Skip to content

Instantly share code, notes, and snippets.

@hunzo

hunzo/README.md

Last active January 21, 2026 04:24
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save hunzo/811481ac897513c661f1cb820fb3af93 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save hunzo/811481ac897513c661f1cb820fb3af93 to your computer and use it in GitHub Desktop.
Download ZIP
Create Win11 Golden Images
Raw
README.md

Create windows11-template golden images

Disable Bitlocker

manage-bde -status C:
manage-bde -off C:
  • Check Bitlocker Status Conversion Status: Fully Decrypted
  • ex.
C:\Windows\System32>manage-bde -status c:
BitLocker Drive Encryption: Configuration Tool version 10.0.26100
Copyright (C) 2013 Microsoft Corporation. All rights reserved.

Volume C: []
[OS Volume]

    Size:                 31.05 GB
    BitLocker Version:    None
    Conversion Status:    Fully Decrypted
    Percentage Encrypted: 0.0%
    Encryption Method:    None
    Protection Status:    Protection Off
    Lock Status:          Unlocked
    Identification Field: None
    Key Protectors:       None Found


C:\Windows\System32>

Create file C:\Windows\System32\Sysprep\unattend.xml

<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend"
          xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

  <settings pass="oobeSystem">
    <component name="Microsoft-Windows-International-Core"
               processorArchitecture="amd64"
               publicKeyToken="31bf3856ad364e35"
               language="neutral"
               versionScope="nonSxS">

      <!-- Thai Kedmanee + US -->
      <InputLocale>041e:0000041e;0409:00000409</InputLocale>
      <SystemLocale>th-TH</SystemLocale>
      <UILanguage>en-US</UILanguage>
      <UILanguageFallback>en-US</UILanguageFallback>
      <UserLocale>th-TH</UserLocale>
    </component>

    <component name="Microsoft-Windows-Shell-Setup"
               processorArchitecture="amd64"
               publicKeyToken="31bf3856ad364e35"
               language="neutral"
               versionScope="nonSxS">

      <TimeZone>Asia/Bangkok</TimeZone>

      <OOBE>
        <HideEULAPage>true</HideEULAPage>
        <SkipUserOOBE>true</SkipUserOOBE>
        <SkipMachineOOBE>true</SkipMachineOOBE>
      </OOBE>

      <UserAccounts>
        <LocalAccounts>
          <LocalAccount wcm:action="add">
            <Name>your_local_admin_account</Name>
            <Group>Administrators</Group>
            <Password>
              <Value>your_local_admin_password</Value>
              <PlainText>true</PlainText>
            </Password>
          </LocalAccount>
        </LocalAccounts>
      </UserAccounts>

    </component>
  </settings>

</unattend>

Run Sysprep

cd C:\Windows\System32\Sysprep\
sysprep /generalize /oobe /shutdown

Join AD

Rename-Computer -NewName your_new_computer_name
Restart-Computer
Add-Computer -DomainName your_domain.local
Restart-Computer

Ref: Auto Generate unattend.xml

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment