forked from rc/classroom
356 lines
No EOL
26 KiB
XML
356 lines
No EOL
26 KiB
XML
<?xml version="1.0" encoding="utf-8"?>
|
|
<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
|
|
<!--https://schneegans.de/windows/unattend-generator/?LanguageMode=Unattended&UILanguage=en-US&Locale=en-US&Keyboard=00000424&Locale2=de-DE&Keyboard2=00140c00&Locale3=es-ES&Keyboard3=00140c00&GeoLocation=212&ProcessorArchitecture=amd64&BypassNetworkCheck=true&ComputerNameMode=Custom&ComputerName=ucilnica&ComputerNameScript=return+%27DESKTOP-%7B0%3AD3%7D%27+-f+%28+Get-Random+-Minimum+0+-Maximum+999+%29%3B&CompactOsMode=Default&TimeZoneMode=Explicit&TimeZone=Central+Europe+Standard+Time&PartitionLayout=GPT&EspSize=300&RecoveryMode=Partition&RecoverySize=1000&PartitionMode=Custom&DiskpartScript=REM&InstallToMode=Custom&InstallToDisk=0&InstallToPartition=3&DiskAssertionMode=Skip&DiskAssertionScript=On+Error+Resume+Next%0D%0ASet+wmi+%3D+GetObject%28%22winmgmts%3A%5C%5C.%5Croot%5Ccimv2%22%29%0D%0ASet+drive+%3D+wmi.Get%28%22Win32_DiskDrive.DeviceID%3D%27%5C%5C.%5CPHYSICALDRIVE0%27%22%29%0D%0AIf+Err.Number+%3C%3E+0+Then%0D%0A++++Msgbox+Err.Description%0D%0A++++WScript.Quit+1%0D%0AEnd+If%0D%0AIf+drive.InterfaceType+%3D+%22IDE%22+Or+drive.InterfaceType+%3D+%22SCSI%22+Then%0D%0A++++WScript.Quit+0%0D%0AElse%0D%0A++++MsgBox+%22Assertion+failed.%22%0D%0A++++WScript.Quit+1%0D%0AEnd+If&WindowsEditionMode=Generic&WindowsEdition=education&ProductKey=VK7JG-NPHTM-C97JM-9MPGT-3V66T&InstallFromMode=Automatic&InstallFromIndex=1&InstallFromName=Windows+11+Pro&InstallFromDescription=Windows+11+Pro&PEMode=Default&PEScript=%40for+%25%25d+in+%28D+E+F+G+H+I+J+K+L+M+N+O+P+Q+R+T+U+V+W+Y+Z%29+do+%40%28%0D%0A++++if+exist+%25%25d%3A%5Csources%5Cinstall.wim+set+%22IMAGE_FILE%3D%25%25d%3A%5Csources%5Cinstall.wim%22%0D%0A++++if+exist+%25%25d%3A%5Csources%5Cinstall.esd+set+%22IMAGE_FILE%3D%25%25d%3A%5Csources%5Cinstall.esd%22%0D%0A++++if+exist+%25%25d%3A%5Csources%5Cinstall.swm+set+%22IMAGE_FILE%3D%25%25d%3A%5Csources%5Cinstall.swm%22+%26+set+%22SWM_PARAM%3D%2FSWMFile%3A%25%25d%3A%5Csources%5Cinstall*.swm%22%0D%0A++++if+exist+%25%25d%3A%5Cautounattend.xml+set+%22XML_FILE%3D%25%25d%3A%5Cautounattend.xml%22%0D%0A%29%0D%0A%0D%0A%40if+not+defined+IMAGE_FILE+echo+Could+not+locate+install.wim%2C+install.esd+or+install.swm.+%26+pause+%26+exit+%2Fb+1%0D%0A%40if+not+defined+XML_FILE+echo+Could+not+locate+autounattend.xml.+%26+pause+%26+exit+%2Fb+1%0D%0A%0D%0A%3E%3EX%3A%5Cdiskpart.txt+%28%0D%0A++++echo+SELECT+DISK%3D0%0D%0A++++echo+CLEAN%0D%0A++++echo+CONVERT+GPT%0D%0A++++echo+CREATE+PARTITION+EFI+SIZE%3D300%0D%0A++++echo+FORMAT+QUICK+FS%3DFAT32+LABEL%3D%22System%22%0D%0A++++echo+ASSIGN+LETTER%3DS%0D%0A++++echo+CREATE+PARTITION+MSR+SIZE%3D16%0D%0A++++echo+CREATE+PARTITION+PRIMARY%0D%0A++++echo+FORMAT+QUICK+FS%3DNTFS+LABEL%3D%22Windows%22%0D%0A++++echo+ASSIGN+LETTER%3DC%0D%0A%29%0D%0A%0D%0Adiskpart.exe+%2Fs+X%3A%5Cdiskpart.txt+%7C%7C+%28+echo+diskpart.exe+encountered+an+error.+%26+pause+%26+exit+%2Fb+1+%29%0D%0A%0D%0Adism.exe+%2FApply-Image+%2FImageFile%3A%25IMAGE_FILE%25+%25SWM_PARAM%25+%2FName%3A%22Windows+11+Pro%22+%2FApplyDir%3AC%3A%5C+%7C%7C+%28+echo+dism.exe+encountered+an+error.+%26+pause+%26+exit+%2Fb+1+%29%0D%0A%0D%0Abcdboot.exe+C%3A%5CWindows+%2Fs+S%3A+%7C%7C+%28+echo+bcdboot.exe+encountered+an+error.+%26+pause+%26+exit+%2Fb+1+%29%0D%0A%0D%0Amkdir+C%3A%5CWindows%5CPanther%0D%0Acopy+%25XML_FILE%25+C%3A%5CWindows%5CPanther%5Cunattend.xml%0D%0Acopy+%25XML_FILE%25+C%3A%5CWindows%5CPanther%5Cunattend-original.xml%0D%0A%0D%0Arem+Avoid+creation+of+recovery+partition%0D%0Adel+C%3A%5CWindows%5CSystem32%5CRecovery%5Cwinre.wim%0D%0A%0D%0Arem+Disable+8.3+file+names%0D%0Afsutil.exe+8dot3name+set+C%3A+1%0D%0Afsutil.exe+8dot3name+strip+%2Fs+%2Ff+C%3A%5C%0D%0A%0D%0Arem+Disable+Windows+Defender%0D%0Areg.exe+LOAD+HKLM%5Cmount+C%3A%5CWindows%5CSystem32%5Cconfig%5CSYSTEM%0D%0Afor+%25%25s+in+%28Sense+WdBoot+WdFilter+WdNisDrv+WdNisSvc+WinDefend%29+do+reg.exe+ADD+HKLM%5Cmount%5CControlSet001%5CServices%5C%25%25s+%2Fv+Start+%2Ft+REG_DWORD+%2Fd+4+%2Ff%0D%0Areg.exe+UNLOAD+HKLM%5Cmount%0D%0A%0D%0Awpeutil.exe+reboot&UserAccountMode=Unattended&AccountName0=local_admin&AccountDisplayName0=FRI+IT&AccountPassword0=6tfc5rdx&AccountGroup0=Administrators&AccountName1=Student&AccountDisplayName1=Student&AccountPassword1=vaje&AccountGroup1=Users&AccountName2=&AccountDisplayName2=&AccountPassword2=&AccountGroup2=Users&AccountName3=&AccountDisplayName3=&AccountPassword3=&AccountGroup3=Users&AccountName4=&AccountDisplayName4=&AccountPassword4=&AccountGroup4=Users&AutoLogonMode=Own&BuiltinAdministratorPassword=&PasswordExpirationMode=Unlimited&PasswordMaxAge=42&LockoutMode=Default&LockoutThreshold=10&LockoutWindow=10&LockoutDuration=10&HideFiles=Hidden&ShowFileExtensions=true&LaunchToThisPC=true&TaskbarSearch=Box&TaskbarIconsMode=Default&TaskbarIconsXml=%3CLayoutModificationTemplate+xmlns%3D%22http%3A%2F%2Fschemas.microsoft.com%2FStart%2F2014%2FLayoutModification%22+xmlns%3Adefaultlayout%3D%22http%3A%2F%2Fschemas.microsoft.com%2FStart%2F2014%2FFullDefaultLayout%22+xmlns%3Astart%3D%22http%3A%2F%2Fschemas.microsoft.com%2FStart%2F2014%2FStartLayout%22+xmlns%3Ataskbar%3D%22http%3A%2F%2Fschemas.microsoft.com%2FStart%2F2014%2FTaskbarLayout%22+Version%3D%221%22%3E%0D%0A++%3CCustomTaskbarLayoutCollection+PinListPlacement%3D%22Replace%22%3E%0D%0A++++%3Cdefaultlayout%3ATaskbarLayout%3E%0D%0A++++++%3Ctaskbar%3ATaskbarPinList%3E%0D%0A++++++++%3Ctaskbar%3ADesktopApp+DesktopApplicationID%3D%22Microsoft.Windows.Explorer%22+%2F%3E%0D%0A++++++++%3Ctaskbar%3AUWA+AppUserModelID%3D%22windows.immersivecontrolpanel_cw5n1h2txyewy%21microsoft.windows.immersivecontrolpanel%22+%2F%3E%0D%0A++++++++%3Ctaskbar%3ADesktopApp+DesktopApplicationLinkPath%3D%22%25APPDATA%25%5CMicrosoft%5CWindows%5CStart+Menu%5CPrograms%5CWindows+PowerShell%5CWindows+PowerShell.lnk%22+%2F%3E%0D%0A++++++%3C%2Ftaskbar%3ATaskbarPinList%3E%0D%0A++++%3C%2Fdefaultlayout%3ATaskbarLayout%3E%0D%0A++%3C%2FCustomTaskbarLayoutCollection%3E%0D%0A%3C%2FLayoutModificationTemplate%3E&StartTilesMode=Default&StartTilesXml=%3CLayoutModificationTemplate+xmlns%3Adefaultlayout%3D%22http%3A%2F%2Fschemas.microsoft.com%2FStart%2F2014%2FFullDefaultLayout%22+xmlns%3Astart%3D%22http%3A%2F%2Fschemas.microsoft.com%2FStart%2F2014%2FStartLayout%22+Version%3D%221%22+xmlns%3D%22http%3A%2F%2Fschemas.microsoft.com%2FStart%2F2014%2FLayoutModification%22%3E%0D%0A++%3CLayoutOptions+StartTileGroupCellWidth%3D%226%22+%2F%3E%0D%0A++%3CDefaultLayoutOverride%3E%0D%0A++++%3CStartLayoutCollection%3E%0D%0A++++++%3Cdefaultlayout%3AStartLayout+GroupCellWidth%3D%226%22%3E%0D%0A++++++++%3Cstart%3AGroup+Name%3D%22%22%3E%0D%0A++++++++++%3Cstart%3ATile+Size%3D%222x2%22+Column%3D%224%22+Row%3D%220%22+AppUserModelID%3D%22windows.immersivecontrolpanel_cw5n1h2txyewy%21microsoft.windows.immersivecontrolpanel%22+%2F%3E%0D%0A++++++++++%3Cstart%3ADesktopApplicationTile+Size%3D%222x2%22+Column%3D%220%22+Row%3D%220%22+DesktopApplicationLinkPath%3D%22%25ALLUSERSPROFILE%25%5CMicrosoft%5CWindows%5CStart+Menu%5CPrograms%5CMicrosoft+Edge.lnk%22+%2F%3E%0D%0A++++++++++%3Cstart%3ADesktopApplicationTile+Size%3D%222x2%22+Column%3D%222%22+Row%3D%220%22+DesktopApplicationLinkPath%3D%22%25APPDATA%25%5CMicrosoft%5CWindows%5CStart+Menu%5CPrograms%5CSystem+Tools%5CFile+Explorer.lnk%22+%2F%3E%0D%0A++++++++%3C%2Fstart%3AGroup%3E%0D%0A++++++%3C%2Fdefaultlayout%3AStartLayout%3E%0D%0A++++%3C%2FStartLayoutCollection%3E%0D%0A++%3C%2FDefaultLayoutOverride%3E%0D%0A%3C%2FLayoutModificationTemplate%3E&StartPinsMode=Default&StartPinsJson=%7B%0D%0A++%22pinnedList%22%3A+%5B%0D%0A++++%7B%0D%0A++++++%22desktopAppLink%22%3A+%22%25ALLUSERSPROFILE%25%5C%5CMicrosoft%5C%5CWindows%5C%5CStart+Menu%5C%5CPrograms%5C%5CMicrosoft+Edge.lnk%22%0D%0A++++%7D%2C%0D%0A++++%7B%0D%0A++++++%22desktopAppLink%22%3A+%22%25APPDATA%25%5C%5CMicrosoft%5C%5CWindows%5C%5CStart+Menu%5C%5CPrograms%5C%5CFile+Explorer.lnk%22%0D%0A++++%7D%2C%0D%0A++++%7B%0D%0A++++++%22packagedAppId%22%3A+%22windows.immersivecontrolpanel_cw5n1h2txyewy%21microsoft.windows.immersivecontrolpanel%22%0D%0A++++%7D%0D%0A++%5D%0D%0A%7D&DisableFastStartup=true&EnableRemoteDesktop=true&PreventDeviceEncryption=true&EffectsMode=Default&DesktopIconsMode=Default&StartFoldersMode=Default&VirtIoGuestTools=true&WifiMode=Skip&WifiName=&WifiAuthentication=Open&WifiPassword=00000000&WifiProfileXml=%3CWLANProfile+xmlns%3D%22http%3A%2F%2Fwww.microsoft.com%2Fnetworking%2FWLAN%2Fprofile%2Fv1%22%3E%0D%0A++%3Cname%3EWLAN-123456%3C%2Fname%3E%0D%0A++%3CSSIDConfig%3E%0D%0A++++%3CSSID%3E%0D%0A++++++%3Chex%3E574C414E2D313233343536%3C%2Fhex%3E%0D%0A++++++%3Cname%3EWLAN-123456%3C%2Fname%3E%0D%0A++++%3C%2FSSID%3E%0D%0A++++%3CnonBroadcast%3Etrue%3C%2FnonBroadcast%3E%0D%0A++%3C%2FSSIDConfig%3E%0D%0A++%3CconnectionType%3EESS%3C%2FconnectionType%3E%0D%0A++%3CconnectionMode%3Eauto%3C%2FconnectionMode%3E%0D%0A++%3CMSM%3E%0D%0A++++%3Csecurity%3E%0D%0A++++++%3CauthEncryption%3E%0D%0A++++++++%3Cauthentication%3EWPA3SAE%3C%2Fauthentication%3E%0D%0A++++++++%3Cencryption%3EAES%3C%2Fencryption%3E%0D%0A++++++++%3CuseOneX%3Efalse%3C%2FuseOneX%3E%0D%0A++++++++%3CtransitionMode+xmlns%3D%22http%3A%2F%2Fwww.microsoft.com%2Fnetworking%2FWLAN%2Fprofile%2Fv4%22%3Etrue%3C%2FtransitionMode%3E%0D%0A++++++%3C%2FauthEncryption%3E%0D%0A++++++%3CsharedKey%3E%0D%0A++++++++%3CkeyType%3EpassPhrase%3C%2FkeyType%3E%0D%0A++++++++%3Cprotected%3Efalse%3C%2Fprotected%3E%0D%0A++++++++%3CkeyMaterial%3Epassword%3C%2FkeyMaterial%3E%0D%0A++++++%3C%2FsharedKey%3E%0D%0A++++%3C%2Fsecurity%3E%0D%0A++%3C%2FMSM%3E%0D%0A%3C%2FWLANProfile%3E&ExpressSettings=DisableAll&KeysMode=Skip&CapsLockInitial=Off&CapsLockBehavior=Toggle&NumLockInitial=Off&NumLockBehavior=Toggle&ScrollLockInitial=Off&ScrollLockBehavior=Toggle&StickyKeysMode=Default&ColorMode=Default&SystemColorTheme=Light&AppsColorTheme=Light&AccentColor=%230078d4&WallpaperMode=Default&WallpaperColor=%23008080&WallpaperScript=%23+Photo+by+Martin+Damboldt%3A+https%3A%2F%2Fwww.pexels.com%2Fphoto%2Fgray-bridge-and-trees-814499%2F%0D%0A%24url+%3D+%27https%3A%2F%2Fimages.pexels.com%2Fphotos%2F814499%2Fpexels-photo-814499.jpeg%27%3B%0D%0Areturn+%28+Invoke-WebRequest+-Uri+%24url+-UseBasicParsing+-TimeoutSec+30+%29.Content%3B&LockScreenMode=Default&LockScreenScript=foreach%28+%24drive+in+%5BSystem.IO.DriveInfo%5D%3A%3AGetDrives%28%29+%29+%7B%0D%0A++++if%28+%24found+%3D+Join-Path+-Path+%24drive.RootDirectory+-ChildPath+%27lockscreen.png%27+-Resolve+-ErrorAction+%27SilentlyContinue%27+%29+%7B%0D%0A++++++++return+%5BSystem.IO.File%5D%3A%3AReadAllBytes%28+%24found+%29%3B%0D%0A++++%7D%0D%0A%7D%0D%0A%27Cannot+find+any+files+that+match+pattern.%27+%7C+Write-Warning%3B&SystemScript0=Get-WindowsCapability+-Name+OpenSSH.Server*+-Online+%7C%0D%0A++++Add-WindowsCapability+-Online%0D%0A%0D%0A%24firewallParams+%3D+%40%7B%0D%0A++++Name++++++++%3D+%27sshd-Server-In-TCP%27%0D%0A++++DisplayName+%3D+%27Inbound+rule+for+OpenSSH+Server+%28sshd%29+on+TCP+port+22%27%0D%0A++++Action++++++%3D+%27Allow%27%0D%0A++++Direction+++%3D+%27Inbound%27%0D%0A++++Enabled+++++%3D+%27True%27++%23+This+is+not+a+boolean+but+an+enum%0D%0A++++Profile+++++%3D+%27Any%27%0D%0A++++Protocol++++%3D+%27TCP%27%0D%0A++++LocalPort+++%3D+22%0D%0A%7D%0D%0ANew-NetFirewallRule+%40firewallParams%0D%0A%0D%0A%24shellParams+%3D+%40%7B%0D%0A++++Path+++++++++%3D+%27HKLM%3A%5CSOFTWARE%5COpenSSH%27%0D%0A++++Name+++++++++%3D+%27DefaultShell%27%0D%0A++++Value++++++++%3D+%27C%3A%5CWindows%5CSystem32%5CWindowsPowerShell%5Cv1.0%5Cpowershell.exe%27%0D%0A++++PropertyType+%3D+%27String%27%0D%0A++++Force++++++++%3D+%24true%0D%0A%7D%0D%0ANew-ItemProperty+%40shellParams%0D%0A%0D%0A%23+Set+default+to+powershell.exe%0D%0A%24shellParams+%3D+%40%7B%0D%0A++++Path+++++++++%3D+%27HKLM%3A%5CSOFTWARE%5COpenSSH%27%0D%0A++++Name+++++++++%3D+%27DefaultShell%27%0D%0A++++Value++++++++%3D+%27C%3A%5CWindows%5CSystem32%5CWindowsPowerShell%5Cv1.0%5Cpowershell.exe%27%0D%0A++++PropertyType+%3D+%27String%27%0D%0A++++Force++++++++%3D+%24true%0D%0A%7D%0D%0ANew-ItemProperty+%40shellParams%0D%0A%0D%0A%23+Set+time+to+UTC%0D%0A%24shellParams+%3D+%40%7B%0D%0A++++Path+++++++++%3D+%27HKLM%3A%5CSYSTEM%5CCurrentControlSet%5CControl%5CTimeZoneInformation%27%0D%0A++++Name+++++++++%3D+%27RealTimeIsUniversal%27%0D%0A++++Value++++++++%3D+%2700000001%27%0D%0A++++PropertyType+%3D+%27dword%27%0D%0A++++Force++++++++%3D+%24true%0D%0A%7D%0D%0ANew-ItemProperty+%40shellParams%0D%0A%0D%0A%0D%0ASet-Service+-Name+sshd+-StartupType+Automatic+-Status+Running&SystemScriptType0=Ps1&SystemScript1=&SystemScriptType1=Reg&SystemScript2=&SystemScriptType2=Ps1&SystemScript3=&SystemScriptType3=Reg&SystemScript4=&SystemScriptType4=Vbs&DefaultUserScript0=&DefaultUserScriptType0=Reg&DefaultUserScript1=&DefaultUserScriptType1=Cmd&DefaultUserScript2=&DefaultUserScriptType2=Ps1&FirstLogonScript0=&FirstLogonScriptType0=Cmd&FirstLogonScript1=Set-Service+-Name+sshd+-StartupType+Automatic+-Status+Running&FirstLogonScriptType1=Ps1&FirstLogonScript2=&FirstLogonScriptType2=Reg&FirstLogonScript3=&FirstLogonScriptType3=Vbs&UserOnceScript0=&UserOnceScriptType0=Cmd&UserOnceScript1=&UserOnceScriptType1=Ps1&UserOnceScript2=&UserOnceScriptType2=Reg&UserOnceScript3=&UserOnceScriptType3=Vbs&WdacMode=Skip&WdacAuditMode=AuditingOnBootFailure&WdacScriptMode=Restricted&ComponentContent0=&Component0=&ComponentContent1=&Component1=&ComponentContent2=&Component2=-->
|
|
<settings pass="offlineServicing"></settings>
|
|
<settings pass="windowsPE">
|
|
<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
|
|
<SetupUILanguage>
|
|
<UILanguage>en-US</UILanguage>
|
|
</SetupUILanguage>
|
|
<InputLocale>0409:00000424</InputLocale>
|
|
<SystemLocale>en-US</SystemLocale>
|
|
<UILanguage>en-US</UILanguage>
|
|
<UserLocale>en-US</UserLocale>
|
|
</component>
|
|
<component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
|
|
<ImageInstall>
|
|
<OSImage>
|
|
<InstallTo>
|
|
<DiskID>0</DiskID>
|
|
<PartitionID>3</PartitionID>
|
|
</InstallTo>
|
|
</OSImage>
|
|
</ImageInstall>
|
|
<UserData>
|
|
<ProductKey>
|
|
<Key>YNMGQ-8RYV3-4PGQ3-C8XTP-7CFBY</Key>
|
|
<WillShowUI>OnError</WillShowUI>
|
|
</ProductKey>
|
|
<AcceptEula>true</AcceptEula>
|
|
</UserData>
|
|
<UseConfigurationSet>false</UseConfigurationSet>
|
|
<RunSynchronous>
|
|
<RunSynchronousCommand wcm:action="add">
|
|
<Order>1</Order>
|
|
<Path>cmd.exe /c ">>"X:\diskpart.txt" (echo:REM)"</Path>
|
|
</RunSynchronousCommand>
|
|
<RunSynchronousCommand wcm:action="add">
|
|
<Order>2</Order>
|
|
<Path>cmd.exe /c "diskpart.exe /s "X:\diskpart.txt" >>"X:\diskpart.log" || ( type "X:\diskpart.log" & echo diskpart encountered an error. & pause & exit /b 1 )"</Path>
|
|
</RunSynchronousCommand>
|
|
</RunSynchronous>
|
|
</component>
|
|
</settings>
|
|
<settings pass="generalize"></settings>
|
|
<settings pass="specialize">
|
|
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
|
|
<ComputerName>ucilnica</ComputerName>
|
|
<TimeZone>Central Europe Standard Time</TimeZone>
|
|
</component>
|
|
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
|
|
<RunSynchronous>
|
|
<RunSynchronousCommand wcm:action="add">
|
|
<Order>1</Order>
|
|
<Path>powershell.exe -WindowStyle Normal -NoProfile -Command "$xml = [xml]::new(); $xml.Load('C:\Windows\Panther\unattend.xml'); $sb = [scriptblock]::Create( $xml.unattend.Extensions.ExtractScript ); Invoke-Command -ScriptBlock $sb -ArgumentList $xml;"</Path>
|
|
</RunSynchronousCommand>
|
|
<RunSynchronousCommand wcm:action="add">
|
|
<Order>2</Order>
|
|
<Path>powershell.exe -WindowStyle Normal -NoProfile -Command "Get-Content -LiteralPath 'C:\Windows\Setup\Scripts\Specialize.ps1' -Raw | Invoke-Expression;"</Path>
|
|
</RunSynchronousCommand>
|
|
<RunSynchronousCommand wcm:action="add">
|
|
<Order>3</Order>
|
|
<Path>reg.exe load "HKU\DefaultUser" "C:\Users\Default\NTUSER.DAT"</Path>
|
|
</RunSynchronousCommand>
|
|
<RunSynchronousCommand wcm:action="add">
|
|
<Order>4</Order>
|
|
<Path>powershell.exe -WindowStyle Normal -NoProfile -Command "Get-Content -LiteralPath 'C:\Windows\Setup\Scripts\DefaultUser.ps1' -Raw | Invoke-Expression;"</Path>
|
|
</RunSynchronousCommand>
|
|
<RunSynchronousCommand wcm:action="add">
|
|
<Order>5</Order>
|
|
<Path>reg.exe unload "HKU\DefaultUser"</Path>
|
|
</RunSynchronousCommand>
|
|
</RunSynchronous>
|
|
</component>
|
|
</settings>
|
|
<settings pass="auditSystem"></settings>
|
|
<settings pass="auditUser"></settings>
|
|
<settings pass="oobeSystem">
|
|
<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
|
|
<InputLocale>0409:00000424</InputLocale>
|
|
<SystemLocale>en-US</SystemLocale>
|
|
<UILanguage>en-US</UILanguage>
|
|
<UserLocale>en-US</UserLocale>
|
|
</component>
|
|
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
|
|
<UserAccounts>
|
|
<LocalAccounts>
|
|
<LocalAccount wcm:action="add">
|
|
<Name>local_admin</Name>
|
|
<DisplayName>FRI IT</DisplayName>
|
|
<Group>Administrators</Group>
|
|
<Password>
|
|
<Value>6tfc5rdx</Value>
|
|
<PlainText>true</PlainText>
|
|
</Password>
|
|
</LocalAccount>
|
|
<LocalAccount wcm:action="add">
|
|
<Name>Student</Name>
|
|
<DisplayName>Student</DisplayName>
|
|
<Group>Users</Group>
|
|
<Password>
|
|
<Value>vaje</Value>
|
|
<PlainText>true</PlainText>
|
|
</Password>
|
|
</LocalAccount>
|
|
</LocalAccounts>
|
|
</UserAccounts>
|
|
<AutoLogon>
|
|
<Username>local_admin</Username>
|
|
<Enabled>true</Enabled>
|
|
<LogonCount>1</LogonCount>
|
|
<Password>
|
|
<Value>6tfc5rdx</Value>
|
|
<PlainText>true</PlainText>
|
|
</Password>
|
|
</AutoLogon>
|
|
<OOBE>
|
|
<ProtectYourPC>3</ProtectYourPC>
|
|
<HideEULAPage>true</HideEULAPage>
|
|
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
|
|
<HideOnlineAccountScreens>false</HideOnlineAccountScreens>
|
|
</OOBE>
|
|
<FirstLogonCommands>
|
|
<SynchronousCommand wcm:action="add">
|
|
<Order>1</Order>
|
|
<CommandLine>powershell.exe -WindowStyle Normal -NoProfile -Command "Get-Content -LiteralPath 'C:\Windows\Setup\Scripts\FirstLogon.ps1' -Raw | Invoke-Expression;"</CommandLine>
|
|
</SynchronousCommand>
|
|
</FirstLogonCommands>
|
|
</component>
|
|
</settings>
|
|
<Extensions xmlns="https://schneegans.de/windows/unattend-generator/">
|
|
<ExtractScript>
|
|
param(
|
|
[xml] $Document
|
|
);
|
|
|
|
foreach( $file in $Document.unattend.Extensions.File ) {
|
|
$path = [System.Environment]::ExpandEnvironmentVariables( $file.GetAttribute( 'path' ) );
|
|
mkdir -Path( $path | Split-Path -Parent ) -ErrorAction 'SilentlyContinue';
|
|
$encoding = switch( [System.IO.Path]::GetExtension( $path ) ) {
|
|
{ $_ -in '.ps1', '.xml' } { [System.Text.Encoding]::UTF8; }
|
|
{ $_ -in '.reg', '.vbs', '.js' } { [System.Text.UnicodeEncoding]::new( $false, $true ); }
|
|
default { [System.Text.Encoding]::Default; }
|
|
};
|
|
$bytes = $encoding.GetPreamble() + $encoding.GetBytes( $file.InnerText.Trim() );
|
|
[System.IO.File]::WriteAllBytes( $path, $bytes );
|
|
}
|
|
</ExtractScript>
|
|
<File path="C:\Windows\Setup\Scripts\VirtIoGuestTools.ps1">
|
|
& {
|
|
foreach( $letter in 'DEFGHIJKLMNOPQRSTUVWXYZ'.ToCharArray() ) {
|
|
$exe = "${letter}:\virtio-win-guest-tools.exe";
|
|
if( Test-Path -LiteralPath $exe ) {
|
|
Start-Process -FilePath $exe -ArgumentList '/passive', '/norestart' -Wait;
|
|
return;
|
|
}
|
|
}
|
|
'VirtIO Guest Tools image (virtio-win-*.iso) is not attached to this VM.';
|
|
} *>&1 >> 'C:\Windows\Setup\Scripts\VirtIoGuestTools.log';
|
|
</File>
|
|
<File path="C:\Windows\Setup\Scripts\unattend-01.ps1">
|
|
Get-WindowsCapability -Name OpenSSH.Server* -Online |
|
|
Add-WindowsCapability -Online
|
|
|
|
$firewallParams = @{
|
|
Name = 'sshd-Server-In-TCP'
|
|
DisplayName = 'Inbound rule for OpenSSH Server (sshd) on TCP port 22'
|
|
Action = 'Allow'
|
|
Direction = 'Inbound'
|
|
Enabled = 'True' # This is not a boolean but an enum
|
|
Profile = 'Any'
|
|
Protocol = 'TCP'
|
|
LocalPort = 22
|
|
}
|
|
New-NetFirewallRule @firewallParams
|
|
|
|
$shellParams = @{
|
|
Path = 'HKLM:\SOFTWARE\OpenSSH'
|
|
Name = 'DefaultShell'
|
|
Value = 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe'
|
|
PropertyType = 'String'
|
|
Force = $true
|
|
}
|
|
New-ItemProperty @shellParams
|
|
|
|
# Set default to powershell.exe
|
|
$shellParams = @{
|
|
Path = 'HKLM:\SOFTWARE\OpenSSH'
|
|
Name = 'DefaultShell'
|
|
Value = 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe'
|
|
PropertyType = 'String'
|
|
Force = $true
|
|
}
|
|
New-ItemProperty @shellParams
|
|
|
|
# Set time to UTC
|
|
$shellParams = @{
|
|
Path = 'HKLM:\SYSTEM\CurrentControlSet\Control\TimeZoneInformation'
|
|
Name = 'RealTimeIsUniversal'
|
|
Value = '00000001'
|
|
PropertyType = 'dword'
|
|
Force = $true
|
|
}
|
|
New-ItemProperty @shellParams
|
|
|
|
|
|
Set-Service -Name sshd -StartupType Automatic -Status Running
|
|
</File>
|
|
<File path="C:\Windows\Setup\Scripts\unattend-02.ps1">
|
|
Set-Service -Name sshd -StartupType Automatic -Status Running
|
|
</File>
|
|
<File path="C:\Windows\Setup\Scripts\Specialize.ps1">
|
|
$scripts = @(
|
|
{
|
|
reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE" /v BypassNRO /t REG_DWORD /d 1 /f;
|
|
};
|
|
{
|
|
net.exe accounts /maxpwage:UNLIMITED;
|
|
};
|
|
{
|
|
netsh.exe advfirewall firewall set rule group="@FirewallAPI.dll,-28752" new enable=Yes;
|
|
reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f;
|
|
};
|
|
{
|
|
reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power" /v HiberbootEnabled /t REG_DWORD /d 0 /f;
|
|
};
|
|
{
|
|
reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\BitLocker" /v "PreventDeviceEncryption" /t REG_DWORD /d 1 /f;
|
|
};
|
|
{
|
|
Get-Content -LiteralPath 'C:\Windows\Setup\Scripts\unattend-01.ps1' -Raw | Invoke-Expression;
|
|
};
|
|
);
|
|
|
|
& {
|
|
[float] $complete = 0;
|
|
[float] $increment = 100 / $scripts.Count;
|
|
foreach( $script in $scripts ) {
|
|
Write-Progress -Activity 'Running scripts to customize your Windows installation. Do not close this window.' -PercentComplete $complete;
|
|
'*** Will now execute command «{0}».' -f $(
|
|
$str = $script.ToString().Trim() -replace '\s+', ' ';
|
|
$max = 100;
|
|
if( $str.Length -le $max ) {
|
|
$str;
|
|
} else {
|
|
$str.Substring( 0, $max - 1 ) + '…';
|
|
}
|
|
);
|
|
$start = [datetime]::Now;
|
|
& $script;
|
|
'*** Finished executing command after {0:0} ms.' -f [datetime]::Now.Subtract( $start ).TotalMilliseconds;
|
|
"`r`n" * 3;
|
|
$complete += $increment;
|
|
}
|
|
} *>&1 >> "C:\Windows\Setup\Scripts\Specialize.log";
|
|
</File>
|
|
<File path="C:\Windows\Setup\Scripts\UserOnce.ps1">
|
|
$scripts = @(
|
|
{
|
|
Set-WinHomeLocation -GeoId 212;
|
|
};
|
|
{
|
|
Set-ItemProperty -LiteralPath 'Registry::HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced' -Name 'LaunchTo' -Type 'DWord' -Value 1;
|
|
};
|
|
);
|
|
|
|
& {
|
|
[float] $complete = 0;
|
|
[float] $increment = 100 / $scripts.Count;
|
|
foreach( $script in $scripts ) {
|
|
Write-Progress -Activity 'Running scripts to configure this user account. Do not close this window.' -PercentComplete $complete;
|
|
'*** Will now execute command «{0}».' -f $(
|
|
$str = $script.ToString().Trim() -replace '\s+', ' ';
|
|
$max = 100;
|
|
if( $str.Length -le $max ) {
|
|
$str;
|
|
} else {
|
|
$str.Substring( 0, $max - 1 ) + '…';
|
|
}
|
|
);
|
|
$start = [datetime]::Now;
|
|
& $script;
|
|
'*** Finished executing command after {0:0} ms.' -f [datetime]::Now.Subtract( $start ).TotalMilliseconds;
|
|
"`r`n" * 3;
|
|
$complete += $increment;
|
|
}
|
|
} *>&1 >> "$env:TEMP\UserOnce.log";
|
|
</File>
|
|
<File path="C:\Windows\Setup\Scripts\DefaultUser.ps1">
|
|
$scripts = @(
|
|
{
|
|
reg.exe add "HKU\DefaultUser\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f;
|
|
};
|
|
{
|
|
reg.exe add "HKU\DefaultUser\Software\Microsoft\Windows\CurrentVersion\RunOnce" /v "UnattendedSetup" /t REG_SZ /d "powershell.exe -WindowStyle Normal -NoProfile -Command \""Get-Content -LiteralPath 'C:\Windows\Setup\Scripts\UserOnce.ps1' -Raw | Invoke-Expression;\""" /f;
|
|
};
|
|
);
|
|
|
|
& {
|
|
[float] $complete = 0;
|
|
[float] $increment = 100 / $scripts.Count;
|
|
foreach( $script in $scripts ) {
|
|
Write-Progress -Activity 'Running scripts to modify the default user’’s registry hive. Do not close this window.' -PercentComplete $complete;
|
|
'*** Will now execute command «{0}».' -f $(
|
|
$str = $script.ToString().Trim() -replace '\s+', ' ';
|
|
$max = 100;
|
|
if( $str.Length -le $max ) {
|
|
$str;
|
|
} else {
|
|
$str.Substring( 0, $max - 1 ) + '…';
|
|
}
|
|
);
|
|
$start = [datetime]::Now;
|
|
& $script;
|
|
'*** Finished executing command after {0:0} ms.' -f [datetime]::Now.Subtract( $start ).TotalMilliseconds;
|
|
"`r`n" * 3;
|
|
$complete += $increment;
|
|
}
|
|
} *>&1 >> "C:\Windows\Setup\Scripts\DefaultUser.log";
|
|
</File>
|
|
<File path="C:\Windows\Setup\Scripts\FirstLogon.ps1">
|
|
$scripts = @(
|
|
{
|
|
Set-ItemProperty -LiteralPath 'Registry::HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name 'AutoLogonCount' -Type 'DWord' -Force -Value 0;
|
|
};
|
|
{
|
|
Get-Content -LiteralPath 'C:\Windows\Setup\Scripts\VirtIoGuestTools.ps1' -Raw | Invoke-Expression;
|
|
};
|
|
{
|
|
Get-Content -LiteralPath 'C:\Windows\Setup\Scripts\unattend-02.ps1' -Raw | Invoke-Expression;
|
|
};
|
|
);
|
|
|
|
& {
|
|
[float] $complete = 0;
|
|
[float] $increment = 100 / $scripts.Count;
|
|
foreach( $script in $scripts ) {
|
|
Write-Progress -Activity 'Running scripts to finalize your Windows installation. Do not close this window.' -PercentComplete $complete;
|
|
'*** Will now execute command «{0}».' -f $(
|
|
$str = $script.ToString().Trim() -replace '\s+', ' ';
|
|
$max = 100;
|
|
if( $str.Length -le $max ) {
|
|
$str;
|
|
} else {
|
|
$str.Substring( 0, $max - 1 ) + '…';
|
|
}
|
|
);
|
|
$start = [datetime]::Now;
|
|
& $script;
|
|
'*** Finished executing command after {0:0} ms.' -f [datetime]::Now.Subtract( $start ).TotalMilliseconds;
|
|
"`r`n" * 3;
|
|
$complete += $increment;
|
|
}
|
|
} *>&1 >> "C:\Windows\Setup\Scripts\FirstLogon.log";
|
|
</File>
|
|
</Extensions>
|
|
</unattend> |