DanHam/bootstrap_win_ADAPTED_UAC.ps1

## bootstrap_win_ADAPTED_UAC.ps1
# Set administrator password
net user Administrator SuperS3cr3t!
wmic useraccount where "name='Administrator'" set PasswordExpires=FALSE

# Turn off PowerShell execution policy restrictions
Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope LocalMachine

# First, make sure WinRM can't be connected to
netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new enable=yes action=block

# Delete any existing WinRM listeners
winrm delete winrm/config/listener?Address=*+Transport=HTTP  2>$Null
winrm delete winrm/config/listener?Address=*+Transport=HTTPS 2>$Null

# Create a new WinRM listener and configure
winrm create winrm/config/listener?Address=*+Transport=HTTP
winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="0"}'
winrm set winrm/config '@{MaxTimeoutms="7200000"}'
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
winrm set winrm/config/service '@{MaxConcurrentOperationsPerUser="12000"}'
winrm set winrm/config/service/auth '@{Basic="true"}'
winrm set winrm/config/client/auth '@{Basic="true"}'

# Configure UAC to allow privilege elevation in remote shells
$Key = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System'
$Setting = 'LocalAccountTokenFilterPolicy'
Set-ItemProperty -Path $Key -Name $Setting -Value 1 -Force

# Configure and restart the WinRM Service; Enable the required firewall exception
Stop-Service -Name WinRM
Set-Service -Name WinRM -StartupType Automatic
netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new action=allow
Start-Service -Name WinRM
	# Set administrator password
	net user Administrator SuperS3cr3t!
	wmic useraccount where "name='Administrator'" set PasswordExpires=FALSE

	# Turn off PowerShell execution policy restrictions
	Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope LocalMachine

	# First, make sure WinRM can't be connected to
	netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new enable=yes action=block

	# Delete any existing WinRM listeners
	winrm delete winrm/config/listener?Address=*+Transport=HTTP 2>$Null
	winrm delete winrm/config/listener?Address=*+Transport=HTTPS 2>$Null

	# Create a new WinRM listener and configure
	winrm create winrm/config/listener?Address=*+Transport=HTTP
	winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="0"}'
	winrm set winrm/config '@{MaxTimeoutms="7200000"}'
	winrm set winrm/config/service '@{AllowUnencrypted="true"}'
	winrm set winrm/config/service '@{MaxConcurrentOperationsPerUser="12000"}'
	winrm set winrm/config/service/auth '@{Basic="true"}'
	winrm set winrm/config/client/auth '@{Basic="true"}'

	# Configure UAC to allow privilege elevation in remote shells
	$Key = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System'
	$Setting = 'LocalAccountTokenFilterPolicy'
	Set-ItemProperty -Path $Key -Name $Setting -Value 1 -Force

	# Configure and restart the WinRM Service; Enable the required firewall exception
	Stop-Service -Name WinRM
	Set-Service -Name WinRM -StartupType Automatic
	netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new action=allow
	Start-Service -Name WinRM