] System server5 : Starting domain join. +VERBOSE: [*] System server5 : not joined, about to do so. +VERBOSE: [+] System server5 : Successfully joined the domain. Now rebooting. +VERBOSE: [+] System client6 : Enabling quick start of WinRM +VERBOSE: [*] System client6 : Starting domain join. +VERBOSE: [*] System client6 : not joined, about to do so. +VERBOSE: [+] System client6 : Successfully joined the domain. Now rebooting. +VERBOSE: [+] System client7 : Enabling quick start of WinRM +VERBOSE: [*] System client7 : Starting domain join. +VERBOSE: [*] System client7 : not joined, about to do so. +VERBOSE: [+] System client7 : Successfully joined the domain. Now rebooting. +VERBOSE: [+] System server1 : Enabling quick start of WinRM +VERBOSE: [*] System server1 : Starting domain join. +VERBOSE: [*] System server1 : already in that domain. Nothing to do. +VERBOSE: [+] System client5 : Enabling quick start of WinRM +VERBOSE: [*] System client5 : Starting domain join. +VERBOSE: [*] System client5 : not joined, about to do so. +VERBOSE: [+] System client5 : Successfully joined the domain. Now rebooting. +VERBOSE: [+] System client2 : Enabling quick start of WinRM +VERBOSE: [*] System client2 : Starting domain join. +VERBOSE: [*] System client2 : not joined, about to do so. +VERBOSE: [+] System client2 : Successfully joined the domain. Now rebooting. +VERBOSE: [+] System client3 : Enabling quick start of WinRM +VERBOSE: [*] System client3 : Starting domain join. +VERBOSE: [*] System client3 : not joined, about to do so. +VERBOSE: [+] System client3 : Successfully joined the domain. Now rebooting. +VERBOSE: [+] System client1 : Enabling quick start of WinRM +VERBOSE: [*] System client1 : Starting domain join. +VERBOSE: [*] System client1 : not joined, about to do so. +VERBOSE: [+] System client1 : Successfully joined the domain. Now rebooting. +VERBOSE: [+] System client4 : Enabling quick start of WinRM +VERBOSE: [*] System client4 : Starting domain join. +VERBOSE: [*] System client4 : not joined, about to do so. +VERBOSE: [+] System client4 : Successfully joined the domain. Now rebooting. +VERBOSE: [+] System server3 : Enabling quick start of WinRM +VERBOSE: [*] System server3 : Starting domain join. +VERBOSE: [*] System server3 : not joined, about to do so. +VERBOSE: [+] System server3 : Successfully joined the domain. Now rebooting. +VERBOSE: [*] Starting installation of software packages. +VERBOSE: [*] System client8 : Starting package installations. +VERBOSE: [+] System client8 : Removing specific reg key of CEIP that is a known bug for slow msi installs. +VERBOSE: [+] System client8 : Stopping Spooler service +VERBOSE: [+] System client8 : Disabling Volume Shadow Copy Service. +VERBOSE: [*] System client8 : No software files to copy. +VERBOSE: [*] System client8 : running msi software installers. +VERBOSE: [+] System client8 : Installing software package googlechromestandaloneenterprise.msi. This may take some time. +VERBOSE: [+] System client8 : Installing software package 7z1801-x86.msi. This may take some time. +VERBOSE: [+] System client8 : Installing software package npp.7.5.0.installer.x86.msi. This may take some time. +VERBOSE: [+] System client8 : Copying Office installer files. +VERBOSE: [*] System client8 : Starting Office install. This may take some time. +VERBOSE: [+] System client8 : Office installation successful. +VERBOSE: [+] System client8 : Enabling Volume Shadow Copy Service. +VERBOSE: [*] System client8 : Done with software installation on this system. +VERBOSE: [*] System server4 : Starting package installations. +VERBOSE: [+] System server4 : Removing specific reg key of CEIP that is a known bug for slow msi installs. +VERBOSE: [+] System server4 : Stopping Spooler service +VERBOSE: [+] System server4 : Disabling Volume Shadow Copy Service. +VERBOSE: [*] System server4 : No software files to copy. +VERBOSE: [*] System server4 : running msi software installers. +VERBOSE: [+] System server4 : Installing software package googlechromestandaloneenterprise.msi. This may take some time. +VERBOSE: [+] System server4 : Installing software package 7z1801-x86.msi. This may take some time. +VERBOSE: [+] System server4 : Installing software package npp.7.5.0.installer.x86.msi. This may take some time. +VERBOSE: [*] System server4 : No Office to install. +VERBOSE: [+] System server4 : Enabling Volume Shadow Copy Service. +VERBOSE: [*] System server4 : Done with software installation on this system. +VERBOSE: [*] System server5 : Starting package installations. +VERBOSE: [+] System server5 : Removing specific reg key of CEIP that is a known bug for slow msi installs. +VERBOSE: [+] System server5 : Stopping Spooler service +VERBOSE: [+] System server5 : Disabling Volume Shadow Copy Service. +VERBOSE: [*] System server5 : No software files to copy. +VERBOSE: [*] System server5 : running msi software installers. +VERBOSE: [+] System server5 : Installing software package googlechromestandaloneenterprise.msi. This may take some time. +VERBOSE: [+] System server5 : Installing software package 7z1801-x86.msi. This may take some time. +VERBOSE: [+] System server5 : Installing software package npp.7.5.0.installer.x86.msi. This may take some time. +VERBOSE: [*] System server5 : No Office to install. +VERBOSE: [+] System server5 : Enabling Volume Shadow Copy Service. +VERBOSE: [*] System server5 : Done with software installation on this system. +VERBOSE: [*] System server2 : Starting package installations. +VERBOSE: [+] System server2 : Removing specific reg key of CEIP that is a known bug for slow msi installs. +VERBOSE: [+] System server2 : Stopping Spooler service +VERBOSE: [+] System server2 : Disabling Volume Shadow Copy Service. +VERBOSE: [*] System server2 : Copying software files. +VERBOSE: [+] System server2 : Copying software package +VERBOSE: [*] System server2 : running msi software installers. +VERBOSE: [+] System server2 : Installing software package googlechromestandaloneenterprise.msi. This may take some time. +VERBOSE: [+] System server2 : Installing software package 7z1801-x86.msi. This may take some time. +VERBOSE: [+] System server2 : Installing software package npp.7.5.0.installer.x86.msi. This may take some time. +VERBOSE: [*] System server2 : No Office to install. +VERBOSE: [+] System server2 : Enabling Volume Shadow Copy Service. +VERBOSE: [*] System server2 : Done with software installation on this system. +VERBOSE: [*] System client6 : Starting package installations. +VERBOSE: [+] System client6 : Removing specific reg key of CEIP that is a known bug for slow msi installs. +VERBOSE: [+] System client6 : Stopping Spooler service +VERBOSE: [+] System client6 : Disabling Volume Shadow Copy Service. +VERBOSE: [*] System client6 : No software files to copy. +VERBOSE: [*] System client6 : running msi software installers. +VERBOSE: [+] System client6 : Installing software package googlechromestandaloneenterprise.msi. This may take some time. +VERBOSE: [+] System client6 : Installing software package 7z1801-x86.msi. This may take some time. +VERBOSE: [+] System client6 : Installing software package npp.7.5.0.installer.x86.msi. This may take some time. +VERBOSE: [+] System client6 : Copying Office installer files. +VERBOSE: [*] System client6 : Starting Office install. This may take some time. +VERBOSE: [+] System client6 : Office installation successful. +VERBOSE: [+] System client6 : Enabling Volume Shadow Copy Service. +VERBOSE: [*] System client6 : Done with software installation on this system. +VERBOSE: [*] System client7 : Starting package installations. +VERBOSE: [+] System client7 : Removing specific reg key of CEIP that is a known bug for slow msi installs. +VERBOSE: [+] System client7 : Stopping Spooler service +VERBOSE: [+] System client7 : Disabling Volume Shadow Copy Service. +VERBOSE: [*] System client7 : No software files to copy. +VERBOSE: [*] System client7 : running msi software installers. +VERBOSE: [+] System client7 : Installing software package googlechromestandaloneenterprise.msi. This may take some time. +VERBOSE: [+] System client7 : Installing software package 7z1801-x86.msi. This may take some time. +VERBOSE: [+] System client7 : Installing software package npp.7.5.0.installer.x86.msi. This may take some time. +VERBOSE: [+] System client7 : Copying Office installer files. +VERBOSE: [*] System client7 : Starting Office install. This may take some time. +VERBOSE: [+] System client7 : Office installation successful. +VERBOSE: [+] System client7 : Enabling Volume Shadow Copy Service. +VERBOSE: [*] System client7 : Done with software installation on this system. +VERBOSE: [*] System server1 : Starting package installations. +VERBOSE: [+] System server1 : Removing specific reg key of CEIP that is a known bug for slow msi installs. +VERBOSE: [+] System server1 : Stopping Spooler service +VERBOSE: [+] System server1 : Disabling Volume Shadow Copy Service. +VERBOSE: [*] System server1 : No software files to copy. +VERBOSE: [*] System server1 : running msi software installers. +VERBOSE: [+] System server1 : Installing software package googlechromestandaloneenterprise.msi. This may take some time. +VERBOSE: [+] System server1 : Installing software package 7z1801-x86.msi. This may take some time. +VERBOSE: [+] System server1 : Installing software package npp.7.5.0.installer.x86.msi. This may take some time. +VERBOSE: [*] System server1 : No Office to install. +VERBOSE: [+] System server1 : Enabling Volume Shadow Copy Service. +VERBOSE: [*] System server1 : Done with software installation on this system. +VERBOSE: [*] System client5 : Starting package installations. +VERBOSE: [+] System client5 : Removing specific reg key of CEIP that is a known bug for slow msi installs. +VERBOSE: [+] System client5 : Stopping Spooler service +VERBOSE: [+] System client5 : Disabling Volume Shadow Copy Service. +VERBOSE: [*] System client5 : No software files to copy. +VERBOSE: [*] System client5 : running msi software installers. +VERBOSE: [+] System client5 : Installing software package googlechromestandaloneenterprise.msi. This may take some time. +VERBOSE: [+] System client5 : Installing software package 7z1801-x86.msi. This may take some time. +VERBOSE: [+] System client5 : Installing software package npp.7.5.0.installer.x86.msi. This may take some time. +VERBOSE: [+] System client5 : Copying Office installer files. +VERBOSE: [*] System client5 : Starting Office install. This may take some time. +VERBOSE: [+] System client5 : Office installation successful. +VERBOSE: [+] System client5 : Enabling Volume Shadow Copy Service. +VERBOSE: [*] System client5 : Done with software installation on this system. +VERBOSE: [*] System client2 : Starting package installations. +VERBOSE: [+] System client2 : Removing specific reg key of CEIP that is a known bug for slow msi installs. +VERBOSE: [+] System client2 : Stopping Spooler service +VERBOSE: [+] System client2 : Disabling Volume Shadow Copy Service. +VERBOSE: [*] System client2 : No software files to copy. +VERBOSE: [*] System client2 : running msi software installers. +VERBOSE: [+] System client2 : Installing software package googlechromestandaloneenterprise.msi. This may take some time. +VERBOSE: [+] System client2 : Installing software package 7z1801-x86.msi. This may take some time. +VERBOSE: [+] System client2 : Installing software package npp.7.5.0.installer.x86.msi. This may take some time. +VERBOSE: [+] System client2 : Copying Office installer files. +VERBOSE: [*] System client2 : Starting Office install. This may take some time. +VERBOSE: [+] System client2 : Office installation successful. +VERBOSE: [+] System client2 : Enabling Volume Shadow Copy Service. +VERBOSE: [*] System client2 : Done with software installation on this system. +VERBOSE: [*] System client3 : Starting package installations. +VERBOSE: [+] System client3 : Removing specific reg key of CEIP that is a known bug for slow msi installs. +VERBOSE: [+] System client3 : Stopping Spooler service +VERBOSE: [+] System client3 : Disabling Volume Shadow Copy Service. +VERBOSE: [*] System client3 : No software files to copy. +VERBOSE: [*] System client3 : running msi software installers. +VERBOSE: [+] System client3 : Installing software package googlechromestandaloneenterprise.msi. This may take some time. +VERBOSE: [+] System client3 : Installing software package 7z1801-x86.msi. This may take some time. +VERBOSE: [+] System client3 : Installing software package npp.7.5.0.installer.x86.msi. This may take some time. +VERBOSE: [+] System client3 : Copying Office installer files. +VERBOSE: [*] System client3 : Starting Office install. This may take some time. +VERBOSE: [+] System client3 : Office installation successful. +VERBOSE: [+] System client3 : Enabling Volume Shadow Copy Service. +VERBOSE: [*] System client3 : Done with software installation on this system. +VERBOSE: [*] System client1 : Starting package installations. +VERBOSE: [+] System client1 : Removing specific reg key of CEIP that is a known bug for slow msi installs. +VERBOSE: [+] System client1 : Stopping Spooler service +VERBOSE: [+] System client1 : Disabling Volume Shadow Copy Service. +VERBOSE: [*] System client1 : No software files to copy. +VERBOSE: [*] System client1 : running msi software installers. +VERBOSE: [+] System client1 : Installing software package googlechromestandaloneenterprise.msi. This may take some time. +VERBOSE: [+] System client1 : Installing software package 7z1801-x86.msi. This may take some time. +VERBOSE: [+] System client1 : Installing software package npp.7.5.0.installer.x86.msi. This may take some time. +VERBOSE: [+] System client1 : Copying Office installer files. +VERBOSE: [*] System client1 : Starting Office install. This may take some time. +VERBOSE: [+] System client1 : Office installation successful. +VERBOSE: [+] System client1 : Enabling Volume Shadow Copy Service. +VERBOSE: [*] System client1 : Done with software installation on this system. +VERBOSE: [*] System client4 : Starting package installations. +VERBOSE: [+] System client4 : Removing specific reg key of CEIP that is a known bug for slow msi installs. +VERBOSE: [+] System client4 : Stopping Spooler service +VERBOSE: [+] System client4 : Disabling Volume Shadow Copy Service. +VERBOSE: [*] System client4 : No software files to copy. +VERBOSE: [*] System client4 : running msi software installers. +VERBOSE: [+] System client4 : Installing software package googlechromestandaloneenterprise.msi. This may take some time. +VERBOSE: [+] System client4 : Installing software package 7z1801-x86.msi. This may take some time. +VERBOSE: [+] System client4 : Installing software package npp.7.5.0.installer.x86.msi. This may take some time. +VERBOSE: [+] System client4 : Copying Office installer files. +VERBOSE: [*] System client4 : Starting Office install. This may take some time. +VERBOSE: [+] System client4 : Office installation successful. +VERBOSE: [+] System client4 : Enabling Volume Shadow Copy Service. +VERBOSE: [*] System client4 : Done with software installation on this system. +VERBOSE: [*] System server3 : Starting package installations. +VERBOSE: [+] System server3 : Removing specific reg key of CEIP that is a known bug for slow msi installs. +VERBOSE: [+] System server3 : Stopping Spooler service +VERBOSE: [+] System server3 : Disabling Volume Shadow Copy Service. +VERBOSE: [*] System server3 : No software files to copy. +VERBOSE: [*] System server3 : running msi software installers. +VERBOSE: [+] System server3 : Installing software package googlechromestandaloneenterprise.msi. This may take some time. +VERBOSE: [+] System server3 : Installing software package 7z1801-x86.msi. This may take some time. +VERBOSE: [+] System server3 : Installing software package npp.7.5.0.installer.x86.msi. This may take some time. +VERBOSE: [*] System server3 : No Office to install. +VERBOSE: [+] System server3 : Enabling Volume Shadow Copy Service. +VERBOSE: [*] System server3 : Done with software installation on this system. +VERBOSE: [*] Starting local configuration. +VERBOSE: [*] System client8 : Starting local configurations. +VERBOSE: [*] System client8 : Running with domain creds - will do domain related local tasks. +VERBOSE: [*] System client8 : Setting RDP settings. +VERBOSE: [+] System client8 : Enabling RDP. +VERBOSE: [+] System client8 : Allowing 'Domain users' group to RDP. +VERBOSE: [+] System client8 : Disabling Restore Points. +VERBOSE: [+] System client8 : Setting Windows Update settings to Auto-Update +VERBOSE: [*] System client8 : Done with local configurations. +VERBOSE: [*] System server4 : Starting local configurations. +VERBOSE: [*] System server4 : Running with domain creds - will do domain related local tasks. +VERBOSE: [*] System server4 : Setting RDP settings. +VERBOSE: [+] System server4 : Enabling RDP. +VERBOSE: [+] System server4 : Allowing 'Domain users' group to RDP. +VERBOSE: [+] System server4 : Setting Windows Update settings to Auto-Update +VERBOSE: [*] System server4 : Done with local configurations. +VERBOSE: [*] System server5 : Starting local configurations. +VERBOSE: [*] System server5 : Running with domain creds - will do domain related local tasks. +VERBOSE: [*] System server5 : Setting RDP settings. +VERBOSE: [+] System server5 : Enabling RDP. +VERBOSE: [+] System server5 : Allowing 'Domain users' group to RDP. +VERBOSE: [+] System server5 : Setting Windows Update settings to Auto-Update +VERBOSE: [*] System server5 : Done with local configurations. +VERBOSE: [*] System server2 : Starting local configurations. +VERBOSE: [*] System server2 : Setting RDP settings. +VERBOSE: [+] System server2 : Enabling RDP. +VERBOSE: [+] System server2 : Setting Windows Update settings to Auto-Update +VERBOSE: [*] System server2 : Done with local configurations. +VERBOSE: [*] System client6 : Starting local configurations. +VERBOSE: [*] System client6 : Running with domain creds - will do domain related local tasks. +VERBOSE: [*] System client6 : Setting RDP settings. +VERBOSE: [+] System client6 : Enabling RDP. +VERBOSE: [+] System client6 : Allowing 'Domain users' group to RDP. +VERBOSE: [+] System client6 : Disabling Restore Points. +VERBOSE: [+] System client6 : Setting Windows Update settings to Auto-Update +VERBOSE: [*] System client6 : Done with local configurations. +VERBOSE: [*] System client7 : Starting local configurations. +VERBOSE: [*] System client7 : Running with domain creds - will do domain related local tasks. +VERBOSE: [*] System client7 : Setting RDP settings. +VERBOSE: [+] System client7 : Enabling RDP. +VERBOSE: [+] System client7 : Allowing 'Domain users' group to RDP. +VERBOSE: [+] System client7 : Disabling Restore Points. +VERBOSE: [+] System client7 : Setting Windows Update settings to Auto-Update +VERBOSE: [*] System client7 : Done with local configurations. +VERBOSE: [*] System server1 : Starting local configurations. +VERBOSE: [*] System server1 : Running with domain creds - will do domain related local tasks. +VERBOSE: [*] System server1 : Setting RDP settings. +VERBOSE: [+] System server1 : Enabling RDP. +VERBOSE: [+] System server1 : Allowing 'Domain users' group to RDP. +VERBOSE: [*] System server1 : Done with local configurations. +VERBOSE: [*] System client5 : Starting local configurations. +VERBOSE: [*] System client5 : Running with domain creds - will do domain related local tasks. +VERBOSE: [*] System client5 : Setting RDP settings. +VERBOSE: [+] System client5 : Enabling RDP. +VERBOSE: [+] System client5 : Allowing 'Domain users' group to RDP. +VERBOSE: [+] System client5 : Disabling Restore Points. +VERBOSE: [+] System client5 : Setting Windows Update settings to Auto-Update +VERBOSE: [*] System client5 : Done with local configurations. +VERBOSE: [*] System client2 : Starting local configurations. +VERBOSE: [*] System client2 : Running with domain creds - will do domain related local tasks. +VERBOSE: [*] System client2 : Setting RDP settings. +VERBOSE: [+] System client2 : Enabling RDP. +VERBOSE: [+] System client2 : Allowing 'Domain users' group to RDP. +VERBOSE: [+] System client2 : Disabling Restore Points. +VERBOSE: [+] System client2 : Setting Windows Update settings to Auto-Update +VERBOSE: [*] System client2 : Done with local configurations. +VERBOSE: [*] System client3 : Starting local configurations. +VERBOSE: [*] System client3 : Running with domain creds - will do domain related local tasks. +VERBOSE: [*] System client3 : Setting RDP settings. +VERBOSE: [+] System client3 : Enabling RDP. +VERBOSE: [+] System client3 : Allowing 'Domain users' group to RDP. +VERBOSE: [+] System client3 : Disabling Restore Points. +VERBOSE: [+] System client3 : Setting Windows Update settings to Auto-Update +VERBOSE: [*] System client3 : Done with local configurations. +VERBOSE: [*] System client1 : Starting local configurations. +VERBOSE: [*] System client1 : Running with domain creds - will do domain related local tasks. +VERBOSE: [*] System client1 : Setting RDP settings. +VERBOSE: [+] System client1 : Enabling RDP. +VERBOSE: [+] System client1 : Allowing 'Domain users' group to RDP. +VERBOSE: [+] System client1 : Disabling Restore Points. +VERBOSE: [+] System client1 : Setting Windows Update settings to Auto-Update +VERBOSE: [*] System client1 : Done with local configurations. +VERBOSE: [*] System client4 : Starting local configurations. +VERBOSE: [*] System client4 : Running with domain creds - will do domain related local tasks. +VERBOSE: [*] System client4 : Setting RDP settings. +VERBOSE: [+] System client4 : Enabling RDP. +VERBOSE: [+] System client4 : Allowing 'Domain users' group to RDP. +VERBOSE: [+] System client4 : Disabling Restore Points. +VERBOSE: [+] System client4 : Setting Windows Update settings to Auto-Update +VERBOSE: [*] System client4 : Done with local configurations. +VERBOSE: [*] System server3 : Starting local configurations. +VERBOSE: [*] System server3 : Running with domain creds - will do domain related local tasks. +VERBOSE: [*] System server3 : Setting RDP settings. +VERBOSE: [+] System server3 : Enabling RDP. +VERBOSE: [+] System server3 : Allowing 'Domain users' group to RDP. +VERBOSE: [+] System server3 : Setting Windows Update settings to Auto-Update +VERBOSE: [*] System server3 : Done with local configurations. +VERBOSE: [*] Done with lab deployment. +VERBOSE: [*] Deployed 2 networks, 1 Domain and 13 systems in 79 minutes. +PS D:\ADLabDeployer> \ No newline at end of file diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..ad61d69 --- /dev/null +++ b/LICENSE @@ -0,0 +1,29 @@ +BSD 3-Clause License + +Copyright (c) 2018, Marc Smeets +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +* Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + +* Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +* Neither the name of the copyright holder nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. \ No newline at end of file diff --git a/README.md b/README.md new file mode 100755 index 0000000..77e5384 --- /dev/null +++ b/README.md @@ -0,0 +1,232 @@ +# Goal of the project # +Automated deployment of Windows and Active Directory test lab networks. Useful for red and blue teams. + +During red teaming gigs we encounter many different setups at our clients. To test our payloads and to review our artefacts we need a lab that allows us to quickly deploy Windows OS version X with Office version Y, in a fully working AD and a network setup that has separate broadcast segments. +Invoke-ADLabDeployer does the heavy lifting. From there on you can easily tune to your exact liking, e.g. create specific GPO’s, install extra software, and make any other final tuning for the setup that you need. + +Invoke-ADLabDeployer relies heavily on techniques like Hyper-V, sysprep and (remote) Powershell for the deployment and configuration. + +There are other projects out there that do similar things. But Invoke-ADLabDeployer has support for all Windows OS versions currently encountered at clients, specifically support for Win7 and Server2008R2, while keeping resource usage low by using smart Hyper-V tricks like differencing disks, dynamic memory, etc. +More background info and reasoning why this script has added value over others as well as over Azure [here](https://outflank.nl/blog/) + +## Running the script ## +**There is no quick starting with this script. You really need to have parent images pre-created.** + +If you are sure you meet all the requirements and have done all the preparations, you can run it using: + +Import: `Import-Module .\Invoke-ADLabDeployer.ps1` + +Start deployment: `Invoke-ADLabDeployer -LabConfigFile configs\labs_config.xml -Name demolab -Verbose` + +The `-Verbose` tag will give you handy status reports. + +Example output can be found [here](./Invoke-ADLabDeployer_consoleoutput_fullrun.txt). + + +Test the config file: `Invoke-ADLabDeployer -LabConfigFile configs\labs_config.xml -Name demolab -CheckConfigOnly` + +Have the config returned into local hashtables: `$return_net,$return_sys,$return_adds = Invoke-ADLabDeployer -LabConfigFile configs\labs_config.xml -Name demolab -CheckConfigOnly` + +Example output can be found [here](./Invoke-ADLabDeployer_consoleoutput_CheckConfigOnly.txt) + + +## Flow of script ## +On a generic level, the following tasks are performed: +- Read the configuration file and perform syntax checks +- Basic check on host OS network setup, i.e. required packages, enable routing and set WSMan trustedhosts +- Virtual network setup. +- Make linked copies (differencing disks) to the parent VHDs. +- Mount the linked disks and edit the unattend file to inject hostname, IP address, local user, etc. +- Unmount the disks and create the new virtual guests from the linked VHDs. +- Power on, wait some time for sysprep to complete. +- Install and configure the Active Directory Domain Controller. +- Have clients join the new domain. +- Install Office and other software packages. +- Perform final configs of local settings, e.g. RDP, Windows Update, some performance tuning, etc. + + + +## Requirements ## +You need the following: +- Required licenses for Microsoft software you are deploying. We use our own licenses. To get you started quickly, Ive included evaluation license keys in the Windows unattend files. The Office unattend files have "XXX" as license key, so you need to change that to be able to install Office. The Windows license keys are [EVAL licenses](https://docs.microsoft.com/en-us/windows-server/get-started/kmsclientkeys) and should work on all Windows versions whatever the install ISO is. There is one exception: 2008R2. The 2008R2 setup installer is very picky on the exact install ISO you used. The supplied license in the unattend file is for en_windows_server_2008_r2_with_sp1_vl_build_x64_dvd_617403.iso **You may or may not be in violation with Microsoft license agreements. Use at your own risk.** +- Local server that is capable of running multiple virtual machines. Intel VT-x or AMD/V capable CPU and a SSD disk is highly recommended. I'm using an Intel Skull NUC, solely for this purpose. It runs perfect and is able to deploy and host dozens of systems. +- A base Windows server OS that will host the lab using Hyper-V. Im running Server 2016. While I believe this will also work on other systems while WMF 5.0 is installed, I have not tested this. +- Parent images: virtual hard drives with the parent images prepared of what you want to deploy. Ive got Win7, Win8.1, Win10, 2016 LTSB, Win10 1709, Server 2008r2, 2012R2 and 2016. For each desktop OS I have a x86 and an x64 version, servers just x64 but there is no reason why x86 shouldn't work. More info on this below. The systems need to run powershell 2.0. So in theory it could also deploy Windows XP and 2003, but this is not tested. +- Config file: a XML file that defines the layout of the lab that you want to deploy. More info on this below. +- As the lab will dohave multiple subnets, we need to have RRAS (Routing and Remote Access) service installed, and the routing package. But they dont need to be configured as you would normally do, the script does this for you. This is probably against MSFT guidelines, but it works. The script does some checking and will help you to some degree with this. But if you encounter any issues, run Install-WindowsFeature RSAT-RemoteAccess –IncludeManagementTools; Install-WindowsFeature Routing -IncludeManagementTools +- Base installation files for the Office versions if you want to install Office. This repository includes config files for unattended Office installs. You do need to add your own license key, and perhaps go through the exact Office applications you want to install as defined in the office config files. + + +## Creating the parent images ## +- Create a new virtual machine in Hyper-V as you normally would. Have the disk stored in the `\disks\parentdsisks\` directory. Generation 2 virtual machines are preferred, but Hyper-V only supports this if 64bit desktop OS is Win8 or later, or server OS is win2012 or later (32 and 64bit). More info [here](https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/plan/should-i-create-a-generation-1-or-2-virtual-machine-in-hyper-v#BKMK_Windows) +- Power on, install Windows and update to the level you want. +- Post install **required** changes: + - Enable WSMan: in powershell: `Set-WsManQuickConfig -Force` + - Enable RemotePowershell: in powershell: `Enable-PSRemoting -Force` + - Reset the NIC connection profile setting: in powershell: `$NLMType = [Type]::GetTypeFromCLSID('DCB00C01-570F-4A9B-8D69-199FDBA5723B');$INetworkListManager = [Activator]::CreateInstance($NLMType);$INetworks = $INetworkListManager.GetNetworks(1);foreach ($INetwork in $INetworks) { $INetwork.SetCategory(0x01) } ` + this sets the connection profile to Private in a powershell version that Win7 also can handle. + - Disable the firewall: in a command prompt: `netsh advfirewall set allprofiles state off` +- _Optional:_ you can poweroff and make a backup of the vhd if you want. I recommend this as it makes troubleshooting and restoring after sysprep issues easier. +- Copy the `unattend_regularboot.xml` file for that OS version to the guest. +- Start sysprep: `cmd: c:\windows\system32\sysprep\sysprep.exe /generalize /oobe /shutdown /unattend:c:\unattend_regularboot.xml` +- Recommended: boot the system once to test sysprep finalises OK. In case of any error, I recommend to poweroff the machine and mount the disk using your host machine. This allows for easier debugging of sysprep images. You want to check `c:\windows\panther\UnattendGC\setuperror.log` for troubleshooting. You can easily check that file by simply mounting the vhd of the guest vm. +- **Important**: the parent image needs to be in a sysprepped and powerd off state. So if you did a test run to see if sysprep worked ok, make sure to power if off again using the sysprep command with the ‘regularboot’ unattend file. + + +## Lab config file ## +The script needs a config file to know what it needs to deploy. Ive included an example lab_config.xml file. It should be rather self explanatory, but you can find more detailed info below. + +The config file can have multiple labs defined. The `-Name` parameter to Invoke-ADLabDeployer defines the actual lab to deploy. Also, the `-CheckConfigOnly` parameter can help you with, well, checking the config. Per lab name you define the other sections you can find below. But on a general level you can have a config like: +``` +<Labs> + <Lab LabName="TestLab"> + </Lab> + <Lab LabName="OtherTestLab"> + </Lab> + <Lab LabName="FooBar"> + </Lab> +</Labs> +``` +### Config file parameters - Network### +This defined the network sections. This is mandatory. You can have multiple sections of this. +Example: +``` +<Network NetName="net1"> + <Subnet>10.202.1.0/24</Subnet> + <GW>10.202.1.1</GW> +</Network> +``` +- `NetName`: the name +- `Subnet`: network address of the subnet, requires a subnet mask defintion in form of `/XX` +- `GW`: IP address of the gateway of this subnet. The virtual switch on your host system will get this address. + +### Config file parameters - Active Directory ### +This defines the Active Directory section. This is not mandatory. You can have multiple sections of this. +Example: +``` +<ADDS ADDSName="BreakMe.local"> + <ParentDomain>.</ParentDomain> + <PDC>server1</PDC> + <SafeModeAdminPass>Outflank123</SafeModeAdminPass> +</ADDS> +``` +- _Optional_ `ParentDomain`: doesnt do anything at this moment +- `ADDSName`: the name +- `PDC`: the name of the system that will be the first domain controller. This name needs to correspond with a Hostname in the `System` section. +- `SafeModeAdminPass`: password required by Active Directory as the safe mode password for the local administrator account. + + +### Config file parameters - System### +This defines a system. This is mandatory. You can have multiple sections of this. +Example: +``` +<System Hostname="server1"> + <OS>windows2012R2x64</OS> + <UnattendFile>unattend\unattend.win2012R2.xml</UnattendFile> + <LocalCreds>outflank:Outflank123</LocalCreds> + <ParentDisk>parent-en_windows_server_2012_r2_essentials_with_update_x64_dvd_6052824-updated201704</ParentDisk> + <Net1_Name>net1</Net1_Name> + <Net1_IP>10.202.1.11/24</Net1_IP> +</System> +<System Hostname="client3"> + <OS>windows7x64</OS> + <UnattendFile>unattend\unattend.win7.xml</UnattendFile> + <LocalCreds>ted:Outflank123</LocalCreds> + <ParentDisk>parent-en_windows_7_enterprise_n_with_sp1_x64_dvd_u_677704-updated201801</ParentDisk> + <Net1_Name>net2</Net1_Name> + <Net1_IP>10.202.2.13/24</Net1_IP> + <Mem>4GB</Mem> + <Win_Update>True</Win_Update> + <Domain>BreakMe.local</Domain> + <RDP_Allow>True</RDP_Allow> + <OfficeInstaller>Office16x64\setup.exe</OfficeInstaller> + <OfficeConfig>Office16x64\config.xml</OfficeConfig> + <SW_JustCopy>somefile.bin</SW_JustCopy> + <SW_Install>Chrome\googlechromestandaloneenterprise.msi</SW_Install> + <SW_Install>7z\7z1801-x86.msi</SW_Install> + <SW_Install>npp\npp.7.5.0.installer.x86.msi</SW_Install> +</System> +``` +- `Hostname`: the hostname +- `OS`: Specific Windows version of the system. Allowed values at this moment are: + - `Windows7x86` + - `Windows7x64` + - `Windows8.1x86` + - `Windows8.1x64` + - `Windows10x86` + - `Windows10x64` + - `Windows2008R2x64` + - `Windows2012R2x64` + - `Windows2016x64` +- `UnattendFile`: the path of the unattend file +- `LocalCred`: username:password of a local administrator account. +- `ParentDisk`: the filename of the parent image VHD disk. ".VHDX" is automatically added. +- `Net1_Name`: the name of the network as defined in the Network section. +- `Net1_IP`: the IP address+subnet mask you give to this host. +- _optional_ `Mem`: the amount of memory you want the system to have. If not specified, server OSes will get 1GB and client OSes will get 2GB. +- _optional_ `Net1_GW`: manually define a default gateway for this NIC. This will not influence the setup of the virtual network, only the deployed system's routing table. So unless you've manually created a router somewhere, this parameter will likely break routing for this system. +- _optional_ `SkipDeploy`: set to `True` if you do not want this system to be deployed but still keep its config in the config file. +- _optional_ `Net1_DNS`: The DNS server address you want this machine to have. If not set, it will pick the IP address of the PDC if the system is domain joined, or 9.9.9.9 for non domain joined machines. If you want 2 DNS servers configured, make them comma separated. +- _optional_ `Domain`: the Active Directory domain name to join as defined in the ADDS section. +- _optional_ `RDP_Allow`: When set to `True` RDP will be enabled. Also, the local users group, and domain users if domain joined, are added to the 'Remote Desktop Users' group. +- _optional_ `OfficeInstaller`: path to Office installer executable. Also requires OfficeConfig to be set. +- _optional_ `OfficeConfig`: path to the office config file. Also requires OfficeInstaller to be set. +- _optional_ `SW_JustCopy`: path to a file you just want to be copied. Can be multiple. Will be copied to c:\SoftwareInstallers. +- _optional_ `SW_Install`: path to a msi installer file that you want to be installed. Can be multiple. A log of the msiexec installation output is placed in c:\SoftwareInstallers. + + +## Directory structure ## +This repo and script uses the following directory structure, which is recommended to adhere to as some paths may be hardcoded: +- `.\configs`: here are lab config files +- `.\configs\unattend\`: here are the unattend files +- `.\disks`: the VHDs of your deployed lab be put in a subdirectory per labname. +- `.\disks\parentdisks\`: here you need to store the parent VHDs. +- `.\SoftwareInstallers`: home for extra software packages that you want to deploy. +- `.\SoftwareInstallers\Office14x86\`: example of Office folder, in this folder is the config.xml and the setup binary - basically just copy the entire contents of the install ISO to this folder. + + +## Known bugs and caveats## +- You need to prepare the base images yourself, this script does not do this for you. Im open for ideas to automate this. +- Only supports English versions of Windows. Main reason is hardcoded commands like 'net localgroup "Remote Desktop Users"'. This is a result of a design choice to support systems with that only run PowerShell v2. Later PowerShell versions have fancy commands to alter local groups, but v2 doesnt. This is likely not going change in future versions, unless there is a way to keep support for PowerShell v2. +- The server OS unattend files in this repository do not have support for 32 bit versions. This is not a hard change to do as it only required x86 sections of settings in the unattend files. I simply havent had the time nor demand for it. +- Error and state checking is not really structured. If a system can't complete a specific task its simply reported in the output, but the script continues with its flow. Depending tasks will fail as well. +- Timeouts are tuned to my hardware. If you have slower hardware (or deploy huge networks) its possible deployment will not go as smooth as hoped. +- The script makes use of native routing instead of NAT on the Hyper-V host. This is an explicit choice as it allows you to remotely connect to the deployed guests using their lab IP address from any other remote system. However, unless your Hyper-V machine is also your core router, or unless you only connect to your deployed guests from your Hyper-V machine, your network might not know how to reach the deployed subnet. Depending on your network setup, this may also prevent your lab systems from reaching the internet. There is an easy fix for this: manual static routes on your core router pointing to the deployed subnets. Reading this line of text takes longer than setting the static route in your network. +- XML tags are case sensitive. If the config check fails, check the case of the tags in your config file. +- System computername can't exceed 15 characters and can't contain dots. This is a native Windows issue that I cant fix, but I just want to warn you as you may encounter this. +- Server 2008(R2) can't be running the PDC. There are no Powershell commands for this, so this would need dcpromo commands in order to work. But this is a very specific situation that I haven't seen in a live environment anymore in years. 2008R2 Can install the mngt tools using `Import-Module Servermanager; Add-WindowsFeature -Name "RSAT-AD-PowerShell" -IncludeAllSubFeature` but the initial domain still needs to be done using dcpromo. +- Auto updates, if configured using the `<Win_Update>` tag, may start many hours after your deployment. Im open to ideas for instant deployment that works on all Windows vesions. +- Auto updates on some 2012R2 (and up) and 8.1 (and up) versions don't seem to work completely. They require you to manually hit 'check for updates now' inside the guest the 1st time. +- The progress bar of the installation of Active Directory Domain Services keeps on top even after successful installation of ADDS; it never finishes. + + +## Features on todo-list ## +- Windows 10: disable background scanning of defender, defrag etc to safe CPU resources when idle. +- Windows 10: control detailed Defender settings from config file. +- Have a function for automated monthly updates of the base images. This is about 80% done. +- Automate the installation of sysmon+WEC+ELK per lab. This is about 50% done. +- Incremental updates of deployed labs: have the script check if a lab already exists, and if so let it check if there are hosts in the new config that arent deployed yet and only deploy these. +- Support for AD subdomains, domains in same forest and domains in separate forests. +- Add users, groups, OU to the AD domain based on an input file. This is about 50% done. +- Include 32bit support in the unattend files for server Windows versions. +- make IP address of system optional: have the script auto pick an IP address in the network. +- Support for multiple NICs per system. +- More advanced networking setup, where lab config file can be used to determine detailed routing setup. Preferably using true Hyper-V Network Virtualization (RRIDs, CA, PA, etc.). + + +## Author ## +This project is developed and maintained by Marc Smeets (@smeetsie on github, and @mramsmeets on Twitter). + +## License ## +This project is made available uner the BSD 3.0 license. This means: +Copyright 2018 Outflank B.V. + +Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. + +3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/SoftwareInstallers/.gitkeep b/SoftwareInstallers/.gitkeep new file mode 100755 index 0000000..e69de29 diff --git a/SoftwareInstallers/Office14x64_notrecommendbyMSFT/.gitkeep b/SoftwareInstallers/Office14x64_notrecommendbyMSFT/.gitkeep new file mode 100755 index 0000000..e69de29 diff --git a/SoftwareInstallers/Office14x64_notrecommendbyMSFT/config.xml b/SoftwareInstallers/Office14x64_notrecommendbyMSFT/config.xml new file mode 100755 index 0000000..ef87995 --- /dev/null +++ b/SoftwareInstallers/Office14x64_notrecommendbyMSFT/config.xml @@ -0,0 +1,23 @@ +<Configuration Product="ProPlusr"> +<Display Level="None" CompletionNotice="No" SuppressModal="No" AcceptEula="Yes" /> +<USERNAME Value="" /> +<USERINITIALS Value="" /> +<COMPANYNAME Value="" /> +<PIDKEY Value="XXXXXXXXXXXXXXXXXXXXXX" /> +<Setting Id="AUTO_ACTIVATE" Value="1" /> +<Setting Id="SETUP_REBOOT" Value="Never" /> +<INSTALLLOCATION Value="" /> +<OptionState Id="ACCESSFiles" State="Absent" Children="force" /> +<OptionState Id="EXCELFiles" State="Local" Children="force" /> +<OptionState Id="XDOCSFiles" State="Absent" Children="force" /> +<OptionState Id="LyncCoreFiles" State="Local" Children="force" /> +<OptionState Id="OneNoteFiles" State="Absent" Children="force" /> +<OptionState Id="OUTLOOKFiles" State="Local" Children="force" /> +<OptionState Id="PPTFiles" State="Local" Children="force" /> +<OptionState Id="PubPrimary" State="Absent" Children="force" /> +<OptionState Id="GrooveFiles2" State="Absent" Children="force" /> +<OptionState Id="VisioPreviewerFiles" State="Local" Children="force" /> +<OptionState Id="WORDFiles" State="Local" Children="force" /> +<OptionState Id="SHAREDFiles" State="Local" Children="force" /> +<OptionState Id="TOOLSFiles" State="Local" Children="force" /> +</Configuration> \ No newline at end of file diff --git a/SoftwareInstallers/Office14x86/.gitkeep b/SoftwareInstallers/Office14x86/.gitkeep new file mode 100755 index 0000000..e69de29 diff --git a/SoftwareInstallers/Office14x86/config.xml b/SoftwareInstallers/Office14x86/config.xml new file mode 100755 index 0000000..b333a49 --- /dev/null +++ b/SoftwareInstallers/Office14x86/config.xml @@ -0,0 +1,23 @@ +<Configuration Product="ProPlusr"> +<Display Level="None" CompletionNotice="No" SuppressModal="No" AcceptEula="Yes" /> +<USERNAME Value="" /> +<USERINITIALS Value="" /> +<COMPANYNAME Value="" /> +<PIDKEY Value="XXXXXXXXXXXXXXXXXXXXXXX" /> +<Setting Id="AUTO_ACTIVATE" Value="1" /> +<Setting Id="SETUP_REBOOT" Value="Never" /> +<INSTALLLOCATION Value="" /> +<OptionState Id="ACCESSFiles" State="Absent" Children="force" /> +<OptionState Id="EXCELFiles" State="Local" Children="force" /> +<OptionState Id="XDOCSFiles" State="Absent" Children="force" /> +<OptionState Id="LyncCoreFiles" State="Local" Children="force" /> +<OptionState Id="OneNoteFiles" State="Absent" Children="force" /> +<OptionState Id="OUTLOOKFiles" State="Local" Children="force" /> +<OptionState Id="PPTFiles" State="Local" Children="force" /> +<OptionState Id="PubPrimary" State="Absent" Children="force" /> +<OptionState Id="GrooveFiles2" State="Absent" Children="force" /> +<OptionState Id="VisioPreviewerFiles" State="Local" Children="force" /> +<OptionState Id="WORDFiles" State="Local" Children="force" /> +<OptionState Id="SHAREDFiles" State="Local" Children="force" /> +<OptionState Id="TOOLSFiles" State="Local" Children="force" /> +</Configuration> \ No newline at end of file diff --git a/SoftwareInstallers/Office15x64/.gitkeep b/SoftwareInstallers/Office15x64/.gitkeep new file mode 100755 index 0000000..e69de29 diff --git a/SoftwareInstallers/Office15x64/config.xml b/SoftwareInstallers/Office15x64/config.xml new file mode 100755 index 0000000..4d629ab --- /dev/null +++ b/SoftwareInstallers/Office15x64/config.xml @@ -0,0 +1,23 @@ +<Configuration Product="ProPlusr"> +<Display Level="None" CompletionNotice="No" SuppressModal="No" AcceptEula="Yes" /> +<USERNAME Value="" /> +<USERINITIALS Value="" /> +<COMPANYNAME Value="" /> +<PIDKEY Value="XXXXXXXXXXXXXXXXXXXXXXX" /> +<Setting Id="AUTO_ACTIVATE" Value="1" /> +<Setting Id="SETUP_REBOOT" Value="Never" /> +<INSTALLLOCATION Value="" /> +<OptionState Id="ACCESSFiles" State="Absent" Children="force" /> +<OptionState Id="EXCELFiles" State="Local" Children="force" /> +<OptionState Id="XDOCSFiles" State="Absent" Children="force" /> +<OptionState Id="LyncCoreFiles" State="Local" Children="force" /> +<OptionState Id="OneNoteFiles" State="Absent" Children="force" /> +<OptionState Id="OUTLOOKFiles" State="Local" Children="force" /> +<OptionState Id="PPTFiles" State="Local" Children="force" /> +<OptionState Id="PubPrimary" State="Absent" Children="force" /> +<OptionState Id="GrooveFiles2" State="Absent" Children="force" /> +<OptionState Id="VisioPreviewerFiles" State="Local" Children="force" /> +<OptionState Id="WORDFiles" State="Local" Children="force" /> +<OptionState Id="SHAREDFiles" State="Local" Children="force" /> +<OptionState Id="TOOLSFiles" State="Local" Children="force" /> +</Configuration> diff --git a/SoftwareInstallers/Office15x86/.gitkeep b/SoftwareInstallers/Office15x86/.gitkeep new file mode 100755 index 0000000..e69de29 diff --git a/SoftwareInstallers/Office15x86/config.xml b/SoftwareInstallers/Office15x86/config.xml new file mode 100755 index 0000000..4d629ab --- /dev/null +++ b/SoftwareInstallers/Office15x86/config.xml @@ -0,0 +1,23 @@ +<Configuration Product="ProPlusr"> +<Display Level="None" CompletionNotice="No" SuppressModal="No" AcceptEula="Yes" /> +<USERNAME Value="" /> +<USERINITIALS Value="" /> +<COMPANYNAME Value="" /> +<PIDKEY Value="XXXXXXXXXXXXXXXXXXXXXXX" /> +<Setting Id="AUTO_ACTIVATE" Value="1" /> +<Setting Id="SETUP_REBOOT" Value="Never" /> +<INSTALLLOCATION Value="" /> +<OptionState Id="ACCESSFiles" State="Absent" Children="force" /> +<OptionState Id="EXCELFiles" State="Local" Children="force" /> +<OptionState Id="XDOCSFiles" State="Absent" Children="force" /> +<OptionState Id="LyncCoreFiles" State="Local" Children="force" /> +<OptionState Id="OneNoteFiles" State="Absent" Children="force" /> +<OptionState Id="OUTLOOKFiles" State="Local" Children="force" /> +<OptionState Id="PPTFiles" State="Local" Children="force" /> +<OptionState Id="PubPrimary" State="Absent" Children="force" /> +<OptionState Id="GrooveFiles2" State="Absent" Children="force" /> +<OptionState Id="VisioPreviewerFiles" State="Local" Children="force" /> +<OptionState Id="WORDFiles" State="Local" Children="force" /> +<OptionState Id="SHAREDFiles" State="Local" Children="force" /> +<OptionState Id="TOOLSFiles" State="Local" Children="force" /> +</Configuration> diff --git a/SoftwareInstallers/Office16x64/.gitkeep b/SoftwareInstallers/Office16x64/.gitkeep new file mode 100755 index 0000000..e69de29 diff --git a/SoftwareInstallers/Office16x64/Config.xml b/SoftwareInstallers/Office16x64/Config.xml new file mode 100755 index 0000000..ee0cbf0 --- /dev/null +++ b/SoftwareInstallers/Office16x64/Config.xml @@ -0,0 +1,23 @@ +<Configuration> + + <Add OfficeClientEdition="64" > + <Product ID="ProPlusRetail" PIDKEY="XXXXX-XXXXX-XXXXX-XXXXX-XXXXX"> + <Language ID="en-us" /> + <ExcludeApp ID="Access" /> + <ExcludeApp ID="Groove" /> + <ExcludeApp ID="InfoPath" /> + <ExcludeApp ID="Lync" /> + <ExcludeApp ID="OneDrive" /> + <ExcludeApp ID="OneNote" /> + <ExcludeApp ID="Project" /> + <ExcludeApp ID="Publisher" /> + <ExcludeApp ID="SharePointDesigner" /> + <ExcludeApp ID="Visio" /> + </Product> + </Add> + <Updates Enabled="False" /> + <Display Level="None" AcceptEULA="True" /> + <Property Name="AutoActivate" Value="1" /> + <Property Name="ForceAppShutdown" Value="TRUE" /> +</Configuration> + diff --git a/SoftwareInstallers/Office16x86/.gitkeep b/SoftwareInstallers/Office16x86/.gitkeep new file mode 100755 index 0000000..e69de29 diff --git a/SoftwareInstallers/Office16x86/Config.xml b/SoftwareInstallers/Office16x86/Config.xml new file mode 100755 index 0000000..b8998af --- /dev/null +++ b/SoftwareInstallers/Office16x86/Config.xml @@ -0,0 +1,23 @@ +<Configuration> + + <Add OfficeClientEdition="32" > + <Product ID="ProPlusRetail" PIDKEY="XXXX-XXXX-XXXX-XXXX-XXXX"> + <Language ID="en-us" /> + <ExcludeApp ID="Access" /> + <ExcludeApp ID="Groove" /> + <ExcludeApp ID="InfoPath" /> + <ExcludeApp ID="Lync" /> + <ExcludeApp ID="OneDrive" /> + <ExcludeApp ID="OneNote" /> + <ExcludeApp ID="Project" /> + <ExcludeApp ID="Publisher" /> + <ExcludeApp ID="SharePointDesigner" /> + <ExcludeApp ID="Visio" /> + </Product> + </Add> + <Updates Enabled="False" /> + <Display Level="None" AcceptEULA="True" /> + <Property Name="AutoActivate" Value="1" /> + <Property Name="ForceAppShutdown" Value="TRUE" /> +</Configuration> +