Last active
July 9, 2016 00:30
-
-
Save dwoz/ca479755d56aef59a4348f9f83553de0 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
param( | |
[Parameter(Mandatory=$true)] | |
[string] | |
$AdminPassword | |
) | |
Set-StrictMode -Version Latest | |
Set-ExecutionPolicy -executionpolicy remotesigned -force | |
$pstoolsUrl="https://download.sysinternals.com/files/PSTools.zip" | |
echo "Set Password" | |
net user Administrator $AdminPassword | |
$User = "Administrator" | |
$PWord = ConvertTo-SecureString -String $AdminPassword -AsPlainText -Force | |
$Credential = New-Object -TypeName "System.Management.Automation.PSCredential" -ArgumentList $User, $Pword | |
#DISM /Online /Enable-Feature /FeatureName:MicrosoftWindowsPowerShell /FeatureName:ServerManager-PSH-Cmdlets /FeatureName:BestPractices-PSH-Cmdlets | |
#DISM /Online /Enable-Feature /FeatureName:NetFx2-ServerCore /FeatureName:NetFx2-ServerCore-WOW64 /FeatureName:NetFx3-ServerCore /FeatureName:NetFx3-ServerCore-WOW64 | |
echo "Allow Administrator Access to WinRM" | |
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f | |
#echo "WinRm Quick Config" | |
$script=@" | |
winrm quickconfig -quiet | |
winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="1024"}' | |
winrm set winrm/config '@{MaxTimeoutms="1800000"}' | |
winrm set winrm/config/service/auth '@{Basic="true"}' | |
winrm set winrm/config/service '@{AllowUnencrypted="true"}' | |
net stop winrm | |
sc config winrm start= auto | |
net start winrm | |
"@ | |
$script | Out-File -Encoding ascii C:\winrm.cmd | |
$dt=(Get-Date) | |
$hr=$dt.hour | |
$mn=$dt.minute + 1 | |
$hr="{0:D2}" -f $hr | |
$mn="{0:D2}" -f $mn | |
$cmd="schtasks.exe /F /Create /RU system /sc once /ST ${hr}:${mn} /tr `"cmd /c C:\winrm.cmd > C:\winrm.txt 2>&1`" /tn WinRM" | |
echo $cmd | |
Invoke-Expression -Command ($cmd) | |
#Invoke-Command -ScriptBlock {cmd /c 'winrm qc -q'} -Credential $Credential -Computername localhost | |
#Invoke-Command -ScriptBlock {winrm set winrm/config/winrs `@`{MaxMemoryPerShellMB=`"`1024`"`}} -Credential $Credential -Comuptername localhost | |
#Invoke-Command -ScriptBlock {winrm set winrm/config `@`{MaxTimeoutms=`"`1800000`"`}} -Credential $Credential -Computername localhost | |
#Invoke-Command -ScriptBlock {winrm set winrm/config/service `@`{AllowUnencrypted=`"`true`"`}} -Credential $Credential -Comuptername localhost | |
#Invoke-Command -ScriptBlock {winrm set winrm/config/service/auth `@`{Basic=`"`true`"`}} -Credential $Credential -Computername localhost | |
echo "Create Firewall Rules" | |
netsh advfirewall firewall add rule name="WinRM 5985" protocol=TCP dir=in localport=5985 action=allow | |
netsh advfirewall firewall add rule name="WinRM 5986" protocol=TCP dir=in localport=5986 action=allow | |
netsh advfirewall firewall add rule name="SMB 445" protocol=TCP dir=in localport=445 action=allow |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment