random-mirrors/dockur-windows
1
0
Fork 0
mirror of https://github.com/dockur/windows.git synced 2026-05-17 18:57:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: random-mirrors/dockur-windows:v3.14
Branches Tags
random-mirrors/dockur-windows:master random-mirrors/dockur-windows:copilot/analyze-shell-scripts-for-bugs-again random-mirrors/dockur-windows:copilot/analyze-shell-scripts-for-bugs random-mirrors/dockur-windows:copilot/find-bugs-in-shell-scripts random-mirrors/dockur-windows:copilot/find-bugs-in-shell-scripts-again
random-mirrors/dockur-windows:v5.15 random-mirrors/dockur-windows:v5.14 random-mirrors/dockur-windows:v5.13 random-mirrors/dockur-windows:v5.12 random-mirrors/dockur-windows:v5.11 random-mirrors/dockur-windows:v5.10 random-mirrors/dockur-windows:v5.09 random-mirrors/dockur-windows:v5.08 random-mirrors/dockur-windows:v5.07 random-mirrors/dockur-windows:v5.06 random-mirrors/dockur-windows:v5.05 random-mirrors/dockur-windows:v5.04 random-mirrors/dockur-windows:v5.03 random-mirrors/dockur-windows:v5.02 random-mirrors/dockur-windows:v5.01 random-mirrors/dockur-windows:v5.00 random-mirrors/dockur-windows:v4.35 random-mirrors/dockur-windows:v4.34 random-mirrors/dockur-windows:v4.33 random-mirrors/dockur-windows:v4.32 random-mirrors/dockur-windows:v4.31 random-mirrors/dockur-windows:v4.30 random-mirrors/dockur-windows:v4.29 random-mirrors/dockur-windows:v4.28 random-mirrors/dockur-windows:v4.27 random-mirrors/dockur-windows:v4.26 random-mirrors/dockur-windows:v4.25 random-mirrors/dockur-windows:v4.24 random-mirrors/dockur-windows:v4.23 random-mirrors/dockur-windows:v4.22 random-mirrors/dockur-windows:v4.21 random-mirrors/dockur-windows:v4.20 random-mirrors/dockur-windows:v4.19 random-mirrors/dockur-windows:v4.18 random-mirrors/dockur-windows:v4.17 random-mirrors/dockur-windows:v4.16 random-mirrors/dockur-windows:v4.15 random-mirrors/dockur-windows:v4.14 random-mirrors/dockur-windows:v4.13 random-mirrors/dockur-windows:v4.12 random-mirrors/dockur-windows:v4.11 random-mirrors/dockur-windows:v4.10 random-mirrors/dockur-windows:v4.09 random-mirrors/dockur-windows:v4.08 random-mirrors/dockur-windows:v4.07 random-mirrors/dockur-windows:v4.06 random-mirrors/dockur-windows:v4.05 random-mirrors/dockur-windows:v4.04 random-mirrors/dockur-windows:v4.03 random-mirrors/dockur-windows:v4.02 random-mirrors/dockur-windows:v4.01 random-mirrors/dockur-windows:v4.00 random-mirrors/dockur-windows:v3.23 random-mirrors/dockur-windows:v3.22 random-mirrors/dockur-windows:v3.21 random-mirrors/dockur-windows:v3.20 random-mirrors/dockur-windows:v3.19 random-mirrors/dockur-windows:v3.18 random-mirrors/dockur-windows:v3.17 random-mirrors/dockur-windows:v3.16 random-mirrors/dockur-windows:v3.15 random-mirrors/dockur-windows:v3.14 random-mirrors/dockur-windows:v3.13 random-mirrors/dockur-windows:v3.12 random-mirrors/dockur-windows:v3.11 random-mirrors/dockur-windows:v3.10 random-mirrors/dockur-windows:v3.09 random-mirrors/dockur-windows:v3.08 random-mirrors/dockur-windows:v3.07 random-mirrors/dockur-windows:v3.06 random-mirrors/dockur-windows:v3.05 random-mirrors/dockur-windows:v3.04 random-mirrors/dockur-windows:v3.03 random-mirrors/dockur-windows:v3.02 random-mirrors/dockur-windows:v3.01 random-mirrors/dockur-windows:v3.00 random-mirrors/dockur-windows:v2.22 random-mirrors/dockur-windows:v2.21 random-mirrors/dockur-windows:v2.20 random-mirrors/dockur-windows:v2.19 random-mirrors/dockur-windows:v2.18 random-mirrors/dockur-windows:v2.17 random-mirrors/dockur-windows:v2.16 random-mirrors/dockur-windows:v2.15 random-mirrors/dockur-windows:v2.14 random-mirrors/dockur-windows:v2.13 random-mirrors/dockur-windows:v2.12 random-mirrors/dockur-windows:v2.11 random-mirrors/dockur-windows:v2.10 random-mirrors/dockur-windows:v2.09 random-mirrors/dockur-windows:v2.08 random-mirrors/dockur-windows:v2.07 random-mirrors/dockur-windows:v2.06 random-mirrors/dockur-windows:v2.05 random-mirrors/dockur-windows:v2.04 random-mirrors/dockur-windows:v2.03 random-mirrors/dockur-windows:v2.02 random-mirrors/dockur-windows:v2.01 random-mirrors/dockur-windows:v2.00 random-mirrors/dockur-windows:v1.20 random-mirrors/dockur-windows:v1.19 random-mirrors/dockur-windows:v1.18 random-mirrors/dockur-windows:v1.17 random-mirrors/dockur-windows:v1.16 random-mirrors/dockur-windows:v1.15 random-mirrors/dockur-windows:v1.14 random-mirrors/dockur-windows:v1.13 random-mirrors/dockur-windows:v1.12 random-mirrors/dockur-windows:v1.11 random-mirrors/dockur-windows:v1.10 random-mirrors/dockur-windows:v1.09 random-mirrors/dockur-windows:v1.08 random-mirrors/dockur-windows:v1.07 random-mirrors/dockur-windows:v1.06 random-mirrors/dockur-windows:v1.05 random-mirrors/dockur-windows:v1.04 random-mirrors/dockur-windows:v1.03 random-mirrors/dockur-windows:v1.02 random-mirrors/dockur-windows:v1.01 random-mirrors/dockur-windows:v1.00
...
compare: random-mirrors/dockur-windows:copilot/find-bugs-in-shell-scripts-again
Branches Tags
random-mirrors/dockur-windows:master random-mirrors/dockur-windows:copilot/analyze-shell-scripts-for-bugs-again random-mirrors/dockur-windows:copilot/analyze-shell-scripts-for-bugs random-mirrors/dockur-windows:copilot/find-bugs-in-shell-scripts random-mirrors/dockur-windows:copilot/find-bugs-in-shell-scripts-again
random-mirrors/dockur-windows:v5.15 random-mirrors/dockur-windows:v5.14 random-mirrors/dockur-windows:v5.13 random-mirrors/dockur-windows:v5.12 random-mirrors/dockur-windows:v5.11 random-mirrors/dockur-windows:v5.10 random-mirrors/dockur-windows:v5.09 random-mirrors/dockur-windows:v5.08 random-mirrors/dockur-windows:v5.07 random-mirrors/dockur-windows:v5.06 random-mirrors/dockur-windows:v5.05 random-mirrors/dockur-windows:v5.04 random-mirrors/dockur-windows:v5.03 random-mirrors/dockur-windows:v5.02 random-mirrors/dockur-windows:v5.01 random-mirrors/dockur-windows:v5.00 random-mirrors/dockur-windows:v4.35 random-mirrors/dockur-windows:v4.34 random-mirrors/dockur-windows:v4.33 random-mirrors/dockur-windows:v4.32 random-mirrors/dockur-windows:v4.31 random-mirrors/dockur-windows:v4.30 random-mirrors/dockur-windows:v4.29 random-mirrors/dockur-windows:v4.28 random-mirrors/dockur-windows:v4.27 random-mirrors/dockur-windows:v4.26 random-mirrors/dockur-windows:v4.25 random-mirrors/dockur-windows:v4.24 random-mirrors/dockur-windows:v4.23 random-mirrors/dockur-windows:v4.22 random-mirrors/dockur-windows:v4.21 random-mirrors/dockur-windows:v4.20 random-mirrors/dockur-windows:v4.19 random-mirrors/dockur-windows:v4.18 random-mirrors/dockur-windows:v4.17 random-mirrors/dockur-windows:v4.16 random-mirrors/dockur-windows:v4.15 random-mirrors/dockur-windows:v4.14 random-mirrors/dockur-windows:v4.13 random-mirrors/dockur-windows:v4.12 random-mirrors/dockur-windows:v4.11 random-mirrors/dockur-windows:v4.10 random-mirrors/dockur-windows:v4.09 random-mirrors/dockur-windows:v4.08 random-mirrors/dockur-windows:v4.07 random-mirrors/dockur-windows:v4.06 random-mirrors/dockur-windows:v4.05 random-mirrors/dockur-windows:v4.04 random-mirrors/dockur-windows:v4.03 random-mirrors/dockur-windows:v4.02 random-mirrors/dockur-windows:v4.01 random-mirrors/dockur-windows:v4.00 random-mirrors/dockur-windows:v3.23 random-mirrors/dockur-windows:v3.22 random-mirrors/dockur-windows:v3.21 random-mirrors/dockur-windows:v3.20 random-mirrors/dockur-windows:v3.19 random-mirrors/dockur-windows:v3.18 random-mirrors/dockur-windows:v3.17 random-mirrors/dockur-windows:v3.16 random-mirrors/dockur-windows:v3.15 random-mirrors/dockur-windows:v3.14 random-mirrors/dockur-windows:v3.13 random-mirrors/dockur-windows:v3.12 random-mirrors/dockur-windows:v3.11 random-mirrors/dockur-windows:v3.10 random-mirrors/dockur-windows:v3.09 random-mirrors/dockur-windows:v3.08 random-mirrors/dockur-windows:v3.07 random-mirrors/dockur-windows:v3.06 random-mirrors/dockur-windows:v3.05 random-mirrors/dockur-windows:v3.04 random-mirrors/dockur-windows:v3.03 random-mirrors/dockur-windows:v3.02 random-mirrors/dockur-windows:v3.01 random-mirrors/dockur-windows:v3.00 random-mirrors/dockur-windows:v2.22 random-mirrors/dockur-windows:v2.21 random-mirrors/dockur-windows:v2.20 random-mirrors/dockur-windows:v2.19 random-mirrors/dockur-windows:v2.18 random-mirrors/dockur-windows:v2.17 random-mirrors/dockur-windows:v2.16 random-mirrors/dockur-windows:v2.15 random-mirrors/dockur-windows:v2.14 random-mirrors/dockur-windows:v2.13 random-mirrors/dockur-windows:v2.12 random-mirrors/dockur-windows:v2.11 random-mirrors/dockur-windows:v2.10 random-mirrors/dockur-windows:v2.09 random-mirrors/dockur-windows:v2.08 random-mirrors/dockur-windows:v2.07 random-mirrors/dockur-windows:v2.06 random-mirrors/dockur-windows:v2.05 random-mirrors/dockur-windows:v2.04 random-mirrors/dockur-windows:v2.03 random-mirrors/dockur-windows:v2.02 random-mirrors/dockur-windows:v2.01 random-mirrors/dockur-windows:v2.00 random-mirrors/dockur-windows:v1.20 random-mirrors/dockur-windows:v1.19 random-mirrors/dockur-windows:v1.18 random-mirrors/dockur-windows:v1.17 random-mirrors/dockur-windows:v1.16 random-mirrors/dockur-windows:v1.15 random-mirrors/dockur-windows:v1.14 random-mirrors/dockur-windows:v1.13 random-mirrors/dockur-windows:v1.12 random-mirrors/dockur-windows:v1.11 random-mirrors/dockur-windows:v1.10 random-mirrors/dockur-windows:v1.09 random-mirrors/dockur-windows:v1.08 random-mirrors/dockur-windows:v1.07 random-mirrors/dockur-windows:v1.06 random-mirrors/dockur-windows:v1.05 random-mirrors/dockur-windows:v1.04 random-mirrors/dockur-windows:v1.03 random-mirrors/dockur-windows:v1.02 random-mirrors/dockur-windows:v1.01 random-mirrors/dockur-windows:v1.00

286 Commits
v3.14 ... copilot/find-bugs-in-shell-scripts-again

Author SHA1 Message Date
Kroese f2809a8929 fix: Missing equals sign before ConvertNTFS (#1727) 2026-05-16 02:45:58 +02:00
Kroese 7fd7ab3050 fix: Code formatting (#1726) 2026-05-16 02:44:47 +02:00
Kroese fddbebadae fix: Case statements (#1725) 2026-05-16 02:37:05 +02:00
Kroese 34f312ddff build: Update wsddn package to v1.24 (#1724) 2026-05-16 00:17:11 +02:00
Kroese daea34a10f feat: Update download links (#1723) 2026-05-15 22:03:48 +02:00
Kroese c5417e8fca fix: Automated downloads from Microsoft (#1722) 2026-05-13 20:34:30 +02:00
Kroese 603ee5f93b fix: Remove VirtIO Balloon service for x86 (#1721) 2026-05-13 17:49:22 +02:00
Kroese 4926ad0ea9 feat: Always copy drivers to Windows folder (#1720) 2026-05-13 17:10:40 +02:00
Kroese a81c45de30 feat: Update download links (#1719) 2026-05-13 16:50:37 +02:00
Kroese 85bacbec63 fix: Check if VERSION variable is empty (#1718) 2026-05-13 08:28:18 +02:00
Kroese 8f1335d7f8 docs: Improve warning for USB disk drives (#1717) 2026-05-13 04:47:49 +02:00
Kroese 8d50472167 build: Update QEMU base image to v7.30 (#1713) 2026-05-10 16:30:16 +02:00
renovate[bot] 173f35d21b chore(deps): update grantbirki/json-yaml-validate action to v5 (#1712) 2026-05-10 16:27:30 +02:00
dependabot[bot] e21418b228 build(deps): bump docker/metadata-action from 5 to 6 (#1667) 2026-05-06 20:56:39 +02:00
dependabot[bot] 1246667afa build(deps): bump docker/setup-buildx-action from 3 to 4 (#1668) 2026-05-06 20:52:52 +02:00
dependabot[bot] 247e4e0b38 build(deps): bump docker/login-action from 3 to 4 (#1669) 2026-05-06 20:51:21 +02:00
dependabot[bot] c534901402 build(deps): bump docker/build-push-action from 6 to 7 (#1670) 2026-05-06 20:49:05 +02:00
Kroese 49e962e56a fix: Use PID file from base image (#1711) 2026-05-06 20:47:37 +02:00
Kroese 3e37a04d96 build: Update VirtIO drivers to v1.9.57 (#1709) 2026-05-06 08:25:54 +02:00
Luca De Petrillo 0ea63962af feat: Add memory ballooning support (#1688) 2026-05-06 07:57:31 +02:00
Kroese 4d01a81586 build: Use Firefox impersonation while checking links (#1681) 2026-03-23 15:17:26 +01:00
Kroese d8e51d8965 build: Add workflow to validate download links (#1680) 2026-03-23 13:36:57 +01:00
Kroese 8d4788f7c0 build: Update WSDD version to v1.23 (#1679) 2026-03-23 11:31:04 +01:00
Kroese 8ec135d826 build: Update VirtIO drivers to v1.9.53 (#1678) 2026-03-23 11:26:50 +01:00
huulme 0400f5f45d docs: Higher quality video thumbnail (#1671) 2026-03-09 11:50:01 -04:00
Azim Muradov 588969ae5f fix: Path to "Desktop" folder on Windows XP (#1625) 
Fix path to "Desktop" folder to work correctly with different locales on Windows XP.
 2026-01-13 13:43:48 +01:00
Kroese c7aac1edcf build: Update QEMU base image to v7.29 (#1583) 2025-11-22 05:02:48 +01:00
renovate[bot] ea03c67a04 chore(deps): update actions/checkout action to v6 (#1580) 2025-11-21 12:38:58 +01:00
Gamal Moussa bdb0488151 refactor: replace PID cleanup with loop (#1579) 2025-11-20 08:49:24 +01:00
Kroese ad6f87046a build: Update VirtIO drivers to v1.9.49 (#1570) 2025-11-14 07:18:24 +01:00
Kroese e7a3894210 fix: Update Workspaces configuration (#1569) 2025-11-14 06:26:07 +01:00
Kroese 8443559a76 build: Update QEMU base image to v7.28 (#1562) 2025-11-12 07:08:22 +01:00
Kroese 6dbac13cd1 fix: Use pcnet network adapter for Win9x (#1558) 2025-11-07 06:06:01 +01:00
Kroese fd907bb78a feat: Update Windows Server download links (#1555) 2025-11-06 01:27:27 +01:00
Kroese 1a6a2dbad0 build: Use Github token (#1539) 2025-10-29 14:06:26 +01:00
Kroese 11a19f6a9d fix: Remove unnecessary operation (#1534) 2025-10-24 04:33:47 +02:00
Kroese 544501107a feat: Check if shared folder is writeable (#1531) 2025-10-22 12:19:39 +02:00
Kroese 122d1ff98e fix: Inherit owner from parent folder (#1526) 2025-10-22 10:06:26 +02:00
Kroese c1c44c4da7 build: Add code quality checks (#1529) 2025-10-22 01:23:25 +02:00
Kroese f661df3abc build: Update QEMU base image to v7.27 (#1528) 2025-10-21 23:19:54 +02:00
Kroese a0bcd719be build: Add review workflow for shell formatting (#1527) 2025-10-21 22:46:06 +02:00
Kroese 9236127a86 fix: Add SELinux warning for shared folder (#1522) 2025-10-20 14:50:37 +02:00
Kroese fa606aec53 build: Update wsddn package to v1.22 (#1521) 2025-10-20 14:48:46 +02:00
Kroese 8790b4ec7c fix: Remove SeaBIOS control characters (#1520) 2025-10-20 13:59:27 +02:00
Kroese e3cf3ccf3d docs: Update docker run command (#1519) 2025-10-20 12:29:03 +02:00
Kroese b244fa544f build: Update QEMU base image to v7.26 (#1517) 2025-10-19 18:01:17 +02:00
Kroese 4cb7e1074f fix: Kill QEMU after 5 seconds if it hangs (#1516) 2025-10-19 17:57:18 +02:00
Kroese ac106067bd feat: Display ESD processing progress (#1514) 2025-10-19 17:47:44 +02:00
Kroese 0e95680704 fix: Kill QEMU after 5 seconds when it hangs (#1515) 2025-10-19 16:59:48 +02:00
Kroese 5476760551 feat: Update Tiny11 version to 25H2 (#1513) 2025-10-19 13:16:22 +02:00
Kroese 0caa4d76b8 feat: Improve Github Codespaces configuration (#1512) 2025-10-19 12:49:32 +02:00
Kroese 4e0a29605b feat: Display extraction progress (#1511) 2025-10-19 11:08:57 +02:00
Kroese c3ba25bfb7 feat: Improve Github Codespaces configuration (#1510) 2025-10-19 10:50:46 +02:00
Kroese 10449a3d29 feat: Improve Github Codespaces configuration (#1506) 2025-10-19 01:31:23 +02:00
Kroese b998cd4c7f fix: Remove version variable in Codespaces (#1500) 2025-10-17 19:03:03 +02:00
Kroese 6f84823117 build: Update QEMU base image version to v7.25 (#1496) 2025-10-17 13:45:46 +02:00
Kroese c997bf7765 feat: Improve Github Codespaces configuration (#1497) 2025-10-17 13:42:41 +02:00
Kroese c6a8c0b702 feat: Load memory module (#1495) 2025-10-17 13:38:11 +02:00
Kroese f1ea8ee227 build: Update VirtIO drivers to v1.9.48 (#1494) 2025-10-17 12:53:48 +02:00
Kroese 0ab3198ded build: Validate JSON and YML files (#1493) 2025-10-17 10:05:12 +02:00
Kroese 42a149d7b9 feat: Make Windows version selectable in Codespaces (#1489) 2025-10-16 10:54:06 +02:00
Kroese 0b0de7de14 feat: Improve Github Codespaces configuration (#1488) 2025-10-16 00:03:24 +02:00
Kroese 8472d700dc feat: Improve Github Codespaces configuration (#1487) 2025-10-15 23:47:29 +02:00
Kroese ab457abc3c feat: Add custom .yml for Github Codespaces (#1486) 2025-10-15 21:54:52 +02:00
Kroese 70dce80aec docs: Readme (#1484) 2025-10-15 13:15:31 +02:00
Kroese 5e2ca4c1b6 build: Update QEMU base image to v7.24 (#1476) 2025-10-13 15:06:21 +02:00
Kroese 3c029582d6 build: Update QEMU base image version to v7.23 (#1470) 2025-10-12 02:03:16 +02:00
Kroese 8846aad171 build: Run check for all files (#1469) 
Removed specific paths from pull request triggers.
 2025-10-12 00:22:18 +02:00
Kroese 44dd2b67c8 docs: Update image link (#1468) 2025-10-11 17:33:02 +02:00
Kroese ffadba3f3f docs: Add link to WinBoat (#1467) 2025-10-11 17:31:14 +02:00
Kroese 135fd38778 feat: Shared files inherit ownership from parent folder (#1465) 2025-10-10 06:28:20 +02:00
Kroese 45956f786f feat: Allow to set a user/group for the shared folder (#1464) 2025-10-09 12:24:51 +02:00
Kroese aa575286f6 build: Update QEMU base image to v7.22 (#1462) 2025-10-08 22:08:11 +02:00
Kroese ccc0d4ea64 fix: Terminate tail on exit (#1461) 2025-10-08 08:14:36 +02:00
Kroese 75e25b2aea feat: Disable Network Discovery popup (#1459) 2025-10-07 15:29:33 +02:00
Kroese 26e4ab5fb2 feat: Use the engine variable (#1458) 2025-10-07 12:39:17 +02:00
Kroese 004f4df79e feat: Set Samba socket (#1457) 2025-10-07 01:10:52 +02:00
Kroese c04851bbd4 feat: Remove entry from hosts file (#1456) 2025-10-06 13:45:14 +02:00
Kroese 588242b175 fix: Use bridge name variable (#1455) 2025-10-06 13:44:05 +02:00
Kroese 3ab5c25152 feat: Use PID for Samba process (#1454) 2025-10-06 13:22:28 +02:00
Kroese 17db1ac34c feat: Support more network types (#1453) 2025-10-05 18:58:17 +02:00
Kroese b3f1cb913a feat: Make Samba interface configurable (#1452) 2025-10-05 07:47:19 +02:00
Kroese 29a9e2d68c feat: Monitor port is now configurable (#1451) 2025-10-04 09:47:08 +02:00
Kroese 434bc11907 fix: Shared folder location (#1450) 2025-10-03 11:41:40 +02:00
Kroese 4cd2a9c70b docs: Document new file sharing method (#1449) 2025-10-03 03:13:12 +02:00
Kroese f29208af3f feat: Improved Samba logging (#1448) 2025-10-03 02:50:59 +02:00
Kroese 4871a1e61b feat: Create desktop shortcut to shared folder (#1447) 2025-10-03 00:02:03 +02:00
Kroese ae185de314 build: Update QEMU base image to v7.20 (#1446) 2025-10-03 00:00:08 +02:00
Kroese eeb3425211 feat: Enhanced Samba debugging (#1444) 2025-10-02 20:04:15 +02:00
Kroese fde0ae7c4b feat: Add additional debug messages (#1442) 2025-10-02 10:46:20 +02:00
Kroese e945e852dc feat: Verify download link (#1441) 2025-10-01 17:34:13 +02:00
renovate[bot] 8a2f23275e chore(deps): update peter-evans/dockerhub-description action to v5 (#1440) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-10-01 17:17:23 +02:00
Kroese f8dcd82502 feat: Add Windows 11 25H2 download (#1439) 2025-10-01 16:58:49 +02:00
Kroese 6be89c929e build: Update QEMU base image to v7.19 (#1438) 2025-10-01 13:17:26 +02:00
Kroese b308de3472 feat: Add Windows 11 25H2 download mirror (#1436) 2025-09-30 10:28:37 +02:00
Kroese 6707de3db4 feat: Hide Windows Copilot button by default (#1435) 2025-09-30 10:08:39 +02:00
renovate[bot] 021d0c88f1 chore(deps): update qemux/qemu docker tag to v7.18 (#1434) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-09-30 00:47:36 +02:00
Kroese fa7302fd18 build: Update QEMU base image to v7.17 (#1427) 2025-09-24 16:38:22 +02:00
Kroese c8b4cb9c14 feat: Surpress errors when setting permissions (#1422) 2025-09-23 16:55:11 +02:00
Kroese 5425783f5c feat: Update information (#1421) 2025-09-23 16:17:31 +02:00
Kroese 221f4feac3 build: Update QEMU base image to v7.16 (#1419) 2025-09-22 21:38:24 +02:00
renovate[bot] a14426478c chore(deps): update hadolint/hadolint-action action to v3.3.0 (#1418) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-09-22 21:31:28 +02:00
Kroese e56f059bd2 feat: Implement ARM compatibility check for Windows 11 (#1417) 2025-09-22 09:33:42 +02:00
Kroese 4a5e455389 feat: Download older Windows 11 build on ARMv8.0 (#1416) 2025-09-22 08:25:53 +02:00
Kroese 0f918c8cb0 revert: Simplify conditional checks (#1414) 
This reverts commit 9c08dc7b1e.
 2025-09-21 23:04:29 +02:00
Kroese 9c08dc7b1e fix: Simplify conditional checks (#1413) 2025-09-21 15:15:46 +02:00
Kroese bfc9b357e5 build: Update QEMU base image to v7.15 (#1412) 2025-09-21 04:45:36 +02:00
Kroese ea3003dec5 fix: Simplify conditional checks (#1411) 2025-09-20 23:54:03 +02:00
Kroese 06518d8eb3 feat: Resume failed downloads (#1410) 2025-09-20 13:51:51 +02:00
renovate[bot] 9b4cd5a745 chore(deps): update qemux/qemu docker tag to v7.14 (#1408) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-09-18 22:57:39 +02:00
Kroese d9211a77df feat: Update command to set user password policy (#1407) 2025-09-18 22:53:16 +02:00
Kroese d25e18c0c5 feat: Backup installation when switching versions (#1402) 2025-09-18 12:10:53 +02:00
renovate[bot] ef850e9837 chore(deps): update qemux/qemu docker tag to v7.13 (#1400) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-09-17 19:20:08 +02:00
Kroese 0903fad26b feat: Backup disk image (#1399) 2025-09-17 17:24:41 +02:00
Sultaniiazov David d08b7aeb27 fix: Typo (#1397) 2025-09-17 16:18:53 +02:00
Kroese 2239792fa9 feat: Allow for easier switching between versions (#1398) 
When the VERSION variable is changed, it will now automaticly clean the /storage folder instead of warning the user to manually do it.
 2025-09-17 16:17:42 +02:00
Kroese 05330ff64c fix: Shellcheck warning (#1393) 2025-09-15 17:39:29 +02:00
Kroese 1c15df95ac feat: Remove leading and trailing spaces from VERSION (#1392) 2025-09-15 14:20:29 +02:00
Kroese 1ebb4c8d58 fix: Check image count in ESD file (#1391) 2025-09-15 02:09:31 +02:00
mauxadoor e3dc889601 fix: wimlib-imagex info returns UTF-16LE but is interpreted as UTF8 (#1293) 2025-09-15 01:49:04 +02:00
Kroese 22511b16ae docs: Update image sizes (#1390) 2025-09-15 01:05:12 +02:00
Kroese d0ac685a81 build: Remove netcat-openbsd package (#1389) 2025-09-15 01:00:17 +02:00
Kroese 36e69fba72 fix: Updated checksums for mirror (#1388) 2025-09-15 00:36:40 +02:00
Kroese 2983b2b677 fix: Windows Enterprise download was broken (#1387) 2025-09-14 20:51:49 +02:00
Kroese 22235bf48e build: Disable automatic builds (#1386) 
Removed push trigger and paths to ignore from build workflow.
 2025-09-14 11:52:06 +02:00
Kroese da308b7e89 feat: Replace wsdd with wsddn for Web Service Discovery (#1385) 2025-09-13 20:08:38 +02:00
Alexandre Beaujour 53b0c9ad02 docs: Clarify disk resizing (#1383) 2025-09-13 13:43:45 +02:00
renovate[bot] 0b7e8f01be chore(deps): update hadolint/hadolint-action action to v3.2.0 (#1365) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-09-03 16:42:46 +02:00
Kroese 5248397845 docs: Remove Stars section from README (#1361) 
Removed the Stars section from the README.
 2025-09-02 14:32:52 +02:00
Jam Balaya 032d7a31a4 build: Add syntax parser directive to Dockerfile (#1323) 
* build: Add `syntax` parser directive to Dockerfile
 2025-08-27 21:11:40 +02:00
renovate[bot] 21f533ece8 chore(deps): update actions/checkout action to v5 (#1334) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-08-27 21:07:39 +02:00
Kroese 945e27f72c build: Update VirtIO drivers to v1.9.47 (#1297) 2025-07-07 13:31:22 +02:00
Levvie - she/her 50f6467dea fix: Spelling mistake of successfully (#1251) 2025-05-27 00:52:50 +02:00
renovate[bot] 868c8af289 chore(deps): update qemux/qemu docker tag to v7.12 (#1229) 2025-05-06 06:50:22 +02:00
Kroese 56fa5288cd docs: Add input types (#1221) 2025-04-23 13:02:04 +02:00
Kroese 5814473fe1 feat: Improve OS detection (#1219) 2025-04-22 19:09:23 +02:00
Kroese bfb9c4b172 feat: Additional download mirrors (#1214) 2025-04-21 01:23:31 +02:00
Kroese 196afb48ae feat: Additional download mirrors (#1213) 2025-04-20 20:32:57 +02:00
Kroese 338d857e56 feat: Additional download mirrors (#1212) 2025-04-20 19:31:27 +02:00
Kroese 366305a4b1 feat: Additional download mirrors (#1210) 2025-04-20 12:45:47 +02:00
Kroese 87f3fd119b feat: Set user agent for downloads (#1209) 2025-04-20 11:38:21 +02:00
Kroese 2bacbac1f9 docs: Add quotes around $PWD (#1206) 2025-04-16 12:00:38 +02:00
Kroese a33a5f56dc build: Update qemu-docker to v7.11 (#1205) 2025-04-14 21:00:29 +02:00
Kroese 2d065f092d feat: Support boot.iso files (#1204) 2025-04-14 20:12:37 +02:00
Kroese 46a9295e20 feat: Skip internet connection wizard on Windows 2000 (#1203) 2025-04-14 13:44:42 +02:00
Kroese a1e68622e9 fix: Disallow RDP login with blank password (#1202) 2025-04-14 12:46:21 +02:00
Kroese fda0d7fbf9 feat: Check shared folder permissions (#1199) 2025-04-09 09:33:42 +02:00
Kroese 67cd5db5bc fix: Avoid pipe to head on find (#1197) 2025-04-09 08:20:38 +02:00
Kroese 995d5eaec1 build: Update qemu-docker to v7.10 (#1195) 2025-04-08 08:12:53 +02:00
Kroese d008b18d1d feat: Don't display domain (#1190) 2025-04-06 08:36:54 +02:00
Kroese fa40d30e5d feat: Add Windows 2000 support (#1188) 2025-04-06 00:42:46 +02:00
Kroese de4bda71e2 build: Update qemu-docker to v7.08 (#1185) 2025-04-04 01:29:45 +02:00
Kroese aa16eeba6c docs: Disk pass-through (#1183) 2025-04-03 10:28:44 +02:00
Kroese 70a92d3503 docs: Product key (#1182) 2025-04-03 02:06:22 +02:00
Kroese 6c3ef15ffd docs: Manual installation (#1181) 2025-04-03 02:03:46 +02:00
Kroese 71c9586fb4 fix: Ignore missing custom .iso after install (#1180) 2025-04-03 01:45:49 +02:00
Kroese 81e9fff270 build: Update to qemu-docker v7.07 (#1176) 2025-03-28 20:33:37 +01:00
Kroese 90df2d88e3 docs: Github Codespaces (#1173) 2025-03-27 01:51:12 +01:00
Kroese ffcb483452 fix: Update download links (#1172) 2025-03-26 19:55:08 +01:00
Kroese c081ec2693 feat: Additional download mirrors (#1170) 2025-03-26 14:45:37 +01:00
Kroese 96fbb26d6f fix: Warn on invalid path (#1168) 2025-03-26 08:33:24 +01:00
Kroese db45817a7c docs: Github Codespaces (#1165) 2025-03-25 14:51:59 +01:00
Kroese a9e3ffa413 fix: Remove non-printable characters (#1160) 2025-03-24 14:10:30 +01:00
renovate[bot] 77a8e4d26e build: Update qemu-docker to v7.04 (#1157) 2025-03-21 22:13:13 +01:00
Lars The 9fd266a09d fix: Disable Hyper-V role (#1155) 2025-03-21 20:57:15 +01:00
Kroese d570eca629 docs: KVM information (#1152) 2025-03-20 23:21:55 +01:00
Kroese 7b31f538ba docs: Compatibility chart (#1151) 2025-03-20 23:07:24 +01:00
Kroese 6bf854fc12 fix: Detect image platform (#1149) 2025-03-20 20:15:06 +01:00
Kroese 6f604dca8e fix: Check image platform (#1148) 2025-03-20 20:11:13 +01:00
Kroese 663a6b5da0 docs: Add Podman (#1147) 2025-03-20 20:03:51 +01:00
Kroese 839900f495 fix: Detect image platform (#1146) 2025-03-20 17:42:43 +01:00
Kroese e2be4f6d0c feat: Platform variable (#1143) 2025-03-20 11:09:40 +01:00
Kroese 5d734616aa fix: Disable output buffering (#1141) 2025-03-20 01:19:05 +01:00
Kroese 972240061e fix: Rename bootmessage (#1140) 2025-03-20 00:41:09 +01:00
sequencerr 0c8943f541 fix: Prevent terminal control sequences (#1139) 2025-03-19 23:42:24 +01:00
Kroese b7ad0d3d88 fix: File sharing in user-mode (#1136) 2025-03-19 13:58:45 +01:00
Kroese 522d646fa3 feat: Check if IP is specified (#1135) 2025-03-19 09:45:08 +01:00
Kroese e5e71f67fa feat: Add devcontainer (#1134) 2025-03-19 09:23:29 +01:00
Kroese a3a2b3fb09 fix: Samba for user-mode networking (#1132) 2025-03-18 19:27:37 +01:00
Kroese f454fa7b34 feat: Add entry to hosts file (#1131) 2025-03-18 17:31:00 +01:00
Kroese 461be96ecd docs: Formatting (#1129) 2025-03-18 14:26:16 +01:00
Kroese c31c530f2b docs: Github Codespaces (#1127) 2025-03-18 14:02:31 +01:00
Kroese a995ecc174 feat: Add devcontainer (#1126) 2025-03-18 11:17:27 +01:00
Riaan Nolan d3358f7345 fear: Add devcontainer (#1125) 2025-03-18 11:13:37 +01:00
Kroese c9abc7551a fix: Remove port 80 (#1124) 2025-03-18 05:19:44 +01:00
renovate[bot] 156eaaa2da build: Update qemu-docker to v7.01 (#1123) 2025-03-18 04:46:27 +01:00
Kroese 9ffc4647aa build: Update qemu-docker to v7.01 (#1122) 2025-03-18 04:11:08 +01:00
Kroese 5501437caa feat: Switch to port 80 (#1121) 2025-03-17 16:46:38 +01:00
Kroese 777af02ed4 fix: Format filesizes (#1116) 2025-03-15 14:25:11 +01:00
Kroese 8ec6945b54 feat: Add Hyper-V Server 2019 (#1114) 2025-03-14 14:00:33 +01:00
renovate[bot] e58f21c33d build: Update qemu-docker to v6.22 (#1113) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-03-14 12:57:00 +01:00
Kroese 5ab42e9409 feat: Allow product key configuration (#1110) 2025-03-13 12:55:36 +01:00
Kroese b465f78646 docs: Readme (#1108) 2025-03-13 01:59:04 +01:00
renovate[bot] 64ddb6d774 build: Update qemu-docker to v6.21 (#1107) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-03-12 21:59:37 +01:00
Kroese 454cd8db68 docs: Use relative paths (#1102) 2025-03-12 12:02:31 +01:00
Kroese 5fac3fa33e feat: Install driver during specialization phase (#1099) 2025-03-11 20:42:41 +01:00
Francois Liot 186b2e21ce docs: Kubernetes deployment (#1092) 2025-03-07 00:44:47 +01:00
Kroese b8105e9072 fix: Samba permissions (#1091) 2025-03-06 10:27:59 +01:00
Kroese 9cad3f0994 fix: Update Windows Server 2025 download link (#1088) 2025-03-05 11:04:23 +01:00
Kroese f7a086a8d4 feat: Additional download mirrors (#1086) 2025-03-05 09:24:05 +01:00
Kroese 57ab7eb84f fix: Update download links (#1085) 2025-03-05 06:51:35 +01:00
Kroese 8be35e16d7 fix: Remove broken links (#1084) 2025-03-05 06:19:25 +01:00
Kroese 3cf95f2a0e feat: Remove migrations (#1083) 2025-03-05 05:32:25 +01:00
Kroese 22d318a9b4 fix: Samba permissions (#1082) 2025-03-04 15:57:44 +01:00
Kroese 974d087466 docs: Readme (#1077) 2025-03-03 12:34:10 +01:00
Kroese d5b891f4fb build: Update qemu-docker to v6.19 (#1076) 2025-03-03 12:33:38 +01:00
Kroese 2296e3dbfa docs: Clarify environment variables (#1072) 2025-03-01 14:00:16 +01:00
Kroese e16af78828 feat: Check path to custom .iso (#1069) 2025-02-28 04:07:57 +01:00
Kroese 5ae6ecbe85 feat: Update download links (#1066) 2025-02-26 23:15:13 +01:00
Kroese c9482fe3f0 build: Update qemu-docker to v6.18 (#1065) 2025-02-26 22:55:28 +01:00
Kroese 63a9d10a27 feat: Make app name configurable (#1058) 2025-02-25 15:15:48 +01:00
Kroese 009c2c7deb build: Update qemu-docker to v6.17 (#1056) 2025-02-25 06:05:42 +01:00
renovate[bot] 06434c02f4 chore(deps): update qemux/qemu-docker docker tag to v6.16 (#1054) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-02-24 04:16:07 +01:00
Kroese 32b92cc03a fix: Update download links (#1053) 2025-02-24 04:15:49 +01:00
Kroese d799079040 docs: Readme (#1052) 2025-02-22 10:02:48 +01:00
Kroese b57d34e11e fix: Update download links (#1051) 2025-02-22 09:53:17 +01:00
Kroese 61d7e0d3be feat: Fallback to Windows 11 if version unknown (#1042) 2025-02-17 18:59:40 +01:00
krzysiuu1998 e6d7495bac fix: Update compose.yml (#1040) 2025-02-17 09:07:25 +01:00
Kroese faa7c58366 fix: Download links (#1035) 2025-02-15 04:49:24 +01:00
Kroese c0f5cca574 docs: Add restart policy (#1028) 2025-02-10 00:26:49 +01:00
renovate[bot] d86731dc24 chore(deps): update qemux/qemu-docker docker tag to v6.14 (#1024) 2025-02-06 02:12:20 +01:00
Kroese bca8cb6817 build: Update qemu-docker to v6.13 (#1010) 2025-01-15 23:45:30 +01:00
ncheng89 d9c7983bb5 feat: Support more shared directories (#987) 
* Support more shared directories

Control the sharing of more directories through environment variables instead of hard-coding more shared directories
 2025-01-08 15:55:17 +01:00
James Nguyen 28f6e9c76b feat: Allow symlinks in shared folder (#1001) 2025-01-08 15:38:51 +01:00
Kroese 1081855571 feat: Update download links (#996) 2025-01-06 19:26:45 +01:00
Kroese 57193b0f59 fix: Follow download redirects (#981) 2024-12-20 18:32:26 +01:00
Kroese 6825b6a45a fix: Update download links (#980) 2024-12-20 15:43:37 +01:00
Kroese c82725ec61 docs: Readme (#958) 2024-12-06 11:19:42 +01:00
Kroese 1f0cdc9bd1 build: Update qemu-docker to v6.11 (#946) 2024-12-03 12:12:47 +01:00
Kilian von Pflugk 9654a945fb docs: Add TUN device (#940) 2024-12-01 17:07:23 +01:00
renovate[bot] a4fdfbdf91 chore(deps): update qemux/qemu-docker docker tag to v6.10 (#929) 2024-11-26 20:16:47 +01:00
Kroese b84a2b60a9 feat: Additional download mirrors (#923) 2024-11-24 22:00:24 +01:00
Kroese a5b4d7760d docs: Readme (#920) 2024-11-20 13:27:15 +01:00
Kroese 2c4094b0f7 feat: Improved download method (#903) 2024-11-15 05:16:48 +01:00
Kroese 66f595d84a fix: Disable HTTP keepalives (#887) 2024-11-13 04:37:27 +01:00
Kroese 6919e36aee docs: Add Kubernetes URL (#885) 2024-11-13 03:34:45 +01:00
Kroese 658c84c55f docs: Add compatibility chart (#883) 2024-11-13 03:24:11 +01:00
Kroese 3aa2f6e128 build: Update qemu-docker to v6.07 (#882) 2024-11-13 01:12:10 +01:00
Kroese da8bbdcb47 build: Synchronize versions between platforms (#876) 2024-11-12 12:51:43 +01:00
Kroese d7fcf9a5da build: Use same version number for ARM64 build (#874) 2024-11-12 12:34:03 +01:00
Kroese bb0a0b47b8 build: Use same version number for ARM64 build (#873) 2024-11-12 12:17:51 +01:00
Kroese 7120584548 feat: Additional download mirrors (#870) 2024-11-11 18:05:59 +01:00
Kroese e292d18d32 docs: KVM troubleshooting (#865) 2024-11-11 14:13:47 +01:00
Kroese d92ac18210 docs: Fix typo (#862) 2024-11-10 11:31:54 +01:00
renovate[bot] 243b3bb5d6 chore(deps): update dockurr/windows-arm docker tag to v2.21 (#861) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-11-10 02:45:01 +01:00
Kroese 2cdb57a679 feat: Update download links (#860) 2024-11-10 00:17:00 +01:00
Kroese f1f6c640b9 docs: Version alias (#859) 2024-11-10 00:01:12 +01:00
Kroese 86a766381e feat: Support 32-bit Windows versions (#834) 2024-10-24 17:49:02 +02:00
Kroese b39507c5a4 feat: Additional aliasses (#833) 2024-10-24 12:17:09 +02:00
Kroese 80dead1446 fix: Enable USB for legacy machines (#824) 2024-10-20 16:39:42 +02:00
Kroese bc614fd233 feat: Use q35 machine type for Windows XP (#823) 2024-10-20 16:20:12 +02:00
Kroese 80c5ba2231 build: Docker lint exception (#813) 2024-10-15 00:49:05 +02:00
Kroese 760fe9a31f feat: Include ARM64 version in image (#812) 2024-10-15 00:45:28 +02:00
Kroese 01c61dd32d build: Remove ARM64 platform (#811) 2024-10-14 18:56:43 +02:00
Kroese 815a3f3c66 feat: Support multiple shared folders (#810) 2024-10-14 16:40:15 +02:00
Kroese 69b450299c fix: Continue without drivers (#809) 2024-10-14 15:23:59 +02:00
Kroese b347232ac8 feat: Check returnvalues for drivers (#807) 2024-10-14 03:26:19 +02:00
Kroese 955f8a08a0 fix: Dereference symbolic links (#806) 2024-10-14 01:03:52 +02:00
Kroese a659c1c9da feat: Use bsdtar to extract driver archive (#805) 2024-10-13 21:14:38 +02:00
Kroese 16c3a047c2 fix: Shared folder mount (#804) 2024-10-13 12:00:31 +02:00
Kroese 3cab3d1c7b feat: Extract drivers to temporary folder (#803) 2024-10-13 11:28:21 +02:00
Kroese ff55f843bd feat: Additional download mirrors (#801) 2024-10-12 19:02:03 +02:00
Kroese edb300dfec feat: Additional download mirrors (#799) 2024-10-12 18:09:13 +02:00
Kroese 9db3651654 feat: Select LTSC edition based on key (#798) 2024-10-12 16:54:35 +02:00
Kroese 0dabce04a6 docs: Features (#797) 2024-10-12 15:52:51 +02:00
Kroese 5f4c0938ac feat: Extract temporary files to RAM (#796) 2024-10-12 14:26:04 +02:00
Kroese 94a84b0c2d feat: Remove empty Windows.old folder (#793) 2024-10-11 11:33:50 +02:00
Kroese d06591f2a1 feat: Remove empty Windows.old folder (#791) 2024-10-11 01:00:07 +02:00
Kroese 5bd88a5cc8 fix: Workaround VirtIO display driver bug (#790) 2024-10-10 23:53:41 +02:00
Kroese a2208ace94 fix: Workaround VirtIO display driver bug (#788) 2024-10-10 23:15:46 +02:00
Kroese 42d4e075d8 feat: Disable SMB signing requirement (#787) 2024-10-10 21:15:18 +02:00
Kroese 89834cf6e6 docs: Frequently asked questions (#785) 2024-10-10 10:54:10 +02:00
renovate[bot] 3d3945ee4e chore(deps): update qemux/qemu-docker docker tag to v6.05 (#783) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-08 19:35:54 +02:00
Kroese f3a1ac08f8 fix: Disable Hyper-V in Windows Legacy mode (#781) 2024-10-08 14:04:03 +02:00
Kroese 427ba244ce fix: Do not store display device (#777) 2024-10-05 15:42:18 +02:00
renovate[bot] efe2a5b725 chore(deps): update qemux/qemu-docker docker tag to v6.04 (#776) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-05 14:06:07 +02:00
Kroese 27236d7352 feat: Add Windows 11 LTSC (#774) 2024-10-02 10:31:16 +02:00
Kroese 717dbf01c4 docs: Disk pass-through (#773) 2024-10-02 09:24:11 +02:00
renovate[bot] b5bef25c1a chore(deps): update qemux/qemu-docker docker tag to v6.03 (#771) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-01 20:42:25 +02:00
Kroese 73e7253218 feat: Add Windows 11 LTSC support (#770) 2024-10-01 20:33:25 +02:00
Kroese bfc24167e3 fix: Update Windows 11 LTSC download mirrors (#768) 2024-10-01 01:04:19 +02:00
renovate[bot] 34d6fa73f5 chore(deps): update qemux/qemu-docker docker tag to v6.02 (#759) 2024-09-27 14:51:16 +02:00
Kroese c8f0d87453 fix: Missing x86 drivers for Windows XP (#755) 2024-09-25 15:58:12 +02:00
Kroese b2251a4cc0 build: Update VirtIO drivers to v1.9.43 (#741) 2024-09-17 23:14:23 +02:00
Kroese a1e4ed160a feat: Support Windows Server 2025 (#740) 2024-09-14 23:13:14 +02:00
Kroese a2a8ad8243 fix: Update download mirrors (#729) 2024-09-05 20:03:34 +02:00
82 changed files with 4345 additions and 2345 deletions
Expand all files Collapse all files
.devcontainer/010 - Windows 11 Enterprise/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Windows 11 Enterprise",
"service": "windows",
"containerEnv": {
"VERSION": "11e"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "../codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.devcontainer/020 - Windows 11 LTSC/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Windows 11 LTSC",
"service": "windows",
"containerEnv": {
"VERSION": "11l"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "../codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.devcontainer/030 - Windows 10 Pro/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Windows 10 Pro",
"service": "windows",
"containerEnv": {
"VERSION": "10"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "../codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.devcontainer/040 - Windows 10 Enterprise/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Windows 10 Enterprise",
"service": "windows",
"containerEnv": {
"VERSION": "10e"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "../codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.devcontainer/050 - Windows 10 LTSC/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Windows 10 LTSC",
"service": "windows",
"containerEnv": {
"VERSION": "10l"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "../codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.devcontainer/060 - Windows 8.1 Enterprise/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Windows 8.1 Enterprise",
"service": "windows",
"containerEnv": {
"VERSION": "8e"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "../codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.devcontainer/070 - Windows 7 Ultimate/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Windows 7 Ultimate",
"service": "windows",
"containerEnv": {
"VERSION": "7u"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "../codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.devcontainer/080 - Windows Vista Ultimate/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Windows Vista Ultimate",
"service": "windows",
"containerEnv": {
"VERSION": "vu"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "../codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.devcontainer/090 - Windows XP Professional/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Windows XP Professional",
"service": "windows",
"containerEnv": {
"VERSION": "xp"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "../codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.devcontainer/100 - Windows 2000 Professional/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Windows 2000 Professional",
"service": "windows",
"containerEnv": {
"VERSION": "2k"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "../codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.devcontainer/110 - Windows Server 2025/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Windows Server 2025",
"service": "windows",
"containerEnv": {
"VERSION": "2025"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "../codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.devcontainer/120 - Windows Server 2022/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Windows Server 2022",
"service": "windows",
"containerEnv": {
"VERSION": "2022"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "../codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.devcontainer/130 - Windows Server 2019/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Windows Server 2019",
"service": "windows",
"containerEnv": {
"VERSION": "2019"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "../codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.devcontainer/140 - Windows Server 2016/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Windows Server 2016",
"service": "windows",
"containerEnv": {
"VERSION": "2016"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "../codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.devcontainer/150 - Windows Server 2012 R2/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Windows Server 2012 R2",
"service": "windows",
"containerEnv": {
"VERSION": "2012"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "../codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.devcontainer/160 - Windows Server 2008 R2/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Windows Server 2008 R2",
