Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
# Create the vagrant box
# username: vagrant, password: vagrant
# Disable popups when installing software
reg add HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /d 0 /t REG_DWORD /f /reg:64
# Set network connection profile to private -- necessary to setup winrm
# Get-NetConnectionProfile will output the current Name
Set-NetConnectionProfile -Name Network -NetworkCategory Private
# Set up winrm
# use `winrm get winrm/config` to see current values
winrm quickconfig -q
winrm set winrm/config '@{MaxTimeoutms="1800000"}'
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
winrm set winrm/config/service/auth '@{Basic="true"}'
# Start winrm automatically on boot
# Note that the executable is fully speciefied and the space between = and auto
.\sc.exe config WinRM start= auto
# Set unrestricted execution policy in powershell
Set-ExecutionPolicy -ExecutionPolicy Unrestricted
# Allow powershell remote access (not necessary, already done?)
Enable-PSRemoting -Force
# Enable remote access to computer
# Can be done by looking for "allow remote access" in Cortana
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
# Disable Network Level Authentication
# Not sure the following is completely sufficient, compared to cliking in GUI
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v UserAuthentication /t REG_DWORD /d 0 /f
# Install all updates --- by clickety clicks
# Or by first installing a power shell module manager
(new-object Net.WebClient).DownloadString("http://psget.net/GetPsGet.ps1") | iex
# then installing PSWindowsUpdate
Install-Module -ModuleUrl https://gallery.technet.microsoft.com/scriptcenter/2d191bcd-3308-4edd-9de2-88dff796b0bc/file/41459/43/PSWindowsUpdate.zip
# then running it
Get-WUInstall
# at which point, it might want to reboot
# disable auto reboot after windows update
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /v NotAutoRebootWithLoggedOnUsers /t REG_DWORD /v 1 /f
# clean up the drive: this requires clickety clicks
cleanmgr.exe /d c
# install chocolatey
(new-object Net.WebClient).DownloadString("https://chocolatey.org/install.ps1") | iex
# install secure delete
choco install -y sdelete
# zero out free space. Apparently, that's goot for disk optimization.
sdelete.exe -z c:
# -*- mode: ruby -*-
# vi: set ft=ruby :
# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure(2) do |config|
config.vm.guest = :windows
config.vm.communicator = "winrm"
config.vm.boot_timeout = 600
config.vm.graceful_halt_timeout = 600
# Create a forwarded port mapping which allows access to a specific port
# within the machine from a port on the host machine. In the example below,
# accessing "localhost:8080" will access port 80 on the guest machine.
# config.vm.network "forwarded_port", guest: 80, host: 8080
config.vm.network :forwarded_port, guest: 3389, host: 3389
config.vm.network :forwarded_port, guest: 5985, host: 5985, id: "winrm", auto_correct: true
config.vm.provider "virtualbox" do |vb|
vb.name = "EppiReviewer"
end
end
# Packaging the base box can be done with
# vagrant package --base VirtualBoxVMName --output /path/to/output/windows.box --vagrantfile /path/to/initial/Vagrantfile
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment