Building up a learning lab based on Windows 8 and Hyper-V, Part IV

Installing your Virtual Machine Windows Server 2012 Virtual Machine

This is a multi-part series that starts here: http://blogs.technet.com/b/jeff_stokes/archive/2013/04/15/building-up-a-learning-lab-based-on-windows-8-and-hyper-v.aspx

So in the previous post we modified our virtual machine, now we’re going to start it up and run through the installation process.  So double-click that bad boy in the hyper-v manager and lets roll!

image

As you can see, the machine is turned off.  So lets fire it up and turn it on.  Click the green button!

image

 

If you’ve never stood up a Windows Server 2012 before, welcome!  If you have, well, welcome?!

 

Click next!

 

image

Now click “Install now”.

 

image

Put in your product key.  (this blog is assuming an audience of MDN/TechNet subscribers with a license for a lab).  Note if your license file is in your clipboard, you cannot paste it into this field.  The reason for this is the WinPE session currently running is not Hyper-Visor enlightened.  So to put your clipboard into the VM click at the top of the window and select “Clipboard” and select “Type clipboard text”.

Now that the licensing is out of the way, what edition and whatnot does your key provide you?  Core or Non-Core install?  Select on the screen and click next.  For the novice/intermediate user I recommend you stand up a non-core host (Server with a GUI).

 

image

Next we have the EULA / Licensing screen.  Provided you accept, check the box and hit next.

 

image

And here we have the installation type screen.  Note we want the Custom Option, default is “upgrade”..

image

Do take note here.  Although in Windows Explorer, the hard drive (vhdx file) for this VM is only 4 MB, here it detects as 127 GB.

 

image

Click Next here as we want Windows Server 2012 to format the whole volume.  Now let Windows Server 2012 install as below.  Do note that the Hyper-V additions (Integration Components/Enlightenments/etc.) come native with Windows Server 2012 and Windows 8.

 

image

While this runs on your host, pat yourself on the back, you’ve just started a Windows Server 2012 install on your Windows 8 machine.  Yay!

Next, how to configure the Domain Controller!

Building up a learning lab based on Windows 8 and Hyper-V, Part III

Modifying a Virtual Machine

This is a multi-part series that starts here:  http://blogs.technet.com/b/jeff_stokes/archive/2013/04/15/building-up-a-learning-lab-based-on-windows-8-and-hyper-v.aspx

In the previous blog post we created a virtual machine named “Great Lyrics”.  We’re going to modify that virtual machine as the default settings are fairly low power and the Dude is all about performance.  So in your virtual machine management console, right click your new shiny virtual machine and select “settings”.

 

image

 

This may be intimidating at first, lots of options, but I think you’ll find most of them are fine with the default values and you’ll want to modify them.  The first one you want to modify is “Processor” so click that bad boy now and behold the screen you are presented with:

 

image

Neato tito!  We’ve got a screen.  Lets increase our cores available to the VM to 2 instead of 1.  There are a lot of arguments for and against doing this involving complicated concepts such as CPU scheduling of the physical core and hyper-visor that you would want to take into consideration on a production system so as to not over-over-subscribe the host.  But in a lab I’m more concerned with the VM not taking forever to install and boot and do the work I tell it to do so bump it up please.  You’ll thank me later.  Click “Apply” when you are done.

Now go down to your “DCD Drive” under “IDE Controller 1” and lets connect an ISO for Windows Server 2012 to the VM so we can begin installing Windows Server 2012 on it!

 

image

Apply and OK until you are done with the settings for your DC.

For the next steps click here:  http://blogs.technet.com/b/jeff_stokes/archive/2013/04/18/building-up-a-learning-lab-based-on-windows-8-and-hyper-v-part-iv.aspx

Building up a learning lab based on Windows 8 and Hyper-V, Part II

Creating a Virtual Machine

This is a multi-part series that starts here:  http://blogs.technet.com/b/jeff_stokes/archive/2013/04/15/building-up-a-learning-lab-based-on-windows-8-and-hyper-v.aspx

 

image

So right click your virtual machine host in the Hyper-V Manager console and select “New/Virtual Machine”.  You should be rewarded with a screen like this:

 

image

So lets make a domain controller!  The dude is a fan of old school rap so I’ll give it a fun name as I walk you through the wizard.  By the way this doesn’t HAVE to be the machine name, it can be a friendly name as you see in a moment…

Note:  Some will say you need to store the VM in a different location, etc, etc.  This is a lab, don’t run production here, etc.

:

image

 

In this screen, you can specify the memory available to the VM.  The default is 512 (obviously) but this isn’t really enough for a healthy experience at startup, so I generally set this to 2048 MB of RAM and then check the box for dynamic memory so if a system is not using the memory it frees it up, etc.  Granted, it all depends on how much memory you have in your VM host.

 

image

 

Next we connect (or provide) the virtual network we created in the switch manager to the virtual machine we are creating by using the drop down to select our network we created in the previous blog post.  In retrospect I should have instructed you to name it something other than “New Virtual Switch”…

 

image

Hitting next on that window we proceed to the creation or attachment of a virtual disk to the virtual machine.

 

image

As you can see, the name of the vhdx file is set to the name of the virtual machine, in this instance, “Great Lyrics”.  “Great Lyrics” is getting a 127 GB vdhx by default because that’s well, the default.  Its also a dynamically expanding vhdx.  In production, you’d generally want to specify static sized vhdx files but for a lab, dynamic is quite fine and shouldn’t incur a performance penalty.  Do note if you have a machine, say, with more than one hard drive attached, or even removable storage such as a USB 3 drive, that is certainly an option for storage placement as well.  You may of course attach to an existing static sized vhdx here, as well as skip the step completely by selecting the bottom radio button.  In this example I’ll go with the defaults.  “Great Lyrics” is going to be a domain controller running Windows Server 2012 for my lab environment and I don’t anticipate the disk needing to be much larger than 20-30 GB anyway, and since this is dynamic, it only consumes the size of the data in the disk, not the whole 127 GB, yay!

 

On the next screen of the wizard we have a few options as you can see to install an operating system.

 

image

We may do the default, which is to skip the step entirely, pick a DVD drive or ISO image for installation (which won’t happen exactly now anyway) or use a virtual floppy disk.  As well, if I were not on an airplane flying over the Atlantic ocean with no wifi onboard, we’d have the option to do a network based install using the virtual network (assuming it were bound to a physical network card and was an ‘external’ virtual switch.

Anyway for this page I select “next”, as we are going to make some modifications to the virtual machine after creating it, prior to OS install.  After that we get the window below that shows us what we’ve selected and a finish button.  Congratulations!

 

image

 

Next step is to modify the virtual machine “Great Lyrics” for production use.

 

*Q:  Why did you pick “Great Lyrics” for a name, makes no sense?  A:  Great Lyrics, more than anything else (IMO) make a great rap song.  Lyrics in the 80s and early 90s in particular are really (if you think about it) urban poetry with music.  Not to down play the creation of phat beats, we’ll get to that with other machine names, promise.

Next blog post will be on modifying the virtual machine to make it ‘demo ready’ in the Dudes eyes.

 

http://blogs.technet.com/b/jeff_stokes/archive/2013/04/18/building-up-a-learning-lab-based-on-windows-8-and-hyper-v-part-iii.aspx

Building up a learning lab based on Windows 8 and Hyper-V, Part I

Hello folks, the Dude here, helping you make a learning lab based on a single machine.  From this all things are (pretty much) possible…lets get our learning on now!

Enable Hyper-V in Windows 8:

Pretty straight forward step here.  In the Windows 8 Start Menu type “features” and select settings on the right hand side.  You should now see a short list, including “Turn Windows features on or off”.  Click it and it’ll bring up the view below:

 

image

Check the box for “Hyper-V” so it appears as above and hit “OK”.

If the option is not present or greyed out, then your hardware isn’t configured for Hyper-V or doesn’t support it.  Use this TechNet article to sort out the hardware aspect:  http://social.technet.microsoft.com/wiki/contents/articles/1401.hyper-v-list-of-slat-capable-cpus-for-hosts.aspx

Note that this process will require a reboot to enable.

Hyper-V Manager in Windows 8:

Once Hyper-V is enabled in Windows 8, you have Hyper-V manger available to you:

image

This is a typical Microsoft Management Console.  Click on the host name and see the empty space.  Right click the host name (in this case JS8560W) and select “Virtual Switch Manager”.

 

image

 

Virtual Switch Manager

Lets create a Virtual Network Switch, shall we?  Since I don’t know your environment, I don’t know if we’re going to run into issues building this with external facing connections, so let us stick to an Internal network.  This is a network where the host (our Windows 8 machine in this case) and the guest machines will communicate, but the guests cannot get out onto the hosts network.

 

image

 

So lets click “Create Virtual Switch” so we can get the view below:

 

image

 

For this purpose, the defaults will work great.  So lets click “ok”.  Yay we just made a virtual network for our hosts!

 

For the next installment on making a VM (virtual machine) click here:

 

http://blogs.technet.com/b/jeff_stokes/archive/2013/04/18/building-up-a-learning-lab-based-on-windows-8-and-hyper-v-part-ii.aspx

Hot off the presses, get it now, the Windows 8 VDI optimization script, courtesy of PFE!

Hats off to Carl Luberti!  So, here it is, without further ado….its’ time to start Optimizing!

 

‘ // ========================================================================
  ‘ // Original generated with VDIOptimizer – http://www.autoitscript.com/tools
  ‘ // (c)2010 Jonathan Bennett
  ‘ //
  ‘ // Version:          1.3-Win8
  ‘ // Last Modified:    9th April 2013
  ‘ // Last Modified by: Carl Luberti (MSFT)
  ‘ // Contributions by: Jeff Stokes (MSFT)
  ‘ // ========================================================================

  ‘ // ==============
  ‘ // General Advice
  ‘ // ==============
  ‘
  ‘ Before finalizing the image perform the following tasks:
  ‘ – Ensure no unwanted startup files by using autoruns.exe from SysInternals
  ‘ – Run the Disk Cleanup tool as administrator and delete all temporary files and system restore points (can be automated with this script)
  ‘ – Run disk defrag and consolidate free space: defrag c: /v /x
  ‘ – Reboot the machine 6 times and wait 120 seconds after logging on before performing the next reboot (boot prefetch training)
  ‘ – Run disk defrag and optimize boot files: defrag c: /v /b
  ‘ – If using a dynamic virtual disk, use the vendor’s utilities to perform a "shrink" operation

  ‘ // *************
  ‘ // *  CAUTION  *
  ‘ // *************
  ‘
  ‘ THIS SCRIPT MAKES CONSIDERABLE CHANGES TO THE DEFAULT CONFIGURATION OF WINDOWS.
  ‘
  ‘ Please review this script THOROUGHLY before applying to your virtual machine, and disable changes below as necessary to suit your current
  ‘ environment.
  ‘
  ‘ This script is provided AS-IS – usage of this source assumes that you are at the very least familiar with the vbscript language being used and the
  ‘ tools used to create and debug this file.
  ‘
  ‘ In other words, if you break it, you get to keep the pieces.

  ‘ Constants
Const ForReading = 1
Const Disable_Aero = False
Const Disable_BranchCache = False
Const Disable_EFS = False
Const Disable_iSCSI = False
Const Disable_MachPass = False
Const Disable_Search = False

Const Install_NetFX3 = False
Const NetFX3_Source = "D:\Sources\SxS"

‘ Common objects
  Set oShell = WScript.CreateObject ("WScript.Shell")
  Set oFSO = CreateObject("Scripting.FileSystemObject")
  Set oEnv = oShell.Environment("User")

‘ Command Line Arguments for Some Settings
  Set colNamedArguments = WScript.Arguments.Named

If colNamedArguments.Exists("Aero") Then
     strAero = colNamedArguments.Item("Aero")
  Else
     strAero = Disable_Aero
  End If

If colNamedArguments.Exists("BranchCache") Then
     strBranchCache = colNamedArguments.Item("BranchCache")
  Else
     strBranchCache = Disable_BranchCache
  End If

If colNamedArguments.Exists("EFS") Then
     strEFS = colNamedArguments.Item("EFS")
  Else
     strEFS = Disable_EFS
  End If

If colNamedArguments.Exists("iSCSI") Then
     striSCSI = colNamedArguments.Item("iSCSI")
  Else
     striSCSI = Disable_iSCSI
  End If

If colNamedArguments.Exists("MachPass") Then
     strMachPass = colNamedArguments.Item("MachPass")
  Else
     strMachPass = Disable_MachPass
  End If

If colNamedArguments.Exists("Search") Then
    strSearch = colNamedArguments.Item("Search")
  Else
    strSearch = Disable_Search
  End If

If colNamedArguments.Exists("NetFX3") Then
    strNetFX3 = colNamedArguments.Item("NetFX3")
  Else
    strNetFX3 = Install_NetFX3
  End If

  ‘ First things first – enable RDP Connections!!!
RunWait "WMIC rdtoggle where AllowTSConnections=0 call SetAllowTSConnections 1,1"
RunWait "netsh advfirewall firewall set rule group=" & Chr(34) & "remote desktop" & Chr(34) & " new enable=Yes"

 

‘ // ==================
  ‘ // Configure Services
  ‘ // ==================

‘ Disable Application Layer Gateway Service
RunWait "sc config ALG start= disabled"

‘ Disable Background Intelligent Transfer Service
RunWait "sc config BITS start= disabled"

‘ Disable Bitlocker Drive Encryption Service
RunWait "sc config BDESVC start= disabled"

‘ Disable Block Level Backup Engine Service
RunWait "sc config wbengine start= disabled"

‘ Disable Bluetooth Support Service
RunWait "sc config bthserv start= disabled"

If strBranchCache = True Then
    ‘ Disable BranchCache Service
    RunWait "sc config PeerDistSvc start= disabled"
  End If

‘ Disable Computer Browser Service
RunWait "sc config Browser start= disabled"

‘ Disable Device Association Service
RunWait "sc config DeviceAssociationService start= disabled"

‘ Disable Device Setup Manager Service
RunWait "sc config DsmSvc start= disabled"

‘ Disable Diagnostic Policy Services
RunWait "sc config DPS start= disabled"
RunWait "sc config WdiServiceHost start= disabled"
RunWait "sc config WdiSystemHost start= disabled"

‘ Disable Distributed Link Tracking Client Service
RunWait "sc stop TrkWks"
RunWait "sc config TrkWks start= disabled"

If strEFS = True Then
    ‘ Disable Encrypting File System Service
    RunWait "sc config EFS start= disabled"
  End If

‘ Disable Family Safety Service
RunWait "sc config WPCSvc start= disabled"

‘ Disable Fax Service
RunWait "sc config Fax start= disabled"

‘ Disable Function Discovery Resource Publication Service
RunWait "sc config fdPHost start= disabled"

‘ Disable HomeGroup Listener Service
RunWait "sc config HomeGroupListener start= disabled"

‘ Disable HomeGroup Provider Service
RunWait "sc config HomeGroupProvider start= disabled"

If striSCSI = True Then
    ‘ Disable Microsoft iSCSI Initiator Service
    RunWait "sc config msiscsi start= disabled"
  End If

‘ Disable Microsoft Software Shadow Copy Provider Service
RunWait "sc config swprv start= disabled"

‘ Set Network List Service to Auto
RunWait "sc config netprofm start= auto"

‘ Disable Optimize Drives Service
RunWait "schtasks /change /tn ""microsoft\windows\defrag\ScheduledDefrag"" /disable"
oShell.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction\Enable", "N", "REG_SZ"
RunWait "sc config defragsvc start= disabled"

‘ Disable Secure Socket Tunneling Protocol Service
RunWait "sc config SstpSvc start= disabled"

‘ Disable Sensor Monitoring Service
RunWait "sc config SensrSvc start= disabled"

‘ Disable Shell Hardware Detection Service
RunWait "sc config ShellHWDetection start= disabled"

‘ Disable SNMP Trap Service
RunWait "sc config SNMPTRAP start= disabled"

‘ Disable SSDP Discovery Service
RunWait "sc stop SSDPSRV"
RunWait "sc config SSDPSRV start= disabled"

‘ Disable Telephony Service
RunWait "sc config TapiSrv start= disabled"

If strAero = True Then
    ‘ Disable Themes Service
    RunWait "sc config Themes start= disabled"
  End If

‘ Disable UPnP Device Host Service
RunWait "sc config upnphost start= disabled"

‘ Disable Volume Shadow Copy Service
RunWait "sc config VSS start= disabled"

‘ Disable Windows Backup Service
RunWait "sc config SDRSVC start= disabled"

‘ Disable Windows Color System Service
RunWait "sc config WcsPlugInService start= disabled"

‘ Disable Windows Connect Now – Config Registrar Service
RunWait "sc config wcncsvc start= disabled"

‘ Disable Windows Defender Service
RunWait "schtasks /change /tn ""microsoft\windows\windows Defender\Windows Defender Cache Maintenance"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\windows Defender\Windows Defender Cleanup"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\windows Defender\Windows Defender Scheduled Scan"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\windows Defender\Windows Defender Verification"" /disable"

‘ Disable Windows Error Reporting Service
RunWait "sc config WerSvc start= disabled"

‘ Disable Windows Media Player Network Sharing Service
RunWait "sc config WMPNetworkSvc start= disabled"

‘ Break out Windows Management Instrumentation Service
RunWait "winmgmt /standalonehost"
RunWait "sc config winmgmt group= COM Infrastructure"

‘Disable Windows Search Service
  If strSearch = True Then
    RunWait "sc stop WSearch"
    RunWait "sc config WSearch start= disabled"
  End If

‘ Disable WLAN AutoConfig Service
RunWait "sc config Wlansvc start= disabled"

‘ Disable WWAN AutoConfig Service
RunWait "sc config WwanSvc start= disabled"

 

‘ // ================
  ‘ // MACHINE SETTINGS
  ‘ // ================

‘ Disable Hard disk timeouts
RunWait "POWERCFG /SETACVALUEINDEX 381b4222-f694-41f0-9685-ff5bb260df2e 0012ee47-9041-4b5d-9b77-535fba8b1442 6738e2c4-e8a5-4a42-b16a-e040e769756e 0"
RunWait "POWERCFG /SETDCVALUEINDEX 381b4222-f694-41f0-9685-ff5bb260df2e 0012ee47-9041-4b5d-9b77-535fba8b1442 6738e2c4-e8a5-4a42-b16a-e040e769756e 0"

  ‘ Disable TCP/IP / Large Send Offload
oShell.RegWrite "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DisableTaskOffload", &H00000001, "REG_DWORD"

  ‘ Disable hibernate
RunWait "powercfg -h off"

  ‘ Disable System Restore
  Set objWMIService = GetObject("winmgmts:\\.\root\default")
  Set objItem = objWMIService.Get("SystemRestore")
objItem.Disable("")
RunWait "schtasks /change /tn ""microsoft\windows\SystemRestore\SR"" /disable"
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\SystemRestore\DisableSR", &H00000001, "REG_DWORD"

  ‘ Disable NTFS Last Access Timestamps
RunWait "FSUTIL behavior set disablelastaccess 1"

  If strMachPass = True Then
    ‘ Disable Machine Account Password Changes
    oShell.RegWrite "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\DisablePasswordChange", &H00000001, "REG_DWORD"
  End If

  ‘ Disable memory dumps
oShell.RegWrite "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl\CrashDumpEnabled", &H00000000, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl\LogEvent", &H00000000, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl\SendAlert", &H00000000, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl\AutoReboot", &H00000001, "REG_DWORD"

  ‘ Disable default system screensaver
oShell.RegWrite "HKEY_USERS\.DEFAULT\Control Panel\Desktop\ScreenSaveActive", 0, "REG_DWORD"

  ‘ Increase service startup timeouts
oShell.RegWrite "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ServicesPipeTimeout", &H0002bf20, "REG_DWORD"

  ‘ Increase Disk I/O Timeout to 200 seconds.
oShell.RegWrite "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Disk\TimeOutValue", &H000000C8, "REG_DWORD"

  ‘ Disable Other Scheduled Tasks
RunWait "schtasks /change /tn ""microsoft\windows\Application Experience\AitAgent"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\Application Experience\ProgramDataUpdater"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\Application Experience\StartupAppTask"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\Autochk\Proxy"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\Bluetooth\UninstallDeviceTask"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\Customer Experience Improvement Program\BthSQM"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\Customer Experience Improvement Program\Consolidator"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\Customer Experience Improvement Program\KernelCeipTask"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\Customer Experience Improvement Program\Uploader"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\Customer Experience Improvement Program\UsbCeip"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\Diagnosis\Scheduled"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\Maintenance\WinSAT"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\MobilePC\HotStart"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\Power Efficiency Diagnostic\AnalyzeSystem"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\RAC\RacTask"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\Ras\MobilityManager"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\Registry\RegIdleBackup"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\Shell\FamilySafetyMonitor"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\Shell\FamilySafetyRefresh"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\SideShow\AutoWake"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\SideShow\GadgetManager"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\SideShow\SessionAgent"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\SideShow\SystemDataProviders"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\UPnP\UPnPHostConfig"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\WDI\ResolutionHost"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\Windows Filtering Platform\BfeOnServiceStartTypeChange"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\Windows Media Sharing\UpdateLibrary"" /disable"
RunWait "schtasks /change /tn ""microsoft\windows\WindowsBackup\ConfigNotification"" /disable"

  ‘ Configure Event Logs to 1028KB (Minimum size under Vista/7) and set retention to "overwrite"
  Set oEventLogs = GetObject("winmgmts:{impersonationLevel=impersonate,(Security)}!//./root/cimv2").InstancesOf("Win32_NTEventLogFile")
  For Each e in oEventLogs
    e.MaxFileSize = 1052672
    e.OverWritePolicy = "WhenNeeded"
    e.OverWriteOutdated = 0
    e.Put_
    e.ClearEventLog()
  Next

oShell.RegWrite "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\eventlog\Application\Retention", 0, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\eventlog\Security\Retention", 0, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\eventlog\System\Retention", 0, "REG_DWORD"

  ‘ Set PopUp Error Mode to "Neither"
oShell.RegWrite "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Windows\ErrorMode", 2, "REG_DWORD"

  ‘ Disable bootlog and boot animation
RunWait "bcdedit /set {default} bootlog no"
RunWait "bcdedit /set {default} quietboot yes"

  ‘ Disable UAC secure desktop prompt
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\PromptOnSecureDesktop", &H00000000, "REG_DWORD"

  ‘ Disable New Network dialog
RunWait "reg add HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff"

  ‘ Disable AutoUpdate of drivers from WU
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\DriverSearching\searchorderConfig", 0, "REG_DWORD"

  ‘ Turn off Windows SideShow and install NetFX3
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Sideshow\Disabled", 1, "REG_DWORD"
  If strNetFX3 = True Then
    RunWait "dism /online /Enable-Feature /FeatureName:NetFx3 /All /LimitAccess /Source:" & NetFX3_Source & " /NoRestart"
  End If

‘ Disable IE First Run Wizard and RSS Feeds
oShell.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\DisableFirstRunCustomize", 1, "REG_DWORD"

  ‘ Disable the ability to clear the paging file during shutdown
oShell.RegWrite "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SessionManager\Memory Management\ClearPageFileAtShutdown", 0, "REG_DWORD"

  ‘ Perform a disk cleanup
  ‘ Automate by creating the reg checks corresponding to "cleanmgr /sageset:100" so we can use "sagerun:100"
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Active Setup Temp Folders\StateFlags0100", &H00000002, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Downloaded Program Files\StateFlags0100", &H00000002, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Internet Cache Files\StateFlags0100", &H00000002, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Memory Dump Files\StateFlags0100", &H00000002, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Offline Pages Files\StateFlags0100", &H00000002, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Old ChkDsk Files\StateFlags0100", &H00000002, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Previous Installations\StateFlags0100", &H00000000, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Recycle Bin\StateFlags0100", &H00000002, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Setup Log Files\StateFlags0100", &H00000002, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\System error memory dump files\StateFlags0100", &H00000002, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\System error minidump files\StateFlags0100", &H00000002, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Temporary Files\StateFlags0100", &H00000002, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Temporary Setup Files\StateFlags0100", &H00000002, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Thumbnail Cache\StateFlags0100", &H00000002, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Upgrade Discarded Files\StateFlags0100", &H00000000, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Windows Error Reporting Archive Files\StateFlags0100", &H00000002, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Windows Error Reporting Queue Files\StateFlags0100", &H00000002, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Windows Error Reporting System Archive Files\StateFlags0100", &H00000002, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Windows Error Reporting System Queue Files\StateFlags0100", &H00000002, "REG_DWORD"
oShell.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Windows Upgrade Log Files\StateFlags0100", &H00000002, "REG_DWORD"
RunWait "cleanmgr.exe /sagerun:100"

 

‘ // =============
  ‘ // USER SETTINGS
  ‘ // =============

‘ Reduce menu show delay
oShell.RegWrite "HKEY_CURRENT_USER\Control Panel\Desktop\MenuShowDelay", "0", "REG_SZ"

  ‘ Disable cursor blink
oShell.RegWrite "HKEY_CURRENT_USER\Control Panel\Desktop\CursorBlinkRate", "-1", "REG_SZ"
oShell.RegWrite "HKEY_CURRENT_USER\Control Panel\Desktop\DisableCursorBlink", &H00000001, "REG_DWORD"

  ‘ Force off-screen composition in IE
oShell.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Force Offscreen Composition", &H00000001, "REG_DWORD"

  ‘ Disable screensavers
oShell.RegWrite "HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Control Panel\Desktop\ScreenSaveActive", "0", "REG_SZ"
oShell.RegWrite "HKEY_CURRENT_USER\Control Panel\Desktop\ScreenSaveActive", "0", "REG_SZ"
oShell.RegWrite "HKEY_USERS\.DEFAULT\Control Panel\Desktop\ScreenSaveActive", "0", "REG_SZ"

  ‘ Don’t show window contents when dragging
oShell.RegWrite "HKEY_CURRENT_USER\Control Panel\Desktop\DragFullWindows", "0", "REG_SZ"

  ‘ Don’t show window minimize/maximize animations
oShell.RegWrite "HKEY_CURRENT_USER\Control Panel\Desktop\WindowMetrics\MinAnimate", "0", "REG_SZ"

  ‘ Disable font smoothing
oShell.RegWrite "HKEY_CURRENT_USER\Control Panel\Desktop\FontSmoothing", "0", "REG_SZ"

  ‘ Disable most other visual effects
oShell.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\VisualEffects\VisualFXSetting", &H00000003, "REG_DWORD"
oShell.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewAlphaSelect", &H00000000, "REG_DWORD"
oShell.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\TaskbarAnimations", &H00000000, "REG_DWORD"
oShell.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewWatermark", &H00000000, "REG_DWORD"
oShell.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewShadow", &H00000000, "REG_DWORD"
RegBinWrite "HKEY_CURRENT_USER\Control Panel\Desktop", "UserPreferencesMask", "90,12,01,80"

  ‘ Disable Action Center
oShell.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\HideSCAHealth", &H00000001, "REG_DWORD"

  ‘ Disable IE Persistent Cache
oShell.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Persistent", 0, "REG_DWORD"
oShell.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Feeds\SyncStatus", 0, "REG_DWORD"

  ‘ Done
WScript.Quit

 

 

  ‘ // ================
  ‘ // HELPER FUNCTIONS
  ‘ // ================

Function Run(sFile)
    Run = oShell.Run(sFile, 1, False)
  End Function

  Function RunWait(sFile)
    RunWait = oShell.Run(sFile, 1, True)
  End Function

  Function RunWaitHidden(sFile)
    RunWaitHidden = oShell.Run(sFile, 0, True)
  End Function

  Function IsServer()
    IsServer = False
    On Error Resume Next
    For Each objOS in GetObject("winmgmts:").InstancesOf ("Win32_OperatingSystem")
        If objOS.ProductType = 1 Then IsServer = False
        If objOS.ProductType = 2 Or ObjOS.ProductType = 3 Then IsServer = True
    Next
  End Function

  Sub RegBinWrite (key, value, data)
    key = "[" & key & "]"

    If value <> "@" then
        value = chr(34) & value & chr(34)
    End if

    valString = value & "=" & "hex:" & data

    tempFile = GetTempDir() & "\regbinaryimport.reg"
    Set txtStream = oFSO.CreateTextFile(tempFile,true)
    txtStream.WriteLine("Windows Registry Editor Version 5.00")
    txtStream.WriteLine(key)
    txtStream.WriteLine(valString)
    txtStream.Close

    oShell.Run "regedit.exe /s """ & tempFile & """", 1, true

    oFSO.DeleteFile tempFile
  End Sub

  Function GetTEMPDir()
    GetTEMPDir = oEnv("TEMP")
    If InStr(GetTEMPDir, "%") Then
        GetTEMPDir = oShell.ExpandEnvironmentStrings(GetTEMPDir)
    End If
  End Function

 

Disclaimed:  If none of this makes sense to you, you probably shouldn’t be doing it.  All liability is the property of the person applying it.  If you break it you get to keep the pieces….

Windows 8 Tip o the Day!–Windows Defender All Grown Up

Today’s Tip… by Robert Mitchell!

While Windows Defender has been available for a while (first available with Windows Vista), for a time it was simply an antispyware program.  When Windows 8 released, it carried with it a beefier version of Windows Defender that was a full-fledged antivirus program.

clip_image002

Its features include (but are not limited to)…

· Real time protection

· Automatic updates for its definitions file

· Integration with IE