adilio · February 24, 2019 09:33
diff --git a/bootstrap.bat b/bootstrap.bat
 @echo off
 if "%1%" == "precustomization" (
 echo No pre-customization tasks to run
 ) else if "%1%" == "postcustomization" (
 echo Running post-customization tasks
 reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f
 reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f
 reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v EnableLUA /t REG_DWORD /d 0 /f
 reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
 netsh advfirewall firewall set rule group="Remote Desktop" new enable=yes
 (
 echo powershell.exe -ExecutionPolicy Bypass -Command "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-WebRequest -Uri https://script-url/Set-Preliminaries.ps1 -OutFile C:\Users\Public\Desktop\Set-Preliminaries.ps1"
 echo powershell.exe -ExecutionPolicy Bypass -Command C:\Users\Public\Desktop\Set-Preliminaries.ps1
 ) > C:\Users\Administrator\Desktop\Step1_RunAsAdmin.bat
 (
 echo powershell.exe -ExecutionPolicy Bypass -Command "Enable-PSRemoting -Force"
 echo reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" /f /v WinRMHTTPS /t REG_SZ /d "winrm quickconfig -quiet -transport:https"
 echo powershell.exe -ExecutionPolicy Bypass -Command "Write-Host "`nPLEASE RESTART MACHINE!`n" -ForegroundColor Red"
 echo powershell.exe -ExecutionPolicy Bypass -Command "Restart-Computer -Confirm"
 ) > C:\Users\Public\Desktop\Step2_RunAsAdmin_AfterDomainJoin.bat
 )
	@echo off
	if "%1%" == "precustomization" (
	echo No pre-customization tasks to run
	) else if "%1%" == "postcustomization" (
	echo Running post-customization tasks
	reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f
	reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f
	reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v EnableLUA /t REG_DWORD /d 0 /f
	reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
	netsh advfirewall firewall set rule group="Remote Desktop" new enable=yes
	(
	echo powershell.exe -ExecutionPolicy Bypass -Command "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-WebRequest -Uri https://script-url/Set-Preliminaries.ps1 -OutFile C:\Users\Public\Desktop\Set-Preliminaries.ps1"
	echo powershell.exe -ExecutionPolicy Bypass -Command C:\Users\Public\Desktop\Set-Preliminaries.ps1
	) > C:\Users\Administrator\Desktop\Step1_RunAsAdmin.bat
	(
	echo powershell.exe -ExecutionPolicy Bypass -Command "Enable-PSRemoting -Force"
	echo reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" /f /v WinRMHTTPS /t REG_SZ /d "winrm quickconfig -quiet -transport:https"
	echo powershell.exe -ExecutionPolicy Bypass -Command "Write-Host "`nPLEASE RESTART MACHINE!`n" -ForegroundColor Red"
	echo powershell.exe -ExecutionPolicy Bypass -Command "Restart-Computer -Confirm"
	) > C:\Users\Public\Desktop\Step2_RunAsAdmin_AfterDomainJoin.bat
	)