"service": "windows",
"containerEnv": {
"VERSION": "2008"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "../codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.devcontainer/170 - Windows Server 2003/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Windows Server 2003",
"service": "windows",
"containerEnv": {
"VERSION": "2003"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "../codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.devcontainer/180 - Tiny11/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Tiny11",
"service": "windows",
"containerEnv": {
"VERSION": "tiny11"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "../codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.devcontainer/190 - Tiny11 Core/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Tiny11 Core",
"service": "windows",
"containerEnv": {
"VERSION": "core11"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "../codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.devcontainer/200 - Tiny11 Nano/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Tiny11 Nano",
"service": "windows",
"containerEnv": {
"VERSION": "nano11"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "../codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.devcontainer/210 - Tiny10/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Tiny10",
"service": "windows",
"containerEnv": {
"VERSION": "tiny10"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "../codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.devcontainer/codespaces.yml
+21
View File
@@ -0,0 +1,21 @@
services:
windows:
container_name: windows
image: ghcr.io/dockur/windows
environment:
RAM_SIZE: "half"
DISK_SIZE: "max"
CPU_CORES: "max"
devices:
- /dev/kvm
- /dev/net/tun
cap_add:
- NET_ADMIN
ports:
- 8006:8006
- 3389:3389/tcp
- 3389:3389/udp
volumes:
- ./windows:/storage
restart: on-failure
stop_grace_period: 2m
.devcontainer/devcontainer.json
+19
View File
@@ -0,0 +1,19 @@
{
"name": "Windows 11 Pro",
"service": "windows",
"containerEnv": {
"VERSION": "11"
},
"forwardPorts": [8006],
"portsAttributes": {
"8006": {
"label": "Web",
"onAutoForward": "notify"
}
},
"otherPortsAttributes": {
"onAutoForward": "ignore"
},
"dockerComposeFile": "codespaces.yml",
"initializeCommand": "docker system prune --all --force"
}
.dockerignore
+1
View File
@@ -1,4 +1,5 @@
.dockerignore
.devcontainer
.git
.github
.gitignore
.github/ISSUE_TEMPLATE/1-issue.yml
+2
View File
@@ -21,6 +21,7 @@ body:
attributes:
label: Docker compose
description: The compose file (or otherwise the `docker run` command used).
render: yaml
validations:
required: true
- type: textarea
@@ -28,6 +29,7 @@ body:
attributes:
label: Docker log
description: The logfile of the container (as shown by `docker logs windows`).
render: shell
validations:
required: true
- type: textarea
.github/ISSUE_TEMPLATE/3-bug.yml
+2
View File
@@ -23,6 +23,7 @@ body:
attributes:
label: Docker compose
description: The compose file (or otherwise the `docker run` command used).
render: yaml
validations:
required: true
- type: textarea
@@ -30,6 +31,7 @@ body:
attributes:
label: Docker log
description: The logfile of the container (as shown by `docker logs windows`).
render: shell
validations:
required: true
- type: textarea
.github/winboat.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 22 KiB

.github/workflows/build.yml
+6 -16
View File
@@ -2,16 +2,6 @@ name: Build
on:
workflow_dispatch:
push:
branches:
- master
paths-ignore:
- '**/*.md'
- '**/*.yml'
- '.gitignore'
- '.dockerignore'
- '.github/**'
- '.github/workflows/**'
concurrency:
group: build
@@ -32,13 +22,13 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@v6
with:
fetch-depth: 0
-
name: Docker metadata
id: meta
uses: docker/metadata-action@v5
uses: docker/metadata-action@v6
with:
context: git
images: |
@@ -53,23 +43,23 @@ jobs:
DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@v4
-
name: Login into Docker Hub
uses: docker/login-action@v3
uses: docker/login-action@v4
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Login to GitHub Container Registry
uses: docker/login-action@v3
uses: docker/login-action@v4
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
-
name: Build Docker image
uses: docker/build-push-action@v6
uses: docker/build-push-action@v7
with:
context: .
push: true
.github/workflows/check.yml
+18 -8
View File
@@ -7,19 +7,29 @@ jobs:
name: shellcheck
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run ShellCheck
-
name: Checkout
uses: actions/checkout@v6
-
name: Run ShellCheck
uses: ludeeus/action-shellcheck@master
env:
SHELLCHECK_OPTS: -x --source-path=src -e SC1091 -e SC2001 -e SC2002 -e SC2034 -e SC2064 -e SC2153 -e SC2317 -e SC2028
- name: Validate XML
-
name: Lint Dockerfile
uses: hadolint/hadolint-action@v3.3.0
with:
dockerfile: Dockerfile
ignore: DL3006,DL3008
failure-threshold: warning
-
name: Validate XML
uses: action-pack/valid-xml@v1
with:
path: "assets"
file-endings: ".xml"
- name: Lint Dockerfile
uses: hadolint/hadolint-action@v3.1.0
-
name: Validate JSON and YML files
uses: GrantBirki/json-yaml-validate@v5.0.0
with:
dockerfile: Dockerfile
ignore: DL3008
failure-threshold: warning
yaml_exclude_regex: ".*\\kubernetes\\.yml$"
.github/workflows/hub.yml
+12 -10
View File
@@ -12,13 +12,15 @@ jobs:
dockerHubDescription:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
-
name: Docker Hub Description
uses: peter-evans/dockerhub-description@v4
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
repository: ${{ secrets.DOCKERHUB_REPO }}
short-description: ${{ github.event.repository.description }}
readme-filepath: ./readme.md
-
name: Checkout repo
uses: actions/checkout@v6
-
name: Docker Hub Description
uses: peter-evans/dockerhub-description@v5
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
repository: ${{ secrets.DOCKERHUB_REPO }}
short-description: ${{ github.event.repository.description }}
readme-filepath: ./readme.md
.github/workflows/links.yml
+67
View File
@@ -0,0 +1,67 @@
name: Links
on:
workflow_dispatch:
concurrency:
group: links
cancel-in-progress: false
jobs:
links:
name: Links
runs-on: ubuntu-latest
permissions:
actions: read
packages: read
contents: read
steps:
-
name: Checkout
uses: actions/checkout@v6
with:
fetch-depth: 0
-
name: Validate Links
run: |
errors=0
count=0
host=""
declare -A seen
wget https://github.com/lwthiker/curl-impersonate/releases/download/v0.6.1/curl-impersonate-v0.6.1.x86_64-linux-gnu.tar.gz
tar -xzf curl-impersonate-v0.6.1.x86_64-linux-gnu.tar.gz
sudo cp curl-impersonate-ff /usr/local/bin/
check() {
local url="$1" http
http=$(curl-impersonate-ff -sSL -o /dev/null -w "%{http_code}" --max-time 10 -I -- "$url" 2>&1) || http="000"
[[ "$http" == 2* ]] && return 0
http=$(curl-impersonate-ff -sSL -o /dev/null -w "%{http_code}" --max-time 10 -r "0-0" -- "$url" 2>&1) || http="000"
[[ "$http" == 2* ]]
}
while IFS= read -r line; do
if [[ "$line" =~ ^[[:space:]]*local[[:space:]]+host=\"(https://[^\"]+)\" ]]; then
host="${BASH_REMATCH[1]%/}"
continue
fi
[[ "$line" =~ ^[[:space:]]*url=\"(.+)\" ]] || continue
val="${BASH_REMATCH[1]#/}"
if [[ "$val" == https://* ]]; then
url="$val"
elif [[ -n "$host" ]]; then
url="$host/$val"
else
continue
fi
[[ -v seen[$url] ]] && continue
seen[$url]=1
count=$((count + 1))
if check "$url"; then
echo " OK: $url"
else
echo "FAIL: $url"
errors=$((errors + 1))
fi
done < "src/define.sh"
echo ""
printf '%d/%d links valid\n' "$(( count - errors ))" "$count"
(( errors == 0 ))
.github/workflows/review.yml
+66
View File
@@ -0,0 +1,66 @@
on:
pull_request:
name: "Review"
permissions:
contents: read
pull-requests: write
checks: write
jobs:
review:
name: review
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v6
-
name: Spelling
uses: reviewdog/action-misspell@v1
with:
locale: "US"
level: warning
pattern: |
*.md
*.sh
reporter: github-pr-review
github_token: ${{ secrets.GITHUB_TOKEN }}
-
name: Hadolint
uses: reviewdog/action-hadolint@v1
with:
level: warning
reporter: github-pr-review
hadolint_ignore: DL3006 DL3008
github_token: ${{ secrets.GITHUB_TOKEN }}
-
name: YamlLint
uses: reviewdog/action-yamllint@v1
with:
level: warning
reporter: github-pr-review
github_token: ${{ secrets.GITHUB_TOKEN }}
-
name: ActionLint
uses: reviewdog/action-actionlint@v1
with:
level: warning
reporter: github-pr-review
github_token: ${{ secrets.GITHUB_TOKEN }}
-
name: Shellformat
uses: reviewdog/action-shfmt@v1
with:
level: warning
shfmt_flags: "-i 2 -ci -bn"
github_token: ${{ secrets.GITHUB_TOKEN }}
-
name: Shellcheck
uses: reviewdog/action-shellcheck@v1
with:
level: warning
reporter: github-pr-review
shellcheck_flags: -x -e SC1091 -e SC2001 -e SC2002 -e SC2034 -e SC2064 -e SC2153 -e SC2317 -e SC2028
github_token: ${{ secrets.GITHUB_TOKEN }}
.github/workflows/test.yml
-6
View File
@@ -1,12 +1,6 @@
on:
workflow_dispatch:
pull_request:
paths:
- '**/*.sh'
- '**/*.xml'
- '.github/workflows/test.yml'
- '.github/workflows/check.yml'
- 'Dockerfile'
name: "Test"
permissions: {}
Dockerfile
+23 -15
View File
@@ -1,7 +1,14 @@
FROM scratch
COPY --from=qemux/qemu-docker:5.18 / /
# syntax=docker/dockerfile:1
ARG VERSION_ARG="latest"
FROM scratch AS build-amd64
COPY --from=qemux/qemu:7.30 / /
ARG TARGETARCH
ARG VERSION_WSDD="1.24"
ARG VERSION_VIRTIO="1.9.57"
ARG VERSION_ARG="0.0"
ARG DEBCONF_NOWARNINGS="yes"
ARG DEBIAN_FRONTEND="noninteractive"
ARG DEBCONF_NONINTERACTIVE_SEEN="true"
@@ -9,33 +16,34 @@ ARG DEBCONF_NONINTERACTIVE_SEEN="true"
RUN set -eu && \
apt-get update && \
apt-get --no-install-recommends -y install \
bc \
curl \
7zip \
wsdd \
samba \
xz-utils \
wimtools \
dos2unix \
cabextract \
genisoimage \
libxml2-utils && \
libxml2-utils \
libarchive-tools && \
wget "https://github.com/gershnik/wsdd-native/releases/download/v${VERSION_WSDD}/wsddn_${VERSION_WSDD}_${TARGETARCH}.deb" -O /tmp/wsddn.deb -q && \
dpkg -i /tmp/wsddn.deb && \
apt-get clean && \
echo "$VERSION_ARG" > /run/version && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
COPY --chmod=755 ./src /run/
COPY --chmod=755 ./assets /run/assets
ADD --chmod=755 https://raw.githubusercontent.com/christgau/wsdd/v0.8/src/wsdd.py /usr/sbin/wsdd
ADD --chmod=664 https://github.com/qemus/virtiso/releases/download/v0.1.262/virtio-win-0.1.262.tar.xz /drivers.txz
ADD --chmod=664 https://github.com/qemus/virtiso-whql/releases/download/v${VERSION_VIRTIO}-0/virtio-win-${VERSION_VIRTIO}.tar.xz /var/drivers.txz
FROM dockurr/windows-arm:${VERSION_ARG} AS build-arm64
FROM build-${TARGETARCH}
ARG VERSION_ARG="0.00"
RUN echo "$VERSION_ARG" > /run/version
EXPOSE 8006 3389
VOLUME /storage
EXPOSE 3389 8006
ENV VERSION="11"
ENV RAM_SIZE="4G"
ENV CPU_CORES="2"
ENV DISK_SIZE="64G"
ENV VERSION="win11"
ENTRYPOINT ["/usr/bin/tini", "-s", "/run/entry.sh"]
assets/win10x64-enterprise-eval.xml
+37 -17
View File
@@ -246,6 +246,11 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>26</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -323,11 +328,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -360,61 +360,81 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>9</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Hide Copilot button</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<Order>11</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>11</Order>
<Order>12</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<Order>13</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<Order>14</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Search from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>18</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<Order>19</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<Order>20</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<Order>21</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>22</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<Order>23</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>24</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win10x64-enterprise.xml
+37 -17
View File
@@ -249,6 +249,11 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>26</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -326,11 +331,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -363,61 +363,81 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>9</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Hide Copilot button</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<Order>11</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>11</Order>
<Order>12</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<Order>13</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<Order>14</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Search from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>18</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<Order>19</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<Order>20</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<Order>21</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>22</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<Order>23</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>24</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win10x64-iot.xml
+37 -17
View File
@@ -255,6 +255,11 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>26</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -332,11 +337,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -369,61 +369,81 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>9</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Hide Copilot button</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<Order>11</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>11</Order>
<Order>12</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<Order>13</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<Order>14</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Search from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>18</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<Order>19</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<Order>20</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<Order>21</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>22</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<Order>23</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>24</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win10x64-ltsc.xml
+37 -17
View File
@@ -252,6 +252,11 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>26</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -329,11 +334,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -366,61 +366,81 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>9</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Hide Copilot button</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<Order>11</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>11</Order>
<Order>12</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<Order>13</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<Order>14</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Search from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>18</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<Order>19</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<Order>20</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<Order>21</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>22</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<Order>23</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>24</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win10x64.xml
+37 -17
View File
@@ -249,6 +249,11 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>26</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -326,11 +331,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -363,61 +363,81 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>9</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Hide Copilot button</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<Order>11</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>11</Order>
<Order>12</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<Order>13</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<Order>14</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Search from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>18</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<Order>19</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<Order>20</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<Order>21</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>22</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<Order>23</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>24</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win11x64-enterprise-eval.xml
+52 -22
View File
@@ -264,6 +264,16 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>26</Order>
<Path>pnputil -i -a C:\Windows\Drivers\viogpudo\viogpudo.inf</Path>
<Description>Install VirtIO display driver</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>27</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -343,101 +353,121 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "RequireSecuritySignature" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable SMB signing requirement</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<Order>4</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Enable option for passwordless sign-in</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>4</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
<Order>5</Order>
<CommandLine>powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoProfile -NonInteractive set-localuser -name "Docker" -passwordneverexpires 1</CommandLine>
<Description>Password Never Expires</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>5</Order>
<Order>6</Order>
<CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>6</Order>
<Order>7</Order>
<CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
<Description>Disable monitor blanking</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>7</Order>
<Order>8</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>8</Order>
<Order>9</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Hide Copilot button</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>9</Order>
<Order>11</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<Order>12</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>11</Order>
<Order>13</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<Order>14</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<Order>15</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>18</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>19</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<Order>20</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<Order>21</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<Order>22</Order>
<CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV1 /d 0 /t REG_DWORD /f</CommandLine>
<Description>Disable unsupported hardware notifications</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<Order>23</Order>
<CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV2 /d 0 /t REG_DWORD /f</CommandLine>
<Description>Disable unsupported hardware notifications</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<Order>24</Order>
<CommandLine>cmd /C rd /q C:\Windows.old</CommandLine>
<Description>Remove empty Windows.old folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>25</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>26</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win11x64-enterprise.xml
+52 -22
View File
@@ -267,6 +267,16 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>26</Order>
<Path>pnputil -i -a C:\Windows\Drivers\viogpudo\viogpudo.inf</Path>
<Description>Install VirtIO display driver</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>27</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -346,101 +356,121 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "RequireSecuritySignature" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable SMB signing requirement</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<Order>4</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Enable option for passwordless sign-in</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>4</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
<Order>5</Order>
<CommandLine>powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoProfile -NonInteractive set-localuser -name "Docker" -passwordneverexpires 1</CommandLine>
<Description>Password Never Expires</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>5</Order>
<Order>6</Order>
<CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>6</Order>
<Order>7</Order>
<CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
<Description>Disable monitor blanking</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>7</Order>
<Order>8</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>8</Order>
<Order>9</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Hide Copilot button</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>9</Order>
<Order>11</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<Order>12</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>11</Order>
<Order>13</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<Order>14</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<Order>15</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>18</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>19</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<Order>20</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<Order>21</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<Order>22</Order>
<CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV1 /d 0 /t REG_DWORD /f</CommandLine>
<Description>Disable unsupported hardware notifications</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<Order>23</Order>
<CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV2 /d 0 /t REG_DWORD /f</CommandLine>
<Description>Disable unsupported hardware notifications</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<Order>24</Order>
<CommandLine>cmd /C rd /q C:\Windows.old</CommandLine>
<Description>Remove empty Windows.old folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>25</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>26</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win11x64-iot.xml
+55 -28
View File
@@ -61,12 +61,6 @@
</DiskConfiguration>
<ImageInstall>
<OSImage>
<InstallFrom>
<MetaData wcm:action="add">
<Key>/image/index</Key>
<Value>2</Value>
</MetaData>
</InstallFrom>
<InstallTo>
<DiskID>0</DiskID>
<PartitionID>3</PartitionID>
@@ -86,6 +80,9 @@
<AcceptEula>true</AcceptEula>
<FullName>Docker</FullName>
<Organization>Windows for Docker</Organization>
<ProductKey>
<Key>CGK42-GYN6Y-VD22B-BX98W-J8JXD</Key>
</ProductKey>
</UserData>
<EnableFirewall>false</EnableFirewall>
<Diagnostics>
@@ -270,6 +267,16 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>26</Order>
<Path>pnputil -i -a C:\Windows\Drivers\viogpudo\viogpudo.inf</Path>
<Description>Install VirtIO display driver</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>27</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -349,101 +356,121 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "RequireSecuritySignature" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable SMB signing requirement</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<Order>4</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Enable option for passwordless sign-in</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>4</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
<Order>5</Order>
<CommandLine>powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoProfile -NonInteractive set-localuser -name "Docker" -passwordneverexpires 1</CommandLine>
<Description>Password Never Expires</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>5</Order>
<Order>6</Order>
<CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>6</Order>
<Order>7</Order>
<CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
<Description>Disable monitor blanking</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>7</Order>
<Order>8</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>8</Order>
<Order>9</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Hide Copilot button</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>9</Order>
<Order>11</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<Order>12</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>11</Order>
<Order>13</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<Order>14</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<Order>15</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>18</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>19</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<Order>20</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<Order>21</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<Order>22</Order>
<CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV1 /d 0 /t REG_DWORD /f</CommandLine>
<Description>Disable unsupported hardware notifications</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<Order>23</Order>
<CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV2 /d 0 /t REG_DWORD /f</CommandLine>
<Description>Disable unsupported hardware notifications</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<Order>24</Order>
<CommandLine>cmd /C rd /q C:\Windows.old</CommandLine>
<Description>Remove empty Windows.old folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>25</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>26</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win11x64-ltsc.xml
+55 -28
View File
@@ -61,12 +61,6 @@
</DiskConfiguration>
<ImageInstall>
<OSImage>
<InstallFrom>
<MetaData wcm:action="add">
<Key>/image/index</Key>
<Value>1</Value>
</MetaData>
</InstallFrom>
<InstallTo>
<DiskID>0</DiskID>
<PartitionID>3</PartitionID>
@@ -86,6 +80,9 @@
<AcceptEula>true</AcceptEula>
<FullName>Docker</FullName>
<Organization>Windows for Docker</Organization>
<ProductKey>
<Key>M7XTQ-FN8P6-TTKYV-9D4CC-J462D</Key>
</ProductKey>
</UserData>
<EnableFirewall>false</EnableFirewall>
<Diagnostics>
@@ -270,6 +267,16 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>26</Order>
<Path>pnputil -i -a C:\Windows\Drivers\viogpudo\viogpudo.inf</Path>
<Description>Install VirtIO display driver</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>27</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -349,101 +356,121 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "RequireSecuritySignature" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable SMB signing requirement</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<Order>4</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Enable option for passwordless sign-in</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>4</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
<Order>5</Order>
<CommandLine>powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoProfile -NonInteractive set-localuser -name "Docker" -passwordneverexpires 1</CommandLine>
<Description>Password Never Expires</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>5</Order>
<Order>6</Order>
<CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>6</Order>
<Order>7</Order>
<CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
<Description>Disable monitor blanking</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>7</Order>
<Order>8</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>8</Order>
<Order>9</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Hide Copilot button</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>9</Order>
<Order>11</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<Order>12</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>11</Order>
<Order>13</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<Order>14</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<Order>15</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>18</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>19</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<Order>20</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<Order>21</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<Order>22</Order>
<CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV1 /d 0 /t REG_DWORD /f</CommandLine>
<Description>Disable unsupported hardware notifications</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<Order>23</Order>
<CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV2 /d 0 /t REG_DWORD /f</CommandLine>
<Description>Disable unsupported hardware notifications</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<Order>24</Order>
<CommandLine>cmd /C rd /q C:\Windows.old</CommandLine>
<Description>Remove empty Windows.old folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>25</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>26</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win11x64.xml
+52 -22
View File
@@ -267,6 +267,16 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>26</Order>
<Path>pnputil -i -a C:\Windows\Drivers\viogpudo\viogpudo.inf</Path>
<Description>Install VirtIO display driver</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>27</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -346,101 +356,121 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "RequireSecuritySignature" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable SMB signing requirement</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<Order>4</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Enable option for passwordless sign-in</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>4</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
<Order>5</Order>
<CommandLine>powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoProfile -NonInteractive set-localuser -name "Docker" -passwordneverexpires 1</CommandLine>
<Description>Password Never Expires</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>5</Order>
<Order>6</Order>
<CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>6</Order>
<Order>7</Order>
<CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
<Description>Disable monitor blanking</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>7</Order>
<Order>8</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>8</Order>
<Order>9</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Hide Copilot button</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>9</Order>
<Order>11</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<Order>12</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>11</Order>
<Order>13</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<Order>14</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<Order>15</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>18</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>19</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<Order>20</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<Order>21</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<Order>22</Order>
<CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV1 /d 0 /t REG_DWORD /f</CommandLine>
<Description>Disable unsupported hardware notifications</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<Order>23</Order>
<CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV2 /d 0 /t REG_DWORD /f</CommandLine>
<Description>Disable unsupported hardware notifications</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<Order>24</Order>
<CommandLine>cmd /C rd /q C:\Windows.old</CommandLine>
<Description>Remove empty Windows.old folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>25</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>26</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win2008r2-eval.xml
+23 -9
View File
@@ -154,6 +154,15 @@
</FirewallGroup>
</FirewallGroups>
</component>
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Order>1</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -203,11 +212,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -271,25 +275,35 @@
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<Order>18</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<Order>19</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<Order>20</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win2008r2.xml
+23 -9
View File
@@ -157,6 +157,15 @@
</FirewallGroup>
</FirewallGroups>
</component>
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Order>1</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -206,11 +215,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -274,25 +278,35 @@
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<Order>18</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<Order>19</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<Order>20</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win2012r2-eval.xml
+24 -9
View File
@@ -155,6 +155,11 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>2</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -236,11 +241,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -289,25 +289,40 @@
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>15</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>16</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>18</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win2012r2.xml
+24 -9
View File
@@ -158,6 +158,11 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>2</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -239,11 +244,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -292,25 +292,40 @@
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>15</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>16</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>18</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win2016-eval.xml
+28 -13
View File
@@ -155,6 +155,11 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>2</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -236,11 +241,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -289,45 +289,60 @@
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Search from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>15</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<Order>18</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<Order>19</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<Order>20</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<Order>22</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>23</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win2016.xml
+28 -13
View File
@@ -158,6 +158,11 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>2</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -239,11 +244,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -292,45 +292,60 @@
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Search from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>15</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<Order>18</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<Order>19</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<Order>20</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<Order>22</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>23</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win2019-eval.xml
+28 -13
View File
@@ -159,6 +159,11 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>2</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -240,11 +245,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -293,45 +293,60 @@
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Search from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>15</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<Order>18</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<Order>19</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<Order>20</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<Order>22</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>23</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win2019-hv.xml
+361
View File
@@ -0,0 +1,361 @@
<?xml version="1.0" encoding="UTF-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
<settings pass="windowsPE">
<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<SetupUILanguage>
<UILanguage>en-US</UILanguage>
</SetupUILanguage>
<InputLocale>0409:00000409</InputLocale>
<SystemLocale>en-US</SystemLocale>
<UILanguage>en-US</UILanguage>
<UILanguageFallback>en-US</UILanguageFallback>
<UserLocale>en-US</UserLocale>
</component>
<component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<DiskConfiguration>
<Disk wcm:action="add">
<DiskID>0</DiskID>
<WillWipeDisk>true</WillWipeDisk>
<CreatePartitions>
<!-- System partition (ESP) -->
<CreatePartition wcm:action="add">
<Order>1</Order>
<Type>EFI</Type>
<Size>128</Size>
</CreatePartition>
<!-- Microsoft reserved partition (MSR) -->
<CreatePartition wcm:action="add">
<Order>2</Order>
<Type>MSR</Type>
<Size>128</Size>
</CreatePartition>
<!-- Windows partition -->
<CreatePartition wcm:action="add">
<Order>3</Order>
<Type>Primary</Type>
<Extend>true</Extend>
</CreatePartition>
</CreatePartitions>
<ModifyPartitions>
<!-- System partition (ESP) -->
<ModifyPartition wcm:action="add">
<Order>1</Order>
<PartitionID>1</PartitionID>
<Label>System</Label>
<Format>FAT32</Format>
</ModifyPartition>
<!-- MSR partition does not need to be modified -->
<ModifyPartition wcm:action="add">
<Order>2</Order>
<PartitionID>2</PartitionID>
</ModifyPartition>
<!-- Windows partition -->
<ModifyPartition wcm:action="add">
<Order>3</Order>
<PartitionID>3</PartitionID>
<Label>Windows</Label>
<Letter>C</Letter>
<Format>NTFS</Format>
</ModifyPartition>
</ModifyPartitions>
</Disk>
</DiskConfiguration>
<ImageInstall>
<OSImage>
<InstallFrom>
<MetaData wcm:action="add">
<Key>/IMAGE/NAME</Key>
<Value>Hyper-V Server 2019 SERVERHYPERCORE</Value>
</MetaData>
</InstallFrom>
<InstallTo>
<DiskID>0</DiskID>
<PartitionID>3</PartitionID>
</InstallTo>
<WillShowUI>OnError</WillShowUI>
<InstallToAvailablePartition>false</InstallToAvailablePartition>
</OSImage>
</ImageInstall>
<DynamicUpdate>
<Enable>true</Enable>
<WillShowUI>Never</WillShowUI>
</DynamicUpdate>
<UpgradeData>
<Upgrade>false</Upgrade>
<WillShowUI>Never</WillShowUI>
</UpgradeData>
<UserData>
<AcceptEula>true</AcceptEula>
<FullName>Docker</FullName>
<Organization>Windows for Docker</Organization>
</UserData>
<EnableFirewall>false</EnableFirewall>
<Diagnostics>
<OptIn>false</OptIn>
</Diagnostics>
</component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<EnableLUA>false</EnableLUA>
</component>
</settings>
<settings pass="generalize">
<component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
</component>
<component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<SkipRearm>1</SkipRearm>
</component>
</settings>
<settings pass="specialize">
<component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<SkipAutoActivation>true</SkipAutoActivation>
</component>
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<ComputerName>*</ComputerName>
<OEMInformation>
<Manufacturer>Dockur</Manufacturer>
<Model>Windows for Docker</Model>
<SupportHours>24/7</SupportHours>
<SupportPhone />
<SupportProvider>Dockur</SupportProvider>
<SupportURL>https://github.com/dockur/windows/issues</SupportURL>
</OEMInformation>
<OEMName>Windows for Docker</OEMName>
</component>
<component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<DisableWER>1</DisableWER>
</component>
<component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<DisableAccelerators>true</DisableAccelerators>
<DisableFirstRunWizard>true</DisableFirstRunWizard>
<Home_Page>https://google.com</Home_Page>
<Help_Page>about:blank</Help_Page>
</component>
<component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<DisableAccelerators>true</DisableAccelerators>
<DisableFirstRunWizard>true</DisableFirstRunWizard>
<Home_Page>https://google.com</Home_Page>
<Help_Page>about:blank</Help_Page>
</component>
<component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<CEIPEnabled>0</CEIPEnabled>
</component>
<component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<DisableSR>1</DisableSR>
</component>
<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<InputLocale>0409:00000409</InputLocale>
<SystemLocale>en-US</SystemLocale>
<UILanguage>en-US</UILanguage>
<UILanguageFallback>en-US</UILanguageFallback>
<UserLocale>en-US</UserLocale>
</component>
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Order>1</Order>
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>2</Order>
<Path>dism.exe /online /Disable-Feature /FeatureName:Microsoft-Hyper-V /NoRestart</Path>
<Description>Disable Hyper-V role</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>3</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
</component>
<component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<fDenyTSConnections>false</fDenyTSConnections>
</component>
<component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<UserAuthentication>0</UserAuthentication>
</component>
<component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<FirewallGroups>
<FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
<Active>true</Active>
<Profile>all</Profile>
<Group>@FirewallAPI.dll,-28752</Group>
</FirewallGroup>
</FirewallGroups>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<PreventDeviceEncryption>true</PreventDeviceEncryption>
</component>
<component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
</component>
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<UserAccounts>
<LocalAccounts>
<LocalAccount wcm:action="add">
<Name>Docker</Name>
<Group>Administrators</Group>
<Password>
<Value />
<PlainText>true</PlainText>
</Password>
</LocalAccount>
</LocalAccounts>
<AdministratorPassword>
<Value>password</Value>
<PlainText>true</PlainText>
</AdministratorPassword>
</UserAccounts>
<AutoLogon>
<Username>Docker</Username>
<Enabled>true</Enabled>
<LogonCount>65432</LogonCount>
<Password>
<Value />
<PlainText>true</PlainText>
</Password>
</AutoLogon>
<Display>
<ColorDepth>32</ColorDepth>
<HorizontalResolution>1920</HorizontalResolution>
<VerticalResolution>1080</VerticalResolution>
</Display>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideLocalAccountScreen>true</HideLocalAccountScreen>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
<NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>3</ProtectYourPC>
<SkipUserOOBE>true</SkipUserOOBE>
<SkipMachineOOBE>true</SkipMachineOOBE>
</OOBE>
<RegisteredOrganization>Dockur</RegisteredOrganization>
<RegisteredOwner>Windows for Docker</RegisteredOwner>
<FirstLogonCommands>
<SynchronousCommand wcm:action="add">
<Order>1</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Enable option for passwordless sign-in</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>4</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
<Description>Password Never Expires</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>5</Order>
<CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>6</Order>
<CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
<Description>Disable monitor blanking</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>7</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>8</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>9</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>11</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Search from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>22</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>23</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
</FirstLogonCommands>
</component>
</settings>
</unattend>
assets/win2019.xml
+28 -13
View File
@@ -162,6 +162,11 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>2</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -243,11 +248,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -296,45 +296,60 @@
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Search from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>15</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<Order>18</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<Order>19</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<Order>20</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<Order>22</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>23</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win2022-eval.xml
+28 -13
View File
@@ -159,6 +159,11 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>2</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -240,11 +245,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -293,45 +293,60 @@
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Search from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>15</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<Order>18</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<Order>19</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<Order>20</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<Order>22</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>23</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win2022.xml
+28 -13
View File
@@ -162,6 +162,11 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>2</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -243,11 +248,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -296,45 +296,60 @@
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Search from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>15</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<Order>18</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<Order>19</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<Order>20</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<Order>22</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>23</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win2025-eval.xml
+48 -23
View File
@@ -159,6 +159,16 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>2</Order>
<Path>pnputil -i -a C:\Windows\Drivers\viogpudo\viogpudo.inf</Path>
<Description>Install VirtIO display driver</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>4</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -242,96 +252,111 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "RequireSecuritySignature" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable SMB signing requirement</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<Order>4</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Enable option for passwordless sign-in</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>4</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
<Order>5</Order>
<CommandLine>powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoProfile -NonInteractive set-localuser -name "Docker" -passwordneverexpires 1</CommandLine>
<Description>Password Never Expires</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>5</Order>
<Order>6</Order>
<CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>6</Order>
<Order>7</Order>
<CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
<Description>Disable monitor blanking</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>7</Order>
<Order>8</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>8</Order>
<Order>9</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Hide Copilot button</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>9</Order>
<Order>11</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<Order>12</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>11</Order>
<Order>13</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<Order>14</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Search from the Taskbar</Description>
<Order>15</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>18</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<Order>19</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<Order>20</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<Order>21</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<Order>22</Order>
<CommandLine>cmd /C rd /q C:\Windows.old</CommandLine>
<Description>Remove empty Windows.old folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>23</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>24</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win2025.xml
+48 -23
View File
@@ -162,6 +162,16 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>2</Order>
<Path>pnputil -i -a C:\Windows\Drivers\viogpudo\viogpudo.inf</Path>
<Description>Install VirtIO display driver</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>4</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -245,96 +255,111 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "RequireSecuritySignature" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable SMB signing requirement</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<Order>4</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Enable option for passwordless sign-in</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>4</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
<Order>5</Order>
<CommandLine>powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoProfile -NonInteractive set-localuser -name "Docker" -passwordneverexpires 1</CommandLine>
<Description>Password Never Expires</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>5</Order>
<Order>6</Order>
<CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>6</Order>
<Order>7</Order>
<CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
<Description>Disable monitor blanking</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>7</Order>
<Order>8</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>8</Order>
<Order>9</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Hide Copilot button</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>9</Order>
<Order>11</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<Order>12</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>11</Order>
<Order>13</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<Order>14</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Search from the Taskbar</Description>
<Order>15</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>18</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<Order>19</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<Order>20</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<Order>21</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<Order>22</Order>
<CommandLine>cmd /C rd /q C:\Windows.old</CommandLine>
<Description>Remove empty Windows.old folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>23</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>24</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win7x64-enterprise-eval.xml
+292
View File
@@ -0,0 +1,292 @@
<?xml version="1.0" encoding="UTF-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
<settings pass="windowsPE">
<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<SetupUILanguage>
<UILanguage>en-US</UILanguage>
</SetupUILanguage>
<InputLocale>0409:00000409</InputLocale>
<SystemLocale>en-US</SystemLocale>
<UILanguage>en-US</UILanguage>
<UserLocale>en-US</UserLocale>
</component>
<component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<DiskConfiguration>
<WillShowUI>OnError</WillShowUI>
<Disk wcm:action="add">
<DiskID>0</DiskID>
<WillWipeDisk>true</WillWipeDisk>
<CreatePartitions>
<CreatePartition wcm:action="add">
<Order>1</Order>
<Type>Primary</Type>
<Size>100</Size>
</CreatePartition>
<CreatePartition wcm:action="add">
<Order>2</Order>
<Type>Primary</Type>
<Extend>true</Extend>
</CreatePartition>
</CreatePartitions>
<ModifyPartitions>
<ModifyPartition wcm:action="add">
<Format>NTFS</Format>
<Label>System Reserved</Label>
<Order>1</Order>
<Active>true</Active>
<PartitionID>1</PartitionID>
<TypeID>0x27</TypeID>
</ModifyPartition>
<ModifyPartition wcm:action="add">
<Active>true</Active>
<Format>NTFS</Format>
<Label>Windows</Label>
<Letter>C</Letter>
<Order>2</Order>
<PartitionID>2</PartitionID>
</ModifyPartition>
</ModifyPartitions>
</Disk>
</DiskConfiguration>
<ImageInstall>
<OSImage>
<InstallFrom>
<MetaData wcm:action="add">
<Value>Windows 7 Enterprise</Value>
<Key>/IMAGE/NAME</Key>
</MetaData>
</InstallFrom>
<InstallTo>
<DiskID>0</DiskID>
<PartitionID>2</PartitionID>
</InstallTo>
<InstallToAvailablePartition>false</InstallToAvailablePartition>
</OSImage>
</ImageInstall>
<DynamicUpdate>
<Enable>true</Enable>
<WillShowUI>Never</WillShowUI>
</DynamicUpdate>
<UpgradeData>
<Upgrade>false</Upgrade>
<WillShowUI>Never</WillShowUI>
</UpgradeData>
<UserData>
<AcceptEula>true</AcceptEula>
<FullName>Docker</FullName>
<Organization>Windows for Docker</Organization>
</UserData>
<EnableFirewall>false</EnableFirewall>
<Diagnostics>
<OptIn>false</OptIn>
</Diagnostics>
</component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<EnableLUA>false</EnableLUA>
</component>
</settings>
<settings pass="generalize">
<component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
</component>
<component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<SkipRearm>1</SkipRearm>
</component>
</settings>
<settings pass="specialize">
<component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<SkipAutoActivation>true</SkipAutoActivation>
</component>
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<ComputerName>*</ComputerName>
<OEMInformation>
<Manufacturer>Dockur</Manufacturer>
<Model>Windows for Docker</Model>
</OEMInformation>
</component>
<component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<DisableWER>1</DisableWER>
</component>
<component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<DisableAccelerators>true</DisableAccelerators>
<DisableFirstRunWizard>true</DisableFirstRunWizard>
<Home_Page>https://google.com</Home_Page>
<Help_Page>about:blank</Help_Page>
</component>
<component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<DisableAccelerators>true</DisableAccelerators>
<DisableFirstRunWizard>true</DisableFirstRunWizard>
<Home_Page>https://google.com</Home_Page>
<Help_Page>about:blank</Help_Page>
</component>
<component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<CEIPEnabled>0</CEIPEnabled>
</component>
<component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<DisableSR>1</DisableSR>
</component>
<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<InputLocale>0409:00000409</InputLocale>
<SystemLocale>en-US</SystemLocale>
<UILanguage>en-US</UILanguage>
<UserLocale>en-US</UserLocale>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<fDenyTSConnections>false</fDenyTSConnections>
</component>
<component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<UserAuthentication>0</UserAuthentication>
</component>
<component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<FirewallGroups>
<FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
<Active>true</Active>
<Profile>all</Profile>
<Group>@FirewallAPI.dll,-28752</Group>
</FirewallGroup>
</FirewallGroups>
</component>
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Order>1</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<UserAccounts>
<LocalAccounts>
<LocalAccount wcm:action="add">
<Name>Docker</Name>
<Group>Administrators</Group>
<Password>
<Value />
<PlainText>true</PlainText>
</Password>
</LocalAccount>
</LocalAccounts>
<AdministratorPassword>
<Value>password</Value>
<PlainText>true</PlainText>
</AdministratorPassword>
</UserAccounts>
<AutoLogon>
<Username>Docker</Username>
<Enabled>true</Enabled>
<LogonCount>65432</LogonCount>
<Password>
<Value />
<PlainText>true</PlainText>
</Password>
</AutoLogon>
<Display>
<ColorDepth>32</ColorDepth>
<HorizontalResolution>1920</HorizontalResolution>
<VerticalResolution>1080</VerticalResolution>
</Display>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
<NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>3</ProtectYourPC>
<SkipUserOOBE>true</SkipUserOOBE>
<SkipMachineOOBE>true</SkipMachineOOBE>
</OOBE>
<RegisteredOrganization>Dockur</RegisteredOrganization>
<RegisteredOwner>Windows for Docker</RegisteredOwner>
<FirstLogonCommands>
<SynchronousCommand wcm:action="add">
<Order>1</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
<Description>Password Never Expires</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>4</Order>
<CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>5</Order>
<CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
<Description>Disable monitor blanking</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>6</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>7</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>8</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>9</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>11</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
</FirstLogonCommands>
</component>
</settings>
</unattend>
assets/win7x64-enterprise.xml
+14 -5
View File
@@ -152,6 +152,15 @@
</FirewallGroup>
</FirewallGroups>
</component>
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Order>1</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -201,11 +210,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
@@ -278,6 +282,11 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win7x64-ultimate.xml
+14 -5
View File
@@ -152,6 +152,15 @@
</FirewallGroup>
</FirewallGroups>
</component>
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Order>1</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -201,11 +210,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
@@ -278,6 +282,11 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win7x64.xml
+14 -5
View File
@@ -152,6 +152,15 @@
</FirewallGroup>
</FirewallGroups>
</component>
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Order>1</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -201,11 +210,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
@@ -278,6 +282,11 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win7x86-enterprise.xml
+5 -5
View File
@@ -201,11 +201,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
@@ -278,6 +273,11 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win7x86-ultimate.xml
+5 -5
View File
@@ -201,11 +201,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
@@ -278,6 +273,11 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win7x86.xml
+5 -5
View File
@@ -201,11 +201,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
@@ -278,6 +273,11 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win81x64-enterprise-eval.xml
+24 -9
View File
@@ -146,6 +146,11 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>2</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -221,11 +226,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -274,25 +274,40 @@
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>15</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>16</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>18</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win81x64-enterprise.xml
+24 -9
View File
@@ -149,6 +149,11 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>2</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -224,11 +229,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -277,25 +277,40 @@
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>15</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>16</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>18</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/win81x64.xml
+24 -9
View File
@@ -156,6 +156,11 @@
<Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
<Description>Set Network Location to Home</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>2</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -231,11 +236,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -284,25 +284,40 @@
<SynchronousCommand wcm:action="add">
<Order>12</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>13</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
<Order>15</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
<Order>16</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>17</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
<Order>18</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/winvistax64-enterprise.xml
+22 -8
View File
@@ -90,6 +90,15 @@
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<fDenyTSConnections>false</fDenyTSConnections>
</component>
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Order>1</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -150,11 +159,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
@@ -238,20 +242,30 @@
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<Order>22</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>22</Order>
<Order>23</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>24</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/winvistax64-ultimate.xml
+22 -8
View File
@@ -90,6 +90,15 @@
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<fDenyTSConnections>false</fDenyTSConnections>
</component>
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Order>1</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -150,11 +159,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
@@ -238,20 +242,30 @@
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<Order>22</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>22</Order>
<Order>23</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>24</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/winvistax64.xml
+22 -8
View File
@@ -90,6 +90,15 @@
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<fDenyTSConnections>false</fDenyTSConnections>
</component>
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Order>1</Order>
<Path>C:\Windows\Drivers\Balloon\blnsvr.exe -i</Path>
<Description>Install VirtIO Balloon service</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -150,11 +159,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
@@ -238,20 +242,30 @@
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<Order>22</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>22</Order>
<Order>23</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>24</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/winvistax86-enterprise.xml
+13 -8
View File
@@ -150,11 +150,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
@@ -238,20 +233,30 @@
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<Order>22</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>22</Order>
<Order>23</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>24</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/winvistax86-ultimate.xml
+13 -8
View File
@@ -150,11 +150,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
@@ -238,20 +233,30 @@
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<Order>22</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>22</Order>
<Order>23</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>24</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
assets/winvistax86.xml
+13 -8
View File
@@ -150,11 +150,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
<Description>Allow RDP login with blank password</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
@@ -238,20 +233,30 @@
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
<Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>20</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
<Description>Enable Network Discovery</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
<Order>22</Order>
<CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
<Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>22</Order>
<Order>23</Order>
<CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
<Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>24</Order>
<CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
<Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
compose.yml
+5 -1
View File
@@ -3,13 +3,17 @@ services:
image: dockurr/windows
container_name: windows
environment:
VERSION: "win11"
VERSION: "11"
devices:
- /dev/kvm
- /dev/net/tun
cap_add:
- NET_ADMIN
ports:
- 8006:8006
- 3389:3389/tcp
- 3389:3389/udp
volumes:
- ./windows:/storage
restart: always
stop_grace_period: 2m
kubernetes.yml
+66 -38
View File
@@ -1,72 +1,100 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: windows-pvc
spec:
accessModes:
- ReadWriteOnce
- ReadWriteOnce
resources:
requests:
storage: 64Gi
---
apiVersion: v1
kind: Pod
apiVersion: apps/v1
kind: Deployment
metadata:
name: windows
labels:
name: windows
spec:
terminationGracePeriodSeconds: 120 # the Kubernetes default is 30 seconds and it may be not enough
containers:
- name: windows
image: dockurr/windows
ports:
- containerPort: 8006
protocol: TCP
- containerPort: 3389
protocol: TCP
- containerPort: 3389
protocol: UDP
securityContext:
privileged: true
env:
- name: RAM_SIZE
value: 4G
- name: CPU_CORES
value: "2"
replicas: 1
selector:
matchLabels:
app: windows
template:
metadata:
labels:
app: windows
spec:
containers:
- name: windows
image: dockurr/windows
env:
- name: VERSION
value: "11"
- name: DISK_SIZE
value: "64G"
volumeMounts:
ports:
- containerPort: 8006
name: http
protocol: TCP
- containerPort: 3389
name: rdp
protocol: TCP
- containerPort: 3389
name: udp
protocol: UDP
- containerPort: 5900
name: vnc
protocol: TCP
securityContext:
capabilities:
add:
- NET_ADMIN
privileged: true
volumeMounts:
- mountPath: /storage
name: storage
- mountPath: /dev/kvm
name: dev-kvm
volumes:
- name: storage
persistentVolumeClaim:
claimName: windows-pvc
- name: dev-kvm
hostPath:
path: /dev/kvm
- mountPath: /dev/net/tun
name: dev-tun
terminationGracePeriodSeconds: 120
volumes:
- name: storage
persistentVolumeClaim:
claimName: windows-pvc
- hostPath:
path: /dev/kvm
name: dev-kvm
- hostPath:
path: /dev/net/tun
type: CharDevice
name: dev-tun
---
apiVersion: v1
kind: Service
metadata:
name: windows
spec:
type: NodePort
selector:
name: windows
internalTrafficPolicy: Cluster
ports:
- name: tcp-8006
protocol: TCP
- name: http
port: 8006
targetPort: 8006
- name: tcp-3389
protocol: TCP
targetPort: 8006
- name: rdp
port: 3389
protocol: TCP
targetPort: 3389
- name: udp-3389
- name: udp
port: 3389
protocol: UDP
port: 3389
targetPort: 3389
- name: vnc
port: 5900
protocol: TCP
targetPort: 5900
selector:
app: windows
type: ClusterIP
readme.md
+143 -128
View File
@@ -16,18 +16,17 @@ Windows inside a Docker container.
## Features ✨
- Multi-language
- ISO downloader
- KVM acceleration
- Web-based viewer
## Video 📺
[![Youtube](https://img.youtube.com/vi/xhGYobuG508/0.jpg)](https://www.youtube.com/watch?v=xhGYobuG508)
[![Youtube](https://img.youtube.com/vi/xhGYobuG508/maxresdefault.jpg)](https://www.youtube.com/watch?v=xhGYobuG508)
## Usage 🐳
Via Docker Compose:
##### Via Docker Compose:
```yaml
services:
@@ -35,37 +34,49 @@ services:
image: dockurr/windows
container_name: windows
environment:
VERSION: "win11"
VERSION: "11"
devices:
- /dev/kvm
- /dev/net/tun
cap_add:
- NET_ADMIN
ports:
- 8006:8006
- 3389:3389/tcp
- 3389:3389/udp
volumes:
- ./windows:/storage
restart: always
stop_grace_period: 2m
```
Via Docker CLI:
##### Via Docker CLI:
```bash
docker run -it --rm -p 8006:8006 --device=/dev/kvm --cap-add NET_ADMIN --stop-timeout 120 dockurr/windows
docker run -it --rm --name windows -e "VERSION=11" -p 8006:8006 --device=/dev/kvm --device=/dev/net/tun --cap-add NET_ADMIN -v "${PWD:-.}/windows:/storage" --stop-timeout 120 docker.io/dockurr/windows
```
Via Kubernetes:
##### Via Kubernetes:
```shell
kubectl apply -f kubernetes.yml
kubectl apply -f https://raw.githubusercontent.com/dockur/windows/refs/heads/master/kubernetes.yml
```
##### Via Github Codespaces:
[![Open in GitHub Codespaces](https://github.com/codespaces/badge.svg)](https://codespaces.new/dockur/windows)
##### Via a graphical installer:
[![Download WinBoat](https://github.com/dockur/windows/raw/master/.github/winboat.png)](https://winboat.app)
## FAQ 💬
### How do I use it?
Very simple! These are the steps:
- Start the container and connect to [port 8006](http://localhost:8006) using your web browser.
- Start the container and connect to [port 8006](http://127.0.0.1:8006/) using your web browser.
- Sit back and relax while the magic happens, the whole installation will be performed fully automatic.
@@ -75,76 +86,52 @@ kubectl apply -f kubernetes.yml
### How do I select the Windows version?
By default, Windows 11 will be installed. But you can add the `VERSION` environment variable to your compose file, in order to specify an alternative Windows version to be downloaded:
By default, Windows 11 Pro will be installed. But you can add the `VERSION` environment variable to your compose file, in order to specify an alternative Windows version to be downloaded:
```yaml
environment:
VERSION: "win11"
VERSION: "11"
```
Select from the values below:
| **Value** | **Version** | **Size** |
| **Value** | **Version** | **Size** |
|---|---|---|
| `win11` | Windows 11 Pro | 6.4 GB |
| `win11e` | Windows 11 Enterprise | 5.8 GB |
| `win10` | Windows 10 Pro | 5.7 GB |
| `ltsc10` | Windows 10 LTSC | 4.6 GB |
| `win10e` | Windows 10 Enterprise | 5.2 GB |
| `11` | Windows 11 Pro | 7.2 GB |
| `11l` | Windows 11 LTSC | 4.7 GB |
| `11e` | Windows 11 Enterprise | 6.6 GB |
||||
| `win8` | Windows 8.1 Pro | 4.0 GB |
| `win8e` | Windows 8.1 Enterprise | 3.7 GB |
| `win7` | Windows 7 Enterprise | 3.0 GB |
| `vista` | Windows Vista Enterprise | 3.0 GB |
| `winxp` | Windows XP Professional | 0.6 GB |
| `10` | Windows 10 Pro | 5.7 GB |
| `10l` | Windows 10 LTSC | 4.6 GB |
| `10e` | Windows 10 Enterprise | 5.2 GB |
||||
| `2022` | Windows Server 2022 | 4.7 GB |
| `2019` | Windows Server 2019 | 5.3 GB |
| `2016` | Windows Server 2016 | 6.5 GB |
| `2012` | Windows Server 2012 | 4.3 GB |
| `2008` | Windows Server 2008 | 3.0 GB |
| `8e` | Windows 8.1 Enterprise | 3.7 GB |
| `7u` | Windows 7 Ultimate | 3.1 GB |
| `vu` | Windows Vista Ultimate | 3.0 GB |
| `xp` | Windows XP Professional | 0.6 GB |
| `2k` | Windows 2000 Professional | 0.4 GB |
||||
| `core11` | Tiny 11 Core | 2.1 GB |
| `tiny11` | Tiny 11 | 3.8 GB |
| `tiny10` | Tiny 10 | 3.6 GB |
| `2025` | Windows Server 2025 | 6.7 GB |
| `2022` | Windows Server 2022 | 6.0 GB |
| `2019` | Windows Server 2019 | 5.3 GB |
| `2016` | Windows Server 2016 | 6.5 GB |
| `2012` | Windows Server 2012 | 4.3 GB |
| `2008` | Windows Server 2008 | 3.0 GB |
| `2003` | Windows Server 2003 | 0.6 GB |
> [!TIP]
> To install ARM64 versions of Windows use [dockur/windows-arm](https://github.com/dockur/windows-arm/).
### How do I select the Windows language?
By default, the English version of Windows will be downloaded. But you can add the `LANGUAGE` environment variable to your compose file, in order to specify an alternative language:
```yaml
environment:
LANGUAGE: "French"
```
You can choose between: 🇦🇪 Arabic, 🇧🇬 Bulgarian, 🇨🇳 Chinese, 🇭🇷 Croatian, 🇨🇿 Czech, 🇩🇰 Danish, 🇳🇱 Dutch, 🇬🇧 English, 🇪🇪 Estionian, 🇫🇮 Finnish, 🇫🇷 French, 🇩🇪 German, 🇬🇷 Greek, 🇮🇱 Hebrew, 🇭🇺 Hungarian, 🇮🇹 Italian, 🇯🇵 Japanese, 🇰🇷 Korean, 🇱🇻 Latvian, 🇱🇹 Lithuanian, 🇳🇴 Norwegian, 🇵🇱 Polish, 🇵🇹 Portuguese, 🇷🇴 Romanian, 🇷🇺 Russian, 🇷🇸 Serbian, 🇸🇰 Slovak, 🇸🇮 Slovenian, 🇪🇸 Spanish, 🇸🇪 Swedish, 🇹🇭 Thai, 🇹🇷 Turkish and 🇺🇦 Ukrainian.
### How do I select the keyboard layout?
If you want to use a keyboard layout or locale that is not the default for your selected language, you can add the `KEYBOARD` and `REGION` variables with a culture code, like this:
```yaml
environment:
REGION: "en-US"
KEYBOARD: "en-US"
```
> [!NOTE]
> Changing these values will have no effect after the installation has been performed already. Use the control panel inside Windows in that case.
### How do I change the storage location?
To change the storage location, include the following bind mount in your compose file:
```yaml
volumes:
- /var/win:/storage
- ./windows:/storage
```
Replace the example path `/var/win` with the desired storage folder.
Replace the example path `./windows` with the desired storage folder or named volume.
### How do I change the size of the disk?
@@ -156,65 +143,24 @@ kubectl apply -f kubernetes.yml
```
> [!TIP]
> This can also be used to resize the existing disk to a larger capacity without any data loss.
> This can also be used to resize the existing disk to a larger capacity without any data loss. However you will need to [manually extend the disk partition](https://learn.microsoft.com/en-us/windows-server/storage/disk-management/extend-a-basic-volume?tabs=disk-management) afterwards, since the added disk space will appear as unallocated.
### How do I share files with the host?
Open 'File Explorer' and click on the 'Network' section, you will see a computer called `host.lan`. Double-click it and it will show a folder called `Data`, which can be binded to any folder on your host via the compose file:
After installation there will be a folder called `Shared` on your desktop, which can be used to exchange files with the host machine.
To select a folder on the host for this purpose, include the following bind mount in your compose file:
```yaml
volumes:
- /home/user/example:/shared
- ./example:/shared
```
The example folder `/home/user/example` will be available as ` \\host.lan\Data`.
> [!TIP]
> You can map this path to a drive letter in Windows, for easier access.
### How do I install a custom image?
In order to download an unsupported ISO image that is not selectable from the list above, specify the URL of that ISO in the `VERSION` environment variable, for example:
```yaml
environment:
VERSION: "https://example.com/win.iso"
```
Alternatively, you can also skip the download and use a local file instead, by binding it in your compose file in this way:
```yaml
volumes:
- /home/user/example.iso:/custom.iso
```
Replace the example path `/home/user/example.iso` with the filename of your desired ISO file, the value of `VERSION` will be ignored in this case.
### How do I run a script after installation?
To run your own script after installation, you can create a file called `install.bat` and place it in a folder together with any additional files it needs (software to be installed for example). Then bind that folder in your compose file like this:
```yaml
volumes:
- /home/user/example:/oem
```
The example folder `/home/user/example` will be copied to `C:\OEM` during installation and the containing `install.bat` will be executed during the last step.
### How do I perform a manual installation?
It's best to stick to the automatic installation, as it adjusts various settings to prevent common issues when running Windows inside a virtual environment.
However, if you insist on performing the installation manually, add the following environment variable to your compose file:
```yaml
environment:
MANUAL: "Y"
```
Replace the example path `./example` with your desired shared folder, which then will become visible as `Shared`.
### How do I change the amount of CPU or RAM?
By default, the container will be allowed to use a maximum of 2 CPU cores and 4 GB of RAM.
By default, Windows will be allowed to use 2 CPU cores and 4 GB of RAM.
If you want to adjust this, you can specify the desired amount using the following environment variables:
@@ -226,9 +172,9 @@ kubectl apply -f kubernetes.yml
### How do I configure the username and password?
By default, a user called `Docker` is created during the installation, with an empty password.
By default, a user called `Docker` is created and its password is `admin`.
If you want to use different credentials, you can change them in your compose file:
If you want to use different credentials during installation, you can configure them in your compose file:
```yaml
environment:
@@ -236,11 +182,76 @@ kubectl apply -f kubernetes.yml
PASSWORD: "gates"
```
### How do I select the Windows language?
By default, the English version of Windows will be downloaded.
But you can add the `LANGUAGE` environment variable to your compose file, in order to specify an alternative language to be downloaded:
```yaml
environment:
LANGUAGE: "French"
```
You can choose between: 🇦🇪 Arabic, 🇧🇬 Bulgarian, 🇨🇳 Chinese, 🇭🇷 Croatian, 🇨🇿 Czech, 🇩🇰 Danish, 🇳🇱 Dutch, 🇬🇧 English, 🇪🇪 Estonian, 🇫🇮 Finnish, 🇫🇷 French, 🇩🇪 German, 🇬🇷 Greek, 🇮🇱 Hebrew, 🇭🇺 Hungarian, 🇮🇹 Italian, 🇯🇵 Japanese, 🇰🇷 Korean, 🇱🇻 Latvian, 🇱🇹 Lithuanian, 🇳🇴 Norwegian, 🇵🇱 Polish, 🇵🇹 Portuguese, 🇷🇴 Romanian, 🇷🇺 Russian, 🇷🇸 Serbian, 🇸🇰 Slovak, 🇸🇮 Slovenian, 🇪🇸 Spanish, 🇸🇪 Swedish, 🇹🇭 Thai, 🇹🇷 Turkish and 🇺🇦 Ukrainian.
### How do I select the keyboard layout?
If you want to use a keyboard layout or locale that is not the default for your selected language, you can add `KEYBOARD` and `REGION` variables like this:
```yaml
environment:
REGION: "en-US"
KEYBOARD: "en-US"
```
### How do I install a custom image?
In order to download an unsupported ISO image, specify its URL in the `VERSION` environment variable:
```yaml
environment:
VERSION: "https://example.com/win.iso"
```
Alternatively, you can also skip the download and use a local file instead, by binding it in your compose file in this way:
```yaml
volumes:
- ./example.iso:/boot.iso
```
Replace the example path `./example.iso` with the filename of your desired ISO file. The value of `VERSION` will be ignored in this case.
### How do I run a script after installation?
To run your own script after installation, you can create a file called `install.bat` and place it in a folder together with any additional files it needs (software to be installed for example).
Then bind that folder in your compose file like this:
```yaml
volumes:
- ./example:/oem
```
The example folder `./example` will be copied to `C:\OEM` and the containing `install.bat` will be executed during the last step of the automatic installation.
### How do I perform a manual installation?
It's recommended to stick to the automatic installation, as it adjusts various settings to prevent common issues when running Windows inside a virtual environment.
However, if you insist on performing the installation manually at your own risk, add the following environment variable to your compose file:
```yaml
environment:
MANUAL: "Y"
```
### How do I connect using RDP?
The web-viewer is mainly meant to be used during installation, as its picture quality is low, and it has no audio or clipboard for example.
So for a better experience you can connect using any Microsoft Remote Desktop client to the IP of the container, using the username `Docker` and by leaving the password empty.
So for a better experience you can connect using any Microsoft Remote Desktop client to the IP of the container, using the username `Docker` and password `admin`.
There is a RDP client for [Android](https://play.google.com/store/apps/details?id=com.microsoft.rdc.androidx) available from the Play Store and one for [iOS](https://apps.apple.com/nl/app/microsoft-remote-desktop/id714464092?l=en-GB) in the Apple Store. For Linux you can use [FreeRDP](https://www.freerdp.com/) and on Windows just type `mstsc` in the search box.
@@ -285,7 +296,7 @@ kubectl apply -f kubernetes.yml
After configuring the container for [macvlan](#how-do-i-assign-an-individual-ip-address-to-the-container), it is possible for Windows to become part of your home network by requesting an IP from your router, just like a real PC.
To enable this mode, add the following lines to your compose file:
To enable this mode, in which the container and Windows will have separate IP addresses, add the following lines to your compose file:
```yaml
environment:
@@ -296,9 +307,6 @@ kubectl apply -f kubernetes.yml
- 'c *:* rwm'
```
> [!NOTE]
> In this mode, the container and Windows will each have their own separate IPs.
### How do I add multiple disks?
To create additional disks, modify your compose file like this:
@@ -308,21 +316,21 @@ kubectl apply -f kubernetes.yml
DISK2_SIZE: "32G"
DISK3_SIZE: "64G"
volumes:
- /home/example:/storage2
- /mnt/data/example:/storage3
- ./example2:/storage2
- ./example3:/storage3
```
### How do I pass-through a disk?
It is possible to pass-through disk devices directly by adding them to your compose file in this way:
It is possible to pass-through disk devices or partitions directly by adding them to your compose file in this way:
```yaml
devices:
- /dev/sdb:/disk1
- /dev/sdc:/disk2
- /dev/sdc1:/disk2
```
Use `/disk1` if you want it to become your main drive, and use `/disk2` and higher to add them as secondary drives.
Use `/disk1` if you want it to become your main drive (which will be formatted during installation), and use `/disk2` and higher to add them as secondary drives (which will stay untouched).
### How do I pass-through a USB device?
@@ -335,41 +343,49 @@ kubectl apply -f kubernetes.yml
- /dev/bus/usb
```
> [!IMPORTANT]
> If the device is a USB disk drive, please wait until after the installation is completed before connecting it. Otherwise the installation may fail, as the order of the disks can get rearranged.
> [!WARNING]
> Adding a USB mass storage device before Windows Setup has finished may cause it to fail. Or worse: the drive can get formatted as the system disk, and all your data will be lost! So always keep them disconnected when launching the container for the first time.
### How do I verify if my system supports KVM?
To verify that your system supports KVM, run the following commands:
First check if your software is compatible using this chart:
| **Product** | **Linux** | **Win11** | **Win10** | **macOS** |
|---|---|---|---|---|
| Docker CLI | ✅ | ✅ | ❌ | ❌ |
| Docker Desktop | ❌ | ✅ | ❌ | ❌ |
| Podman CLI | ✅ | ✅ | ❌ | ❌ |
| Podman Desktop | ✅ | ✅ | ❌ | ❌ |
After that you can run the following commands in Linux to check your system:
```bash
sudo apt install cpu-checker
sudo kvm-ok
```
If you receive an error from `kvm-ok` indicating that KVM acceleration can't be used, please check whether:
If you receive an error from `kvm-ok` indicating that KVM cannot be used, please check whether:
- the virtualization extensions (`Intel VT-x` or `AMD SVM`) are enabled in your BIOS.
- you are running an operating system that supports them, like Linux or Windows 11 (macOS and Windows 10 do not unfortunately).
- you enabled "nested virtualization" if you are running the container inside a virtual machine.
- you are not using a cloud provider, as most of them do not allow nested virtualization for their VPS's.
If you didn't receive any error from `kvm-ok` at all, but the container still complains that `/dev/kvm` is missing, it might help to add `privileged: true` to your compose file (or `--privileged` to your `run` command), to rule out any permission issue.
If you did not receive any error from `kvm-ok` but the container still complains about a missing KVM device, it could help to add `privileged: true` to your compose file (or `sudo` to your `docker` command) to rule out any permission issue.
### How do I run macOS in a container?
You can use [dockur/macos](https://github.com/dockur/macos) for that. It shares many of the same features, except for the automatic installation.
### How do I run a Linux desktop in a container?
You can use [qemus/qemu](https://github.com/qemus/qemu) in that case.
### Is this project legal?
Yes, this project contains only open-source code and does not distribute any copyrighted material. Any product keys found in the code are just generic placeholders provided by Microsoft for trial purposes. So under all applicable laws, this project will be considered legal.
## Stars 🌟
[![Stars](https://starchart.cc/dockur/windows.svg?variant=adaptive)](https://starchart.cc/dockur/windows)
## Disclaimer ⚖️
*The product names, logos, brands, and other trademarks referred to within this project are the property of their respective trademark holders. This project is not affiliated, sponsored, or endorsed by Microsoft Corporation.*
@@ -383,5 +399,4 @@ kubectl apply -f kubernetes.yml
[Size]: https://img.shields.io/docker/image-size/dockurr/windows/latest?color=066da5&label=size
[Pulls]: https://img.shields.io/docker/pulls/dockurr/windows.svg?style=flat&label=pulls&logo=docker
[Version]: https://img.shields.io/docker/v/dockurr/windows/latest?arch=amd64&sort=semver&color=066da5
[Package]:
https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fipitio.github.io%2Fbackage%2Fdockur%2Fwindows%2Fwindows.json&query=%24.downloads&logo=github&style=flat&color=066da5&label=pulls
[Package]: https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fipitio.github.io%2Fbackage%2Fdockur%2Fwindows%2Fwindows.json&query=%24.downloads&logo=github&style=flat&color=066da5&label=pulls
src/define.sh
+725 -1196
View File
File diff suppressed because it is too large Load Diff
src/entry.sh
+17 -7
View File
@@ -1,16 +1,19 @@
#!/usr/bin/env bash
set -Eeuo pipefail
: "${APP:="Windows"}"
: "${PLATFORM:="x64"}"
: "${BOOT_MODE:="windows"}"
APP="Windows"
SUPPORT="https://github.com/dockur/windows"
: "${SUPPORT:="https://github.com/dockur/windows"}"
cd /run
. start.sh # Startup hook
. utils.sh # Load functions
. reset.sh # Initialize system
. server.sh # Start webserver
. define.sh # Define versions
. mido.sh # Download code
. mido.sh # Download Windows
. install.sh # Run installation
. disk.sh # Initialize disks
. display.sh # Initialize graphics
@@ -19,7 +22,10 @@ cd /run
. boot.sh # Configure boot
. proc.sh # Initialize processor
. power.sh # Configure shutdown
. memory.sh # Check available memory
. balloon.sh # Initialize ballooning
. config.sh # Configure arguments
. finish.sh # Finish initialization
trap - ERR
@@ -31,9 +37,13 @@ info "Booting ${APP}${BOOT_DESC} using QEMU v$version..."
terminal
( sleep 30; boot ) &
tail -fn +0 "$QEMU_LOG" 2>/dev/null &
cat "$QEMU_TERM" 2> /dev/null | tee "$QEMU_PTY" &
wait $! || :
tail -fn +0 "$QEMU_LOG" --pid=$$ 2>/dev/null &
cat "$QEMU_TERM" 2> /dev/null | tee "$QEMU_PTY" | \
sed -u -e 's/\x1B\[[=0-9;]*[a-z]//gi' \
-e 's/\x1B\x63//g' -e 's/\x1B\[[=?]7l//g' \
-e '/^$/d' -e 's/\x44\x53\x73//g' \
-e 's/failed to load Boot/skipped Boot/g' \
-e 's/0): Not Found/0)/g' & wait $! || :
sleep 1 & wait $!
[ ! -f "$QEMU_END" ] && finish 0
src/install.sh
+469 -226
View File
File diff suppressed because it is too large Load Diff
src/mido.sh
+363 -137
View File
@@ -4,25 +4,26 @@ set -Eeuo pipefail
handle_curl_error() {
local error_code="$1"
local server_name="$2"
case "$error_code" in
1) error "Unsupported protocol!" ;;
2) error "Failed to initialize curl!" ;;
3) error "The URL format is malformed!" ;;
5) error "Failed to resolve address of proxy host!" ;;
6) error "Failed to resolve Microsoft servers! Is there an Internet connection?" ;;
7) error "Failed to contact Microsoft servers! Is there an Internet connection or is the server down?" ;;
8) error "Microsoft servers returned a malformed HTTP response!" ;;
6) error "Failed to resolve $server_name servers! Is there an Internet connection?" ;;
7) error "Failed to contact $server_name servers! Is there an Internet connection or is the server down?" ;;
8) error "$server_name servers returned a malformed HTTP response!" ;;
16) error "A problem was detected in the HTTP2 framing layer!" ;;
22) error "Microsoft servers returned a failing HTTP status code!" ;;
22) error "$server_name servers returned a failing HTTP status code!" ;;
23) error "Failed at writing Windows media to disk! Out of disk space or permission error?" ;;
26) error "Failed to read Windows media from disk!" ;;
27) error "Ran out of memory during download!" ;;
28) error "Connection timed out to Microsoft server!" ;;
35) error "SSL connection error from Microsoft server!" ;;
28) error "Connection timed out to $server_name server!" ;;
35) error "SSL connection error from $server_name server!" ;;
36) error "Failed to continue earlier download!" ;;
52) error "Received no data from the Microsoft server!" ;;
63) error "Microsoft servers returned an unexpectedly large response!" ;;
52) error "Received no data from the $server_name server!" ;;
63) error "$server_name servers returned an unexpectedly large response!" ;;
# POSIX defines exit statuses 1-125 as usable by us
# https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_08_02
$((error_code <= 125)))
@@ -63,77 +64,118 @@ download_windows() {
local lang="$2"
local desc="$3"
local sku_id=""
local sku_url=""
local iso_url=""
local iso_json=""
local language=""
local session_id=""
local user_agent=""
local download_type=""
local windows_version=""
local iso_download_link=""
local download_page_html=""
local product_edition_id=""
local iso_download_link_html=""
local iso_download_page_html=""
local language_skuid_table_html=""
case "${id,,}" in
"win11x64" ) windows_version="11" ;;
"win10x64" ) windows_version="10" ;;
"win81x64" ) windows_version="8" ;;
* ) error "Invalid VERSION specified, value \"$id\" is not recognized!" && return 1 ;;
esac
local language_skuid_json=""
local profile="606624d44113"
user_agent=$(get_agent)
language=$(getLanguage "$lang" "name")
local url="https://www.microsoft.com/en-us/software-download/windows$windows_version"
case "$windows_version" in
8 | 10) url+="ISO";;
case "${id,,}" in
"win11x64" ) windows_version="11" && download_type="1" ;;
"win11arm64" ) windows_version="11arm64" && download_type="2" ;;
* ) error "Invalid VERSION specified, value \"$id\" is not recognized!" && return 1 ;;
esac
local url="https://www.microsoft.com/en-us/software-download/windows$windows_version"
[[ "${id,,}" == "win10"* ]] && url+="ISO"
# uuidgen: For MacOS (installed by default) and other systems (e.g. with no /proc) that don't have a kernel interface for generating random UUIDs
session_id=$(cat /proc/sys/kernel/random/uuid 2> /dev/null || uuidgen --random)
session_id="${session_id//[![:print:]]/}"
# Get product edition ID for latest release of given Windows version
# Product edition ID: This specifies both the Windows release (e.g. 22H2) and edition ("multi-edition" is default, either Home/Pro/Edu/etc., we select "Pro" in the answer files) in one number
# This is the *only* request we make that Fido doesn't. Fido manually maintains a list of all the Windows release/edition product edition IDs in its script (see: $WindowsVersions array). This is helpful for downloading older releases (e.g. Windows 10 1909, 21H1, etc.) but we always want to get the newest release which is why we get this value dynamically
# Also, keeping a "$WindowsVersions" array like Fido does would be way too much of a maintenance burden
# Remove "Accept" header that curl sends by default
[[ "$DEBUG" == [Yy1]* ]] && echo " - Parsing download page: ${url}"
iso_download_page_html=$(curl --silent --max-time 30 --user-agent "$user_agent" --header "Accept:" --max-filesize 1M --fail --proto =https --tlsv1.2 --http1.1 -- "$url") || {
handle_curl_error $?
[[ "$DEBUG" == [Yy1]* ]] && echo "Parsing download page: ${url}"
download_page_html=$(curl --silent --max-time 30 --user-agent "$user_agent" --header "Accept:" --max-filesize 1M --fail --proto =https --tlsv1.2 --http1.1 -- "$url") || {
handle_curl_error "$?" "Microsoft"
return $?
}
[[ "$DEBUG" == [Yy1]* ]] && echo -n "Getting Product edition ID: "
# tr: Filter for only numerics to prevent HTTP parameter injection
# head -c was recently added to POSIX: https://austingroupbugs.net/view.php?id=407
product_edition_id=$(echo "$iso_download_page_html" | grep -Eo '<option value="[0-9]+">Windows' | cut -d '"' -f 2 | head -n 1 | tr -cd '0-9' | head -c 16)
product_edition_id=$(echo "$download_page_html" | grep -Eo '<option value="[0-9]+">Windows' | cut -d '"' -f 2 | head -n 1 | tr -cd '0-9' | head -c 16)
[[ "$DEBUG" == [Yy1]* ]] && echo "$product_edition_id"
[[ "$DEBUG" == [Yy1]* ]] && echo "Permit Session ID: $session_id"
if [ -z "$product_edition_id" ]; then
error "Product edition ID not found!"
return 1
fi
# Microsoft download "protection" requires the sessionId to be whitelisted through vlscppe.microsoft.com/tags
org_id="y6jn8c31"
vls_url="https://vlscppe.microsoft.com/tags?org_id=$org_id&session_id=$session_id"
[[ "$DEBUG" == [Yy1]* ]] && echo "Session ID: $session_id"
# Permit Session ID
# "org_id" is always the same value
curl --silent --max-time 30 --output /dev/null --user-agent "$user_agent" --header "Accept:" --max-filesize 100K --fail --proto =https --tlsv1.2 --http1.1 -- "https://vlscppe.microsoft.com/tags?org_id=y6jn8c31&session_id=$session_id" || {
curl --silent --max-time 30 --output /dev/null --user-agent "$user_agent" --header "Accept:" --max-filesize 100K --fail --proto =https --tlsv1.2 --http1.1 -- "$vls_url" || {
# This should only happen if there's been some change to how this API works
handle_curl_error $?
handle_curl_error "$?" "Microsoft"
return $?
}
# Extract everything after the last slash
local url_segment_parameter="${url##*/}"
# Microsoft download "protection" also requires an ov-df.microsoft.com request/reply
# 1) Request mdt.js to get w and rticks. InstanceId is (currently) constant.
instance_id="560dc9f3-1aa5-4a2f-b63c-9e18f8d0e175"
ov_url="https://ov-df.microsoft.com/mdt.js?instanceId=$instance_id&PageId=si&session_id=$session_id"
ov_data=$(curl --silent --max-time 30 --user-agent "$user_agent" --header "Accept:" --max-filesize 1M --fail --proto =https --tlsv1.2 --http1.1 -- "$ov_url") || {
handle_curl_error "$?" "Microsoft"
return $?
}
if [[ $ov_data =~ [\?\&]w=([A-Fa-f0-9]+) ]]; then
ovw="${BASH_REMATCH[1]}"
fi
if [[ $ov_data =~ rticks=\"\+?([0-9]+) ]]; then
rticks="${BASH_REMATCH[1]}"
fi
if [[ -z $ovw || -z $rticks ]]; then
error "Could not extract ov-df data from Microsoft server!"
return 1
fi
sleep 0.2
# 2) Send a reply with session ID, current epoch and previously retrieved w and rticks
mdt=$(date +%s%3N)
ov_url="https://ov-df.microsoft.com/?session_id=$session_id&CustomerId=$instance_id&PageId=si&w=$ovw&mdt=$mdt&rticks=$rticks"
curl --silent --max-time 30 --output /dev/null --user-agent "$user_agent" --header "Accept:" --max-filesize 100K --fail --proto =https --tlsv1.2 --http1.1 -- "$ov_url" || {
# This should only happen if there's been some change to how this API works
handle_curl_error "$?" "Microsoft"
return $?
}
[[ "$DEBUG" == [Yy1]* ]] && echo -n "Getting language SKU ID: "
# Get language -> skuID association table
# SKU ID: This specifies the language of the ISO. We always use "English (United States)", however, the SKU for this changes with each Windows release
# We must make this request so our next one will be allowed
# --data "" is required otherwise no "Content-Length" header will be sent causing HTTP response "411 Length Required"
language_skuid_table_html=$(curl --silent --max-time 30 --request POST --user-agent "$user_agent" --data "" --header "Accept:" --max-filesize 10K --fail --proto =https --tlsv1.2 --http1.1 -- "https://www.microsoft.com/en-US/api/controls/contentinclude/html?pageId=a8f8f489-4c7f-463a-9ca6-5cff94d8d041&host=www.microsoft.com&segments=software-download,$url_segment_parameter&query=&action=getskuinformationbyproductedition&sessionId=$session_id&productEditionId=$product_edition_id&sdVersion=2") || {
handle_curl_error $?
sku_url="https://www.microsoft.com/software-download-connector/api/getskuinformationbyproductedition?profile=$profile&ProductEditionId=$product_edition_id&SKU=undefined&friendlyFileName=undefined&Locale=en-US&sessionID=$session_id"
language_skuid_json=$(curl --silent --max-time 30 --request GET --user-agent "$user_agent" --referer "$url" --header "Accept:" --max-filesize 100K --fail --proto =https --tlsv1.2 --http1.1 -- "$sku_url") || {
handle_curl_error "$?" "Microsoft"
return $?
}
# tr: Filter for only alphanumerics or "-" to prevent HTTP parameter injection
sku_id=$(echo "$language_skuid_table_html" | grep -m 1 ">${language}<" | sed 's/&quot;//g' | cut -d ',' -f 1 | cut -d ':' -f 2 | tr -cd '[:alnum:]-' | head -c 16)
{ sku_id=$(echo "$language_skuid_json" | jq --arg LANG "$language" -r '.Skus[] | select(.Language==$LANG).Id') 2>/dev/null; rc=$?; } || :
if [ -z "$sku_id" ]; then
if [ -z "$sku_id" ] || [[ "${sku_id,,}" == "null" ]] || (( rc != 0 )); then
language=$(getLanguage "$lang" "desc")
error "No download in the $language language available for $desc!"
return 1
@@ -144,28 +186,31 @@ download_windows() {
# Get ISO download link
# If any request is going to be blocked by Microsoft it's always this last one (the previous requests always seem to succeed)
# --referer: Required by Microsoft servers to allow request
iso_download_link_html=$(curl --silent --max-time 30 --request POST --user-agent "$user_agent" --data "" --referer "$url" --header "Accept:" --max-filesize 100K --fail --proto =https --tlsv1.2 --http1.1 -- "https://www.microsoft.com/en-US/api/controls/contentinclude/html?pageId=6e2a1789-ef16-4f27-a296-74ef7ef5d96b&host=www.microsoft.com&segments=software-download,$url_segment_parameter&query=&action=GetProductDownloadLinksBySku&sessionId=$session_id&skuId=$sku_id&language=English&sdVersion=2")
if ! [ "$iso_download_link_html" ]; then
iso_url="https://www.microsoft.com/software-download-connector/api/GetProductDownloadLinksBySku?profile=$profile&ProductEditionId=undefined&SKU=$sku_id&friendlyFileName=undefined&Locale=en-US&sessionID=$session_id"
iso_json=$(curl --silent --max-time 30 --request GET --user-agent "$user_agent" --referer "$url" --header "Accept:" --max-filesize 100K --fail --proto =https --tlsv1.2 --http1.1 -- "$iso_url")
if ! [ "$iso_json" ]; then
# This should only happen if there's been some change to how this API works
error "Microsoft servers gave us an empty response to our request for an automated download."
return 1
fi
if echo "$iso_download_link_html" | grep -q "We are unable to complete your request at this time."; then
if echo "$iso_json" | grep -q "Sentinel marked this request as rejected."; then
error "Microsoft blocked the automated download request based on your IP address."
return 1
fi
# Filter for 64-bit ISO download URL
# sed: HTML decode "&" character
# tr: Filter for only alphanumerics or punctuation
iso_download_link=$(echo "$iso_download_link_html" | grep -o "https://software.download.prss.microsoft.com.*IsoX64" | cut -d '"' -f 1 | sed 's/&amp;/\&/g' | tr -cd '[:alnum:][:punct:]')
if echo "$iso_json" | grep -q "We are unable to complete your request at this time."; then
error "Microsoft blocked the automated download request based on your IP address."
return 1
fi
if ! [ "$iso_download_link" ]; then
# This should only happen if there's been some change to the download endpoint web address
{ iso_download_link=$(echo "$iso_json" | jq --argjson TYPE "$download_type" -r '.ProductDownloadOptions[] | select(.DownloadType==$TYPE).Uri') 2>/dev/null; rc=$?; } || :
if [ -z "$iso_download_link" ] || [[ "${iso_download_link,,}" == "null" ]] || (( rc != 0 )); then
error "Microsoft servers gave us no download link to our request for an automated download!"
info "Response: $iso_json"
return 1
fi
@@ -180,6 +225,7 @@ download_windows_eval() {
local desc="$3"
local filter=""
local culture=""
local compare=""
local language=""
local user_agent=""
local enterprise_type=""
@@ -195,18 +241,15 @@ download_windows_eval() {
"win11${PLATFORM,,}-enterprise-ltsc-eval" )
enterprise_type="iot"
windows_version="windows-11-iot-enterprise-ltsc-eval" ;;
"win10${PLATFORM,,}-enterprise-eval" )
enterprise_type="enterprise"
windows_version="windows-10-enterprise" ;;
"win10${PLATFORM,,}-enterprise-ltsc-eval" )
enterprise_type="ltsc"
windows_version="windows-10-enterprise" ;;
"win2025-eval" )
enterprise_type="server"
windows_version="windows-server-2025" ;;
"win2022-eval" )
enterprise_type="server"
windows_version="windows-server-2022" ;;
"win2019-hv" )
enterprise_type="server"
windows_version="hyper-v-server-2019" ;;
"win2019-eval" )
enterprise_type="server"
windows_version="windows-server-2019" ;;
@@ -229,7 +272,7 @@ download_windows_eval() {
[[ "$DEBUG" == [Yy1]* ]] && echo "Parsing download page: ${url}"
iso_download_page_html=$(curl --silent --max-time 30 --user-agent "$user_agent" --location --max-filesize 1M --fail --proto =https --tlsv1.2 --http1.1 -- "$url") || {
handle_curl_error $?
handle_curl_error "$?" "Microsoft"
return $?
}
@@ -241,15 +284,15 @@ download_windows_eval() {
[[ "$DEBUG" == [Yy1]* ]] && echo "Getting download link.."
if [[ "$enterprise_type" == "iot" ]]; then
filter="https://go.microsoft.com/fwlink/?linkid=[0-9]\+&clcid=0x[0-9a-z]\+&culture=${culture,,}&country=${country^^}"
else
filter="https://go.microsoft.com/fwlink/p/?LinkID=[0-9]\+&clcid=0x[0-9a-z]\+&culture=${culture,,}&country=${country^^}"
filter="https://go.microsoft.com/fwlink/?linkid=[0-9]\+&clcid=0x[0-9a-z]\+&culture=${culture,,}&country=${country,,}"
if ! echo "$iso_download_page_html" | grep -io "$filter" > /dev/null; then
filter="https://go.microsoft.com/fwlink/p/?linkid=[0-9]\+&clcid=0x[0-9a-z]\+&culture=${culture,,}&country=${country,,}"
fi
iso_download_links=$(echo "$iso_download_page_html" | grep -io "$filter") || {
# This should only happen if there's been some change to the download endpoint web address
if [[ "${lang,,}" == "en" ]] || [[ "${lang,,}" == "en-"* ]]; then
if [[ "${lang,,}" == "en" || "${lang,,}" == "en-"* ]]; then
error "Windows server download page gave us no download link!"
else
language=$(getLanguage "$lang" "desc")
@@ -259,38 +302,72 @@ download_windows_eval() {
}
case "$enterprise_type" in
"iot" | "ltsc" )
case "${PLATFORM,,}" in
"x64" )
if [[ "$windows_version" != "windows-10"* ]]; then
iso_download_link=$(echo "$iso_download_links" | head -n 1)
else
iso_download_link=$(echo "$iso_download_links" | head -n 4 | tail -n 1)
fi ;;
"arm64" )
iso_download_link=$(echo "$iso_download_links" | head -n 2 | tail -n 1) ;;
esac ;;
"enterprise" )
iso_download_link=$(echo "$iso_download_links" | head -n 2 | tail -n 1)
;;
"iot" )
if [[ "${PLATFORM,,}" == "x64" ]]; then
iso_download_link=$(echo "$iso_download_links" | head -n 1)
fi
if [[ "${PLATFORM,,}" == "arm64" ]]; then
iso_download_link=$(echo "$iso_download_links" | head -n 2 | tail -n 1)
fi
;;
"ltsc" )
iso_download_link=$(echo "$iso_download_links" | head -n 4 | tail -n 1)
;;
case "${PLATFORM,,}" in
"x64" )
if [[ "$windows_version" != "windows-10"* ]]; then
iso_download_link=$(echo "$iso_download_links" | head -n 1)
else
iso_download_link=$(echo "$iso_download_links" | head -n 2 | tail -n 1)
fi ;;
"arm64" )
iso_download_link=$(echo "$iso_download_links" | head -n 2 | tail -n 1) ;;
esac ;;
"server" )
iso_download_link=$(echo "$iso_download_links" | head -n 1)
;;
case "${PLATFORM,,}" in
"x64" )
iso_download_link=$(echo "$iso_download_links" | head -n 1) ;;
esac ;;
* )
error "Invalid type specified, value \"$enterprise_type\" is not recognized!" && return 1 ;;
esac
[[ "$DEBUG" == [Yy1]* ]] && echo "Found download link: $iso_download_link"
[ -z "$iso_download_link" ] && error "Could not parse download link from page!" && return 1
# Follow redirect so proceeding log message is useful
# This is a request we make this Fido doesn't
# We don't need to set "--max-filesize" here because this is a HEAD request and the output is to /dev/null anyway
# This is a request we make that Fido doesn't
iso_download_link=$(curl --silent --max-time 30 --user-agent "$user_agent" --location --output /dev/null --silent --write-out "%{url_effective}" --head --fail --proto =https --tlsv1.2 --http1.1 -- "$iso_download_link") || {
# This should only happen if the Microsoft servers are down
handle_curl_error $?
handle_curl_error "$?" "Microsoft"
return $?
}
case "${PLATFORM,,}" in
"x64" )
if [[ "${iso_download_link,,}" != *"x64"* ]]; then
echo "Found download link: $iso_download_link"
error "Download link is for the wrong platform? Please report this at $SUPPORT/issues"
return 1
fi ;;
"arm64" )
if [[ "${iso_download_link,,}" != *"a64"* && "${iso_download_link,,}" != *"arm64"* ]]; then
if [[ "$DEBUG" == [Yy1]* ]]; then
echo "Found download link: $iso_download_link"
echo "Link for ARM platform currently not available!"
fi
return 1
fi ;;
esac
if [[ "$DEBUG" == [Yy1]* && "$VERIFY" == [Yy1]* && "${lang,,}" == "en"* ]]; then
compare=$(getMido "$id" "$lang" "")
if [[ "${iso_download_link,,}" != "${compare,,}" ]]; then
echo "Retrieved link does not match the fixed link: $compare"
fi
fi
MIDO_URL="$iso_download_link"
return 0
}
@@ -305,19 +382,21 @@ getWindows() {
language=$(getLanguage "$lang" "desc")
edition=$(printEdition "$version" "$desc")
local msg="Requesting $desc from Microsoft server..."
local msg="Requesting $desc from the Microsoft servers..."
info "$msg" && html "$msg"
case "${version,,}" in
"win2008r2" | "win81${PLATFORM,,}-enterprise-eval" | "win11${PLATFORM,,}-enterprise-iot-eval" )
if [[ "${lang,,}" != "en" ]] && [[ "${lang,,}" != "en-"* ]]; then
"win2008r2" | "win81${PLATFORM,,}"* | "win10${PLATFORM,,}-enterprise"* | \
"win11${PLATFORM,,}-enterprise-iot"* | "win11${PLATFORM,,}-enterprise-ltsc"* )
if [[ "${lang,,}" != "en" && "${lang,,}" != "en-"* ]]; then
error "No download in the $language language available for $edition!"
MIDO_URL="" && return 1
fi ;;
esac
case "${version,,}" in
"win11${PLATFORM,,}-enterprise-iot-eval" ) ;;
"win11${PLATFORM,,}" ) ;;
"win11${PLATFORM,,}-enterprise"* ) ;;
* )
if [[ "${PLATFORM,,}" != "x64" ]]; then
error "No download for the ${PLATFORM^^} platform available for $edition!"
@@ -326,26 +405,54 @@ getWindows() {
esac
case "${version,,}" in
"win81${PLATFORM,,}" | "win10${PLATFORM,,}" | "win11${PLATFORM,,}" )
"win11${PLATFORM,,}" )
download_windows "$version" "$lang" "$edition" && return 0
;;
"win11${PLATFORM,,}-enterprise"* | "win10${PLATFORM,,}-enterprise"* )
"win11${PLATFORM,,}-enterprise"* )
download_windows_eval "$version" "$lang" "$edition" && return 0
;;
"win2025-eval" | "win2022-eval" | "win2019-eval" | "win2016-eval" | "win2012r2-eval" )
"win2025-eval" | "win2022-eval" | "win2019-eval" | "win2019-hv" | "win2016-eval" | "win2012r2-eval" )
download_windows_eval "$version" "$lang" "$edition" && return 0
;;
"win81${PLATFORM,,}-enterprise-eval" )
MIDO_URL="https://download.microsoft.com/download/B/9/9/B999286E-0A47-406D-8B3D-5B5AD7373A4A/9600.17050.WINBLUE_REFRESH.140317-1640_X64FRE_ENTERPRISE_EVAL_EN-US-IR3_CENA_X64FREE_EN-US_DV9.ISO" && return 0
;;
"win2008r2" )
MIDO_URL="https://download.microsoft.com/download/4/1/D/41DEA7E0-B30D-4012-A1E3-F24DC03BA1BB/7601.17514.101119-1850_x64fre_server_eval_en-us-GRMSXEVAL_EN_DVD.iso" && return 0
"win2008r2" | "win81${PLATFORM,,}"* | "win10${PLATFORM,,}-enterprise"* )
;;
* ) error "Invalid VERSION specified, value \"$version\" is not recognized!" ;;
esac
MIDO_URL=""
return 1
MIDO_URL=$(getMido "$version" "$lang" "")
[ -z "$MIDO_URL" ] && return 1
return 0
}
getBuild() {
local id="$1"
local ret="$2"
local url=""
local name=""
local build="$3"
local edition=""
local file="catalog.xml"
case "${id,,}" in
"win11${PLATFORM,,}" )
name="Windows 11 Pro"
url="https://worproject.com/dldserv/esd/getcatalog.php?build=${build}&arch=${PLATFORM^^}&edition=Professional" ;;
"win11${PLATFORM,,}-enterprise" | "win11${PLATFORM,,}-enterprise-eval")
name="Windows 11 Enterprise"
url="https://worproject.com/dldserv/esd/getcatalog.php?build=${build}&arch=${PLATFORM^^}&edition=Enterprise" ;;
esac
case "${ret,,}" in
"url" ) echo "$url" ;;
"file" ) echo "$file" ;;
"name" ) echo "$name" ;;
"edition" ) echo "$edition" ;;
*) echo "";;
esac
return 0
}
getCatalog() {
@@ -355,6 +462,12 @@ getCatalog() {
local url=""
local name=""
local edition=""
local file="catalog.cab"
if [[ "${id,,}" == "win11"* ]] && ! isCompatible; then
# ARMv8.0 cannot run Windows 11 builds 24H2 and up.
getBuild "$1" "$2" "22631.2861" && return 0
fi
case "${id,,}" in
"win11${PLATFORM,,}" )
@@ -377,8 +490,9 @@ getCatalog() {
case "${ret,,}" in
"url" ) echo "$url" ;;
"file" ) echo "$file" ;;
"name" ) echo "$name" ;;
"edition" ) echo "$edition" ;;
"edition" ) echo '[Edition="'"${edition}"'"]' ;;
*) echo "";;
esac
@@ -391,82 +505,132 @@ getESD() {
local version="$2"
local lang="$3"
local desc="$4"
local file
local result
local culture
local language
local editionName
local winCatalog size
local edition
local catalog
file=$(getCatalog "$version" "file")
catalog=$(getCatalog "$version" "url")
culture=$(getLanguage "$lang" "culture")
winCatalog=$(getCatalog "$version" "url")
editionName=$(getCatalog "$version" "edition")
edition=$(getCatalog "$version" "edition")
if [ -z "$winCatalog" ] || [ -z "$editionName" ]; then
if [ -z "$file" ] || [ -z "$catalog" ]; then
error "Invalid VERSION specified, value \"$version\" is not recognized!" && return 1
fi
local msg="Downloading product information from Microsoft server..."
local msg="Downloading catalog..."
info "$msg" && html "$msg"
rm -rf "$dir"
mkdir -p "$dir"
local wFile="catalog.cab"
if ! makeDir "$dir"; then
error "Failed to create directory \"$dir\" !" && return 1
fi
local xFile="products.xml"
local eFile="esd_edition.xml"
local fFile="products_filter.xml"
{ wget "$winCatalog" -O "$dir/$wFile" -q --timeout=30; rc=$?; } || :
{ wget "$catalog" -O "$dir/$file" -q --timeout=30 --no-http-keep-alive; rc=$?; } || :
msg="Failed to download $winCatalog"
msg="Failed to download $catalog"
(( rc == 3 )) && error "$msg , cannot write file (disk full?)" && return 1
(( rc == 4 )) && error "$msg , network failure!" && return 1
(( rc == 8 )) && error "$msg , server issued an error response!" && return 1
(( rc != 0 )) && error "$msg , reason: $rc" && return 1
cd "$dir"
if [[ "$file" == *".xml" ]]; then
mv -f "$dir/$file" "$dir/$xFile"
else
cd "$dir"
if ! cabextract "$file" > /dev/null; then
cd /run
error "Failed to extract $file!" && return 1
fi
if ! cabextract "$wFile" > /dev/null; then
cd /run
error "Failed to extract $wFile!" && return 1
fi
cd /run
fi
if [ ! -s "$dir/$xFile" ]; then
error "Failed to find $xFile in $wFile!" && return 1
error "Failed to find $xFile in $file!" && return 1
fi
local edQuery='//File[Architecture="'${PLATFORM}'"][Edition="'${editionName}'"]'
local edQuery='//File[Architecture="'${PLATFORM,,}'"]'"${edition}"''
result=$(xmllint --nonet --xpath "${edQuery}" "$dir/$xFile" 2>/dev/null)
if [ -z "$result" ]; then
edQuery='//File[Architecture="'${PLATFORM^^}'"]'"${edition}"''
result=$(xmllint --nonet --xpath "${edQuery}" "$dir/$xFile" 2>/dev/null)
if [ -z "$result" ]; then
desc=$(printEdition "$version" "$desc")
language=$(getLanguage "$lang" "desc")
error "No download link available for $desc!" && return 1
fi
fi
echo -e '<Catalog>' > "$dir/$fFile"
xmllint --nonet --xpath "${edQuery}" "$dir/$xFile" >> "$dir/$fFile" 2>/dev/null
echo "$result" >> "$dir/$fFile"
echo -e '</Catalog>'>> "$dir/$fFile"
xmllint --nonet --xpath "//File[LanguageCode=\"${culture,,}\"]" "$dir/$fFile" >"$dir/$eFile"
result=$(xmllint --nonet --xpath "//File[LanguageCode=\"${culture,,}\"]" "$dir/$fFile" 2>/dev/null)
size=$(stat -c%s "$dir/$eFile")
if ((size<20)); then
if [ -z "$result" ]; then
desc=$(printEdition "$version" "$desc")
language=$(getLanguage "$lang" "desc")
error "No download in the $language language available for $desc!" && return 1
fi
echo "$result" > "$dir/$eFile"
local tag="FilePath"
ESD=$(xmllint --nonet --xpath "//$tag" "$dir/$eFile" | sed -E -e "s/<[\/]?$tag>//g")
ESD=$(xmllint --nonet --xpath "//$tag" "$dir/$eFile" | sed -E -e "s/<[\/]?$tag>//g" 2>/dev/null)
if [ -z "$ESD" ]; then
error "Failed to find ESD URL in $eFile!" && return 1
fi
tag="Sha1"
ESD_SUM=$(xmllint --nonet --xpath "//$tag" "$dir/$eFile" | sed -E -e "s/<[\/]?$tag>//g")
ESD_SUM=$(xmllint --nonet --xpath "//$tag" "$dir/$eFile" | sed -E -e "s/<[\/]?$tag>//g" 2>/dev/null)
if [ -z "$ESD_SUM" ]; then
error "Failed to find ESD checksum in $eFile!" && return 1
fi
tag="Size"
ESD_SIZE=$(xmllint --nonet --xpath "//$tag" "$dir/$eFile" | sed -E -e "s/<[\/]?$tag>//g")
ESD_SIZE=$(xmllint --nonet --xpath "//$tag" "$dir/$eFile" | sed -E -e "s/<[\/]?$tag>//g" 2>/dev/null)
if [ -z "$ESD_SIZE" ]; then
error "Failed to find ESD filesize in $eFile!" && return 1
fi
rm -rf "$dir"
return 0
}
isCompressed() {
local file="$1"
case "${file,,}" in
*".7z" | *".zip" | *".rar" | *".lzma" | *".bz" | *".bz2" )
return 0 ;;
esac
return 1
}
verifyFile() {
local iso="$1"
@@ -474,8 +638,10 @@ verifyFile() {
local total="$3"
local check="$4"
if [ -n "$size" ] && [[ "$total" != "$size" ]] && [[ "$size" != "0" ]]; then
warn "The downloaded file has an unexpected size: $total bytes, while expected value was: $size bytes. Please report this at $SUPPORT/issues"
if [ -n "$size" ] && [[ "$total" != "$size" && "$size" != "0" ]]; then
if [[ "$VERIFY" == [Yy1]* || "$DEBUG" == [Yy1]* ]]; then
warn "The downloaded file has a different size ( $total bytes) than expected ( $size bytes). Please report this at $SUPPORT/issues"
fi
fi
local hash=""
@@ -495,10 +661,10 @@ verifyFile() {
fi
if [[ "$hash" == "$check" ]]; then
info "Succesfully verified ISO!" && return 0
info "Successfully verified ISO!" && return 0
fi
error "The downloaded file has an invalid $algo checksum: $hash , while expected value was: $check. Please report this at $SUPPORT/issues"
error "The downloaded file has an unknown $algo checksum: $hash , as the expected value was: $check. Please report this at $SUPPORT/issues"
return 1
}
@@ -510,14 +676,16 @@ downloadFile() {
local size="$4"
local lang="$5"
local desc="$6"
local rc total progress domain dots space folder
local msg="Downloading $desc"
local rc total total_gb progress domain dots agent space folder
rm -f "$iso"
agent=$(get_agent)
if [ -n "$size" ] && [[ "$size" != "0" ]]; then
folder=$(dirname -- "$iso")
space=$(df --output=avail -B 1 "$folder" | tail -n 1)
(( size > space )) && error "Not enough free space left to download file!" && return 1
total_gb=$(formatBytes "$space")
(( size > space )) && error "Not enough free space to download file, only $total_gb left!" && return 1
fi
# Check if running with interactive TTY or redirected to docker log
@@ -527,8 +695,8 @@ downloadFile() {
progress="--progress=dot:giga"
fi
local msg="Downloading $desc"
html "$msg..."
/run/progress.sh "$iso" "$size" "$msg ([P])..." &
domain=$(echo "$url" | awk -F/ '{print $3}')
dots=$(echo "$domain" | tr -cd '.' | wc -c)
@@ -539,43 +707,69 @@ downloadFile() {
fi
info "$msg..."
/run/progress.sh "$iso" "$size" "$msg ([P])..." &
[[ "$DEBUG" == [Yy1]* ]] && echo "Downloading: $url"
{ wget "$url" -O "$iso" -q --timeout=30 --show-progress "$progress"; rc=$?; } || :
{ wget "$url" -O "$iso" --continue -q --timeout=30 --no-http-keep-alive --user-agent "$agent" --show-progress "$progress"; rc=$?; } || :
fKill "progress.sh"
if (( rc == 0 )) && [ -f "$iso" ]; then
total=$(stat -c%s "$iso")
total_gb=$(formatBytes "$total")
if [ "$total" -lt 100000000 ]; then
error "Invalid download link: $url (is only $total bytes?). Please report this issue." && return 1
error "Invalid download link: $url (is only $total_gb ?). Please report this at $SUPPORT/issues" && return 1
fi
! verifyFile "$iso" "$size" "$total" "$sum" && return 1
verifyFile "$iso" "$size" "$total" "$sum" || return 1
isCompressed "$url" && UNPACK="Y"
html "Download finished successfully..." && return 0
fi
msg="Failed to download $url"
(( rc == 3 )) && error "$msg , cannot write file (disk full?)" && return 1
(( rc == 4 )) && error "$msg , network failure!" && return 1
(( rc == 8 )) && error "$msg , server issued an error response!" && return 1
(( rc == 8 )) && error "$msg , server issued an error response! Please report this at $SUPPORT/issues" && return 1
error "$msg , reason: $rc"
return 1
}
delay() {
local i
local delay="$1"
local msg="Will retry in X seconds..."
info "${msg/X/$delay}"
for i in $(seq "$delay" -1 1); do
html "${msg/X/$i}"
sleep 1
done
return 0
}
downloadImage() {
local iso="$1"
local version="$2"
local lang="$3"
local tried="n"
local success="n"
local seconds="5"
local url sum size base desc language
if [[ "${version,,}" == "http"* ]]; then
base=$(basename "$iso")
desc=$(fromFile "$base")
rm -f "$iso"
downloadFile "$iso" "$version" "" "" "" "$desc" && return 0
delay "$seconds"
downloadFile "$iso" "$version" "" "" "" "$desc" && return 0
rm -f "$iso"
return 1
fi
@@ -585,7 +779,7 @@ downloadImage() {
desc=$(printVersion "$version" "")
if [[ "${lang,,}" != "en" ]] && [[ "${lang,,}" != "en-"* ]]; then
if [[ "${lang,,}" != "en" && "${lang,,}" != "en-"* ]]; then
language=$(getLanguage "$lang" "desc")
if ! validVersion "$version" "$lang"; then
desc=$(printEdition "$version" "$desc")
@@ -595,10 +789,24 @@ downloadImage() {
fi
if isMido "$version" "$lang"; then
tried="y"
success="n"
if getWindows "$version" "$lang" "$desc"; then
success="y"
else
delay "$seconds"
getWindows "$version" "$lang" "$desc" && success="y"
fi
if [[ "$success" == "y" ]]; then
size=$(getMido "$version" "$lang" "size" )
sum=$(getMido "$version" "$lang" "sum")
rm -f "$iso"
downloadFile "$iso" "$MIDO_URL" "$sum" "$size" "$lang" "$desc" && return 0
delay "$seconds"
downloadFile "$iso" "$MIDO_URL" "$sum" "$size" "$lang" "$desc" && return 0
rm -f "$iso"
fi
@@ -609,13 +817,25 @@ downloadImage() {
if isESD "$version" "$lang"; then
if [[ "$tried" != "n" ]]; then
info "Failed to download $desc, will try a diferent method now..."
info "Failed to download $desc, will try a different method now..."
fi
tried="y"
success="n"
if getESD "$TMP/esd" "$version" "$lang" "$desc"; then
success="y"
else
delay "$seconds"
getESD "$TMP/esd" "$version" "$lang" "$desc" && success="y"
fi
if [[ "$success" == "y" ]]; then
ISO="${ISO%.*}.esd"
rm -f "$ISO"
downloadFile "$ISO" "$ESD" "$ESD_SUM" "$ESD_SIZE" "$lang" "$desc" && return 0
delay "$seconds"
downloadFile "$ISO" "$ESD" "$ESD_SUM" "$ESD_SIZE" "$lang" "$desc" && return 0
rm -f "$ISO"
ISO="$iso"
@@ -628,12 +848,18 @@ downloadImage() {
url=$(getLink "$i" "$version" "$lang")
if [ -n "$url" ]; then
if [[ "$tried" != "n" ]]; then
info "Failed to download $desc, will try another mirror now..."
fi
tried="y"
size=$(getSize "$i" "$version" "$lang")
sum=$(getHash "$i" "$version" "$lang")
rm -f "$iso"
downloadFile "$iso" "$url" "$sum" "$size" "$lang" "$desc" && return 0
delay "$seconds"
downloadFile "$iso" "$url" "$sum" "$size" "$lang" "$desc" && return 0
rm -f "$iso"
fi
src/power.sh
+34 -19
View File
@@ -1,13 +1,11 @@
#!/usr/bin/env bash
set -Eeuo pipefail
: "${QEMU_TIMEOUT:="110"}" # QEMU Termination timeout
# Configure QEMU for graceful shutdown
QEMU_TERM=""
QEMU_PORT=7100
QEMU_TIMEOUT=110
QEMU_DIR="/run/shm"
QEMU_PID="$QEMU_DIR/qemu.pid"
QEMU_PTY="$QEMU_DIR/qemu.pty"
QEMU_LOG="$QEMU_DIR/qemu.log"
QEMU_OUT="$QEMU_DIR/qemu.out"
@@ -35,7 +33,7 @@ boot() {
grep -Fq "BOOTMGR is missing" "$QEMU_PTY" && fail="y"
fi
if [ -z "$fail" ]; then
info "Windows started succesfully, visit http://localhost:8006/ to view the screen..."
info "Windows started successfully, visit http://127.0.0.1:8006/ to view the screen..."
return 0
fi
fi
@@ -74,40 +72,58 @@ ready() {
finish() {
local pid
local cnt=0
local reason=$1
local pids=(
"/var/run/tpm.pid"
"/var/run/wsdd.pid"
"/var/run/samba/nmbd.pid"
"/var/run/samba/smbd.pid"
)
touch "$QEMU_END"
if [ -s "$QEMU_PID" ]; then
pid=$(<"$QEMU_PID")
error "Forcefully terminating Windows, reason: $reason..."
echo && error "Forcefully terminating Windows, reason: $reason..."
{ kill -15 "$pid" || true; } 2>/dev/null
while isAlive "$pid"; do
sleep 1
cnt=$((cnt+1))
# Workaround for zombie pid
[ ! -s "$QEMU_PID" ] && break
if [ "$cnt" == "5" ]; then
echo && error "QEMU did not terminate itself, forcefully killing process..."
{ kill -9 "$pid" || true; } 2>/dev/null
fi
done
fi
if [ ! -f "$STORAGE/windows.boot" ] && [ -f "$BOOT" ]; then
# Remove CD-ROM ISO after install
if ready; then
touch "$STORAGE/windows.boot"
local file="$STORAGE/windows.boot"
touch "$file"
! setOwner "$file" && error "Failed to set the owner for \"$file\" !"
if [[ "$REMOVE" != [Nn]* ]]; then
rm -f "$BOOT" 2>/dev/null || true
fi
fi
fi
pid="/var/run/tpm.pid"
[ -s "$pid" ] && pKill "$(<"$pid")"
pid="/var/run/wsdd.pid"
[ -s "$pid" ] && pKill "$(<"$pid")"
fKill "smbd"
for pid in "${pids[@]}"; do
if [[ -s "$pid" ]]; then
pKill "$(cat "$pid")"
fi
rm -f "$pid"
done
closeNetwork
@@ -139,7 +155,7 @@ terminal() {
fi
if [ ! -c "$dev" ]; then
dev=$(echo 'info chardev' | nc -q 1 -w 1 localhost "$QEMU_PORT" | tr -d '\000')
dev=$(echo 'info chardev' | nc -q 1 -w 1 localhost "$MON_PORT" | tr -d '\000')
dev="${dev#*serial0}"
dev="${dev#*pty:}"
dev="${dev%%$'\n'*}"
@@ -188,7 +204,7 @@ _graceful_shutdown() {
fi
# Send ACPI shutdown signal
echo 'system_powerdown' | nc -q 1 -w 1 localhost "${QEMU_PORT}" > /dev/null
echo 'system_powerdown' | nc -q 1 -w 1 localhost "$MON_PORT" > /dev/null
local cnt=0
while [ "$cnt" -lt "$QEMU_TIMEOUT" ]; do
@@ -203,7 +219,7 @@ _graceful_shutdown() {
info "Waiting for Windows to shutdown... ($cnt/$QEMU_TIMEOUT)"
# Send ACPI shutdown signal
echo 'system_powerdown' | nc -q 1 -w 1 localhost "${QEMU_PORT}" > /dev/null
echo 'system_powerdown' | nc -q 1 -w 1 localhost "$MON_PORT" > /dev/null
done
@@ -215,8 +231,7 @@ _graceful_shutdown() {
}
SERIAL="pty"
MONITOR="telnet:localhost:$QEMU_PORT,server,nowait,nodelay"
MONITOR+=" -daemonize -D $QEMU_LOG -pidfile $QEMU_PID"
MONITOR="telnet:localhost:$MON_PORT,server,nowait,nodelay -daemonize -D $QEMU_LOG"
_trap _graceful_shutdown SIGTERM SIGHUP SIGINT SIGABRT SIGQUIT
src/samba.sh
+189 -64
View File
@@ -1,103 +1,228 @@
#!/usr/bin/env bash
set -Eeuo pipefail
: "${SAMBA:="Y"}"
: "${SAMBA:="Y"}" # Enable Samba
: "${SAMBA_LEVEL:="1"}" # Logging level
: "${SAMBA_DEBUG:="N"}" # Disable debug
tmp="/tmp/smb"
rm -rf "$tmp"
rm -f /var/run/wsdd.pid
rm -f /var/run/samba/nmbd.pid
rm -f /var/run/samba/smbd.pid
[[ "$SAMBA" == [Nn]* ]] && return 0
[[ "$NETWORK" == [Nn]* ]] && return 0
hostname="host.lan"
interface="dockerbridge"
if [[ "$DHCP" == [Yy1]* ]]; then
socket="$IP"
hostname="$IP"
interface="$VM_NET_DEV"
interfaces="$VM_NET_DEV"
else
hostname="host.lan"
case "${NETWORK,,}" in
"passt" | "slirp" )
interfaces="lo"
socket="127.0.0.1" ;;
*)
socket="$VM_NET_IP"
interfaces="$VM_NET_BRIDGE" ;;
esac
if [ -n "${SAMBA_INTERFACE:-}" ]; then
interfaces+=",$SAMBA_INTERFACE"
fi
fi
share="/shared"
html "Initializing shared folder..."
SAMBA_CONFIG="/etc/samba/smb.conf"
[[ "$DEBUG" == [Yy1]* ]] && echo "Starting Samba daemon..."
if [ ! -d "$share" ] && [ -d "$STORAGE/shared" ]; then
share="$STORAGE/shared"
fi
addShare() {
local dir="$1"
local ref="$2"
local name="$3"
local comment="$4"
local cfg="$5"
local owner=""
mkdir -p "$share"
if [ ! -d "$dir" ]; then
if ! mkdir -p "$dir"; then
error "Failed to create shared folder ($dir)." && return 1
fi
fi
if [ -z "$(ls -A "$share")" ]; then
if ! ls -A "$dir" >/dev/null 2>&1; then
msg="No permission to access shared folder ($dir)."
msg+=" If SELinux is active, you need to add the \":Z\" flag to the bind mount."
error "$msg" && return 1
fi
chmod 777 "$share"
if [ ! -w "$dir" ]; then
msg="shared folder ($dir) is not writeable!"
warn "$msg"
fi
{ echo "--------------------------------------------------------"
echo " $APP for Docker v$(</run/version)..."
echo " For support visit $SUPPORT"
echo "--------------------------------------------------------"
echo ""
echo "Using this folder you can share files with the host machine."
echo ""
echo "To change its location, include the following bind mount in your compose file:"
echo ""
echo " volumes:"
echo " - \"/home/user/example:/shared\""
echo ""
echo "Or in your run command:"
echo ""
echo " -v \"/home/user/example:/shared\""
echo ""
echo "Replace the example path /home/user/example with the desired shared folder."
echo ""
} | unix2dos > "$share/readme.txt"
if [ -z "$(ls -A "$dir")" ]; then
if ! chmod 2777 "$dir"; then
error "Failed to set permissions for directory $dir" && return 1
fi
owner=$(stat -c %u "$dir")
if [[ "$owner" == "0" ]]; then
if ! chown "1000:1000" "$dir"; then
error "Failed to set ownership for directory $dir" && return 1
fi
fi
fi
fi
if [[ "$dir" == "$tmp" ]]; then
{ echo "[global]"
{ echo "--------------------------------------------------------"
echo " $APP for $ENGINE v$(</run/version)..."
echo " For support visit $SUPPORT"
echo "--------------------------------------------------------"
echo ""
echo "Using this folder you can exchange files with the host machine."
echo ""
echo "To select a folder on the host for this purpose, include the following bind mount in your compose file:"
echo ""
echo " volumes:"
echo " - \"./example:${ref}\""
echo ""
echo "Or in your run command:"
echo ""
echo " -v \"\${PWD:-.}/example:${ref}\""
echo ""
echo "Replace the example path ./example with your desired shared folder, which then will become visible here."
echo ""
} | unix2dos > "$dir/readme.txt"
fi
{ echo ""
echo "[$name]"
echo " path = $dir"
echo " comment = $comment"
echo " writable = yes"
echo " guest ok = yes"
echo " guest only = yes"
} >> "$cfg"
return 0
}
{ echo "[global]"
echo " server string = Dockur"
echo " netbios name = $hostname"
echo " workgroup = WORKGROUP"
echo " interfaces = $interface"
echo " interfaces = $interfaces"
echo " bind interfaces only = yes"
echo " socket address = $socket"
echo " security = user"
echo " guest account = nobody"
echo " map to guest = Bad User"
echo " server min protocol = NT1"
echo " follow symlinks = yes"
echo " wide links = yes"
echo " unix extensions = no"
echo " inherit owner = yes"
echo " create mask = 0666"
echo " directory mask = 02777"
echo " force user = root"
echo " force group = root"
echo " force create mode = 0666"
echo " force directory mode = 02777"
echo ""
echo " # disable printing services"
echo " # Disable printing services"
echo " load printers = no"
echo " printing = bsd"
echo " printcap name = /dev/null"
echo " disable spoolss = yes"
echo ""
echo "[Data]"
echo " path = $share"
echo " comment = Shared"
echo " writable = yes"
echo " guest ok = yes"
echo " guest only = yes"
echo " force user = root"
echo " force group = root"
} > "/etc/samba/smb.conf"
} > "$SAMBA_CONFIG"
if ! smbd; then
error "Samba daemon failed to start!"
smbd -i --debug-stdout || true
fi
# Add shared folders
share="/shared"
[ ! -d "$share" ] && [ -d "$STORAGE/shared" ] && share="$STORAGE/shared"
[ ! -d "$share" ] && [ -d "/data" ] && share="/data"
[ ! -d "$share" ] && [ -d "$STORAGE/data" ] && share="$STORAGE/data"
[ ! -d "$share" ] && share="$tmp"
legacy=""
! addShare "$share" "/shared" "Data" "Shared" "$SAMBA_CONFIG" && return 0
if [ -f "$STORAGE/windows.old" ]; then
MT=$(<"$STORAGE/windows.old")
[[ "${MT,,}" == "pc-q35-2"* ]] && legacy="y"
[[ "${MT,,}" == "pc-i440fx-2"* ]] && legacy="y"
fi
if [ -n "$legacy" ]; then
# Enable NetBIOS on Windows XP and lower
if ! nmbd; then
error "NetBIOS daemon failed to start!"
nmbd -i --debug-stdout || true
fi
if [ -d "/shared2" ]; then
addShare "/shared2" "/shared2" "Data2" "Shared" "$SAMBA_CONFIG" || :
else
if [ -d "/data2" ]; then
addShare "/data2" "/shared2" "Data2" "Shared" "$SAMBA_CONFIG" || :
fi
fi
if [ -d "/shared3" ]; then
addShare "/shared3" "/shared3" "Data3" "Shared" "$SAMBA_CONFIG" || :
else
if [ -d "/data3" ]; then
addShare "/data3" "/shared3" "Data3" "Shared" "$SAMBA_CONFIG" || :
fi
fi
# Create directories if missing
mkdir -p /var/lib/samba/sysvol
mkdir -p /var/lib/samba/private
mkdir -p /var/lib/samba/bind-dns
# Try to repair Samba permissions
[ -d /run/samba/msg.lock ] && chmod -R 0755 /run/samba/msg.lock 2>/dev/null || :
[ -d /var/log/samba/cores ] && chmod -R 0700 /var/log/samba/cores 2>/dev/null || :
[ -d /var/cache/samba/msg.lock ] && chmod -R 0755 /var/cache/samba/msg.lock 2>/dev/null || :
rm -f /var/log/samba/log.smbd
if ! smbd -l /var/log/samba; then
SAMBA_DEBUG="Y"
error "Failed to start Samba daemon!"
fi
if [[ "$SAMBA_DEBUG" == [Yy1]* ]]; then
tail -fn +0 /var/log/samba/log.smbd --pid=$$ &
fi
case "${NETWORK,,}" in
"passt" | "slirp" )
return 0 ;;
esac
if [[ "${BOOT_MODE:-}" == "windows_legacy" ]]; then
# Enable NetBIOS on Windows 7 and lower
[[ "$DEBUG" == [Yy1]* ]] && echo "Starting NetBIOS daemon..."
rm -f /var/log/samba/log.nmbd
if ! nmbd -l /var/log/samba; then
SAMBA_DEBUG="Y"
error "Failed to start NetBIOS daemon!"
fi
if [[ "$SAMBA_DEBUG" == [Yy1]* ]]; then
tail -fn +0 /var/log/samba/log.nmbd --pid=$$ &
fi
else
# Enable Web Service Discovery on Vista and up
wsdd -i "$interface" -p -n "$hostname" &
echo "$!" > /var/run/wsdd.pid
[[ "$DEBUG" == [Yy1]* ]] && echo "Starting wsddn daemon..."
rm -f /var/log/wsddn.log
if ! wsddn -i "${interfaces%%,*}" -H "$hostname" --unixd --log-file=/var/log/wsddn.log --pid-file=/var/run/wsdd.pid; then
SAMBA_DEBUG="Y"
error "Failed to start wsddn daemon!"
fi
if [[ "$SAMBA_DEBUG" == [Yy1]* ]]; then
tail -fn +0 /var/log/wsddn.log --pid=$$ &
fi
fi
return 0