Created
August 17, 2020 15:03
-
-
Save d4rkeagle65/56ccb534af687d706e0d9409ca20d9bf to your computer and use it in GitHub Desktop.
Server-SetupForVMToAzureMigration.ps1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sfc /scannow | |
netsh.exe winhttp reset proxy | |
Set-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\TimeZoneInformation -Name RealTimeIsUniversal -Value 1 -Type DWord -Force | |
Set-Service -Name w32time -StartupType Automatic | |
powercfg.exe /setactive SCHEME_MIN | |
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\Environment' -Name TEMP -Value "%SystemRoot%\TEMP" -Type ExpandString -Force | |
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\Environment' -Name TMP -Value "%SystemRoot%\TEMP" -Type ExpandString -Force | |
Get-Service -Name BFE, Dhcp, Dnscache, IKEEXT, iphlpsvc, nsi, mpssvc, RemoteRegistry | | |
Where-Object StartType -ne Automatic | | |
Set-Service -StartupType Automatic | |
Get-Service -Name Netlogon, Netman, TermService | | |
Where-Object StartType -ne Manual | | |
Set-Service -StartupType Manual | |
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server' -Name fDenyTSConnections -Value 0 -Type DWord -Force | |
Set-ItemProperty -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services' -Name fDenyTSConnections -Value 0 -Type DWord -Force | |
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\Winstations\RDP-Tcp' -Name PortNumber -Value 3389 -Type DWord -Force | |
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\Winstations\RDP-Tcp' -Name LanAdapter -Value 0 -Type DWord -Force | |
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -Name UserAuthentication -Value 1 -Type DWord -Force | |
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -Name SecurityLayer -Value 1 -Type DWord -Force | |
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -Name fAllowSecProtocolNegotiation -Value 1 -Type DWord -Force | |
Set-ItemProperty -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services' -Name KeepAliveEnable -Value 1 -Type DWord -Force | |
Set-ItemProperty -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services' -Name KeepAliveInterval -Value 1 -Type DWord -Force | |
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\Winstations\RDP-Tcp' -Name KeepAliveTimeout -Value 1 -Type DWord -Force | |
Set-ItemProperty -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services' -Name fDisableAutoReconnect -Value 0 -Type DWord -Force | |
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\Winstations\RDP-Tcp' -Name fInheritReconnectSame -Value 1 -Type DWord -Force | |
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\Winstations\RDP-Tcp' -Name fReconnectSame -Value 0 -Type DWord -Force | |
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\Winstations\RDP-Tcp' -Name MaxInstanceCount -Value 4294967295 -Type DWord -Force | |
if ((Get-Item -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp').Property -contains 'SSLCertificateSHA1Hash') | |
{ | |
Remove-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -Name SSLCertificateSHA1Hash -Force | |
} | |
Set-NetFirewallProfile -Profile Domain, Public, Private -Enabled True | |
Enable-PSRemoting -Force | |
Set-NetFirewallRule -DisplayName 'Windows Remote Management (HTTP-In)' -Enabled True | |
Set-NetFirewallRule -DisplayGroup 'Remote Desktop' -Enabled True | |
Set-NetFirewallRule -DisplayName 'File and Printer Sharing (Echo Request - ICMPv4-In)' -Enabled True | |
New-NetFirewallRule -DisplayName AzurePlatform -Direction Inbound -RemoteAddress 168.63.129.16 -Profile Any -Action Allow -EdgeTraversalPolicy Allow | |
New-NetFirewallRule -DisplayName AzurePlatform -Direction Outbound -RemoteAddress 168.63.129.16 -Profile Any -Action Allow | |
chkdsk.exe /f | |
bcdedit.exe /set "{bootmgr}" integrityservices enable | |
bcdedit.exe /set "{default}" device partition=C: | |
bcdedit.exe /set "{default}" integrityservices enable | |
bcdedit.exe /set "{default}" recoveryenabled Off | |
bcdedit.exe /set "{default}" osdevice partition=C: | |
bcdedit.exe /set "{default}" bootstatuspolicy IgnoreAllFailures | |
#Enable Serial Console Feature | |
bcdedit.exe /set "{bootmgr}" displaybootmenu yes | |
bcdedit.exe /set "{bootmgr}" timeout 5 | |
bcdedit.exe /set "{bootmgr}" bootems yes | |
bcdedit.exe /ems "{current}" ON | |
bcdedit.exe /emssettings EMSPORT:1 EMSBAUDRATE:115200 | |
# Set up the guest OS to collect a kernel dump on an OS crash event | |
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\CrashControl' -Name CrashDumpEnabled -Type DWord -Force -Value 2 | |
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\CrashControl' -Name DumpFile -Type ExpandString -Force -Value "%SystemRoot%\MEMORY.DMP" | |
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\CrashControl' -Name NMICrashDump -Type DWord -Force -Value 1 | |
# Set up the guest OS to collect user mode dumps on a service crash event | |
$key = 'HKLM:\SOFTWARE\Microsoft\Windows\Windows Error Reporting\LocalDumps' | |
if ((Test-Path -Path $key) -eq $false) {(New-Item -Path 'HKLM:\SOFTWARE\Microsoft\Windows\Windows Error Reporting' -Name LocalDumps)} | |
New-ItemProperty -Path $key -Name DumpFolder -Type ExpandString -Force -Value 'C:\CrashDumps' | |
New-ItemProperty -Path $key -Name CrashCount -Type DWord -Force -Value 10 | |
New-ItemProperty -Path $key -Name DumpType -Type DWord -Force -Value 2 | |
Set-Service -Name WerSvc -StartupType Manual | |
winmgmt.exe /verifyrepository | |
%windir%\system32\sysprep\sysprep.exe |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment