github:https://github.com/m2nlight/WindowsServerToWindowsDesktop

下载:https://github.com/m2nlight/WindowsServerToWindowsDesktop/archive/master.zip

它的功能是自动启动音频服务、允许未登录关机、禁用Ctrl+Alt+Del登录系统、禁用关机时要求输入关机原因、CPU性能优秀程序、IE安全策略、登录时不现实服务器管理器、禁用密码混淆和长度要求、当前用户密码永不过期,安装Bitlocker、Direct-Play、无线网络、优质Windows音视频体验组件。

  • Config Service

    • [Automatic] Windows Audio
    • [Automatic] Windows Audio Endpoint Builder
    • [Manual] Windows Remote Management (WS-Management)

  • Config Registry and GroupPolicy

    • Enable Shutdown without logon
    • Disable Shutdown reason On
    • No Lock Screen
    • Disable Ctrl+Alt+Del login
    • Disable UAC
    • Disable DEP (Turn on DEP for essential Windows programs and services only)
    • Disable SEHOP
    • Enable disk performance counters
    • Enable Video Hardware Acceleration (Thanks @cjrcl)
    • Enable Audio Hardware Acceleration
    • CPU Priority for Program
    • Adjust Visual Effects (Manual)
    • Adjust IE MaxConnection
    • IE Security Policy
    • Disable TCP Auto-Tuning
    • Change Power Scheme To High Performance
    • No Autorun Server Manager
    • Disable Password complexity and Minimum password length
    • Current user Password never expires
    • Disable Application Experience task schedulers
    • Disable Customer Experience Improvement Program task schedulers

  • Config Windows Feature

    • BitLocker
    • Direct-Play
    • Wireless-Networking
    • qWave

将脚本复制到桌面,并且要求管理员权限,去运行,输入y开始配置,会重新启动一次系统,演示效果如图:

BAT脚本如下:

 @echo off

 pushd %~dp0

 set gpfile=temp_gpfile

 set currentuser=%username%

 set videopsfile=Acceleration.Level.ps1

 rem UAC code begin

 set getadminfile=getadmin.vbs

 echo Windows Server To Windows Desktop

 echo =================================

 echo Starting

 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\SYSTEM" >nul 2>nul

 if %ERRORLEVEL% EQU 0 (

     goto :Admin

 ) else (

     if %ERRORLEVEL% EQU 2 (

         goto :PathErr

     ) else (

         goto :UAC

     )

 )

 :PathErr

 echo.

 echo Please open "%~n0%~x0" by explorer.exe

 echo.

 echo Press any key to explore the folder...

 pause>nul

 start "" "%SYSTEMROOT%\system32\explorer.exe" /select,"%~f0"

 goto :END

 :UAC

 echo Set sh = CreateObject^("Shell.Application"^) > %getadminfile%

 echo sh.ShellExecute "%~f0", "", "", "runas", 1 >> %getadminfile%

 ping 127.1 -n 1 >nul

 "%SYSTEMROOT%\system32\cscript.exe" %getadminfile%

 goto :END

 :Admin

 if exist %getadminfile% ( del %getadminfile% )

 cls

 rem UAC code end

 if "%currentuser%" == "" set currentuser=Administrator

 echo Windows Server To Windows Desktop

 echo =================================

 ::PowerShell /Command "&{Get-WmiObject -Class Win32_OperatingSystem | Select-Object -ExpandProperty Caption}"

 set caption=

 for /f "skip=1 delims=" %%t in ('wmic os get caption') do (

 if not defined caption set caption=%%t

 )

 echo %caption%

 echo %caption%|find /i "Windows Server">nul 2>nul

 if ERRORLEVEL 1 goto :OSERR

 echo Current Domain: %USERDOMAIN%

 echo Current User: %currentuser%

 echo.

 set /p tmpInput=Maybe will restart computer. Are you ready? (Y/N):

 if /i "%tmpInput%"=="y" goto :START

 echo Canelled.

 echo Press any key to exit...

 pause>nul

 goto :END

 :OSERR

 echo.

 echo ERROR: Unsupported operating system!

 echo Press any key to exit...

 pause>nul

 goto :END

 :START

 echo (1/3) Config Service

 PowerShell /Command "&{Import-Module ServerManager}"

 echo - [Automatic] Windows Audio

 PowerShell /Command "&{Set-Service "Audiosrv" -StartupType Automatic}"

 echo - [Automatic] Windows Audio Endpoint Builder

 PowerShell /Command "&{Set-Service "AudioEndpointBuilder" -StartupType Automatic}"

 echo - [Manual] Windows Remote Management (WS-Management)

 PowerShell /Command "&{Set-Service "WinRM" -StartupType Manual}"

 echo (2/3) Config Registry and GroupPolicy

 echo - Enable Shutdown without logon

 REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v ShutdownWithoutLogon /t REG_DWORD /d 1 /f>nul

 echo - Disable Shutdown reason On

 REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Reliability" /v ShutdownReasonOn /t REG_DWORD /d 0 /f>nul

 :: echo - No Lock Screen

 :: reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Personalization" /v "NoLockScreen" /t REG_DWORD /d 0x1 /f>nul

 echo - Disable Ctrl+Alt+Del login

 REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v DisableCAD /t REG_DWORD /d 1 /f>nul

 echo - Disable UAC

 reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableLUA" /t REG_DWORD /d 0x0 /f>nul

 echo - Disable DEP (Turn on DEP for essential Windows programs and services only)

 bcdedit /set {current} nx OptIn>nul

 ::bcdedit /set {current} nx AlwaysOff>nul

 echo - Disable SEHOP

 reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\kernel" /v "DisableExceptionChainValidation" /t REG_DWORD /d 0x1 /f>nul

 echo - Enable disk performance counters

 diskperf -Y>nul

 if exist %videopsfile%. (

 echo - Enable Video Hardware Acceleration

 PowerShell -ExecutionPolicy Unrestricted -File %videopsfile%>nul

 del Acceleration.Level.reg /f /q

 )

 echo - Enable Audio Hardware Acceleration

 reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Multimedia\SystemProfile" /v "SystemResponsiveness" /t REG_DWORD /d 0x14 /f>nul

 echo - CPU Priority for Program

 REG ADD HKLM\SYSTEM\CurrentControlSet\Control\PriorityControl /v Win32PrioritySeparation /t REG_DWORD /d 38 /f>nul

 echo - Adjust Visual Effects (Manual)

 SystemPropertiesPerformance.exe

 ::reg add HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\VisualEffects /v VisualFXSetting /t REG_DWORD /d 1 /f>nul

 ::reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\VisualEffects /v VisualFXSetting /t REG_DWORD /d 1 /f>nul

 ::reg add "HKCU\Control Panel\Desktop" /v DragFullWindows /t REG_SZ /d 1 /f>nul

 ::reg add "HKCU\Control Panel\Desktop" /v FontSmoothing /t REG_SZ /d 2 /f>nul

 ::reg add "HKCU\Control Panel\Desktop" /v MinAnimate /t REG_SZ /d 1 /f>nul

 ::reg add "HKCU\Control Panel\Desktop" /v UserPreferencesMask /t REG_BINARY /d 9E3E078012000000 /f>nul

 echo - Adjust IE Max Connection

 reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v "MaxConnectionsPer1_0Server" /t REG_DWORD /d 10 /f>nul

 echo - IE Security Policy

 REG ADD "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}" /v IsInstalled /t REG_DWORD /d 0 /f>nul

 REG ADD "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}" /v IsInstalled /t REG_DWORD /d 0 /f>nul

 Rundll32 iesetup.dll, IEHardenLMSettings

 Rundll32 iesetup.dll, IEHardenUser

 Rundll32 iesetup.dll, IEHardenAdmin

 echo - Disable TCP Auto-Tuning

 netsh interface tcp set heuristics disabled>nul

 echo - Change Power Scheme To High Performance

 powercfg -s 8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c>nul

 echo - No Autorun Server Manager

 REG ADD HKLM\Software\Microsoft\ServerManager /v DoNotOpenServerManagerAtLogon /t REG_DWORD /d 1 /f>nul

 echo - Disable Password complexity and Minimum password length

 echo [version]>%gpfile%.inf

 echo signature="$CHICAGO$">>%gpfile%.inf

 echo [System Access]>>%gpfile%.inf

 echo MinimumPasswordLength = 0 >>%gpfile%.inf

 echo PasswordComplexity = 0 >>%gpfile%.inf

 secedit /configure /db %gpfile%.sdb /cfg %gpfile%.inf /log %gpfile%.log>nul 2>nul

 del %gpfile%.inf %gpfile%.sdb %gpfile%.log %gpfile%.jfm /f /q

 echo - %currentuser%'s Password never expires

 wmic Path Win32_UserAccount Where Name="%currentuser%" Set PasswordExpires="FALSE">nul

 echo   PasswordExpires List:

 wmic useraccount get Name,PasswordExpires

 echo - Disable Application Experience task schedulers

 schtasks /change /tn "\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" /disable>nul 2>nul

 schtasks /change /tn "\Microsoft\Windows\Application Experience\ProgramDataUpdater" /disable>nul 2>nul

 schtasks /change /tn "\Microsoft\Windows\Application Experience\StartupAppTask" /disable>nul 2>nul

 echo - Disable Customer Experience Improvement Program task schedulers

 schtasks /change /tn "\Microsoft\Windows\Customer Experience Improvement Program\Consolidator" /disable>nul 2>nul

 schtasks /change /tn "\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask" /disable>nul 2>nul

 schtasks /change /tn "\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip" /disable>nul 2>nul

 echo (3/3) Config Windows Feature

 echo - BitLocker

 echo - Direct-Play

 echo - Wireless-Networking

 echo - qWave

 echo please wait...

 PowerShell /Command "&{Install-WindowsFeature "BitLocker","Direct-Play","Wireless-Networking","qWave" -Restart}"

 echo Completed!

 echo Press any key to exit...

 pause>nul

 :END

 if exist %getadminfile% ( del %getadminfile% )

 popd

Acceleration.Level.ps1

 function WriteKey($File, $Key)

 {

     ECHO $Key >> $File;

     ECHO '"Acceleration.Level"=dword:00000000' >> $File;

     ECHO "" >> $File;

 }

 function Generate($File, $ControlSet)

 {

     $Item = Get-Item -Path "HKLM:\HARDWARE\DEVICEMAP\VIDEO";

     $ValueNames = $Item.GetValueNames();

     foreach($ValueName in $ValueNames)

     {

         if($ValueName.StartsWith("\Device\Video"))

         {

             $Value = $Item.GetValue($ValueName);

             if($Value.Length -gt 43)

             {

                 $Guid = $Value.SubString($Value.Length - 43, 38);

                 $ObjectNumber = $Value.SubString($Value.Length - 4);

                 try

                 {

                     [System.Guid]::Parse($Guid);

                     [System.Int32]::Parse($ObjectNumber);

                 }

                 catch

                 {

                     continue;

                 }

                 $Path = "HKLM:\SYSTEM\" + $ControlSet + "\Control\Video\" + $Guid + "\Video";

                 $Service = (Get-Item -Path $Path).GetValue("Service");

                 $Path = "HKLM:\SYSTEM\" + $ControlSet + "\Services\" + $Service;

                 $ChildItems = Get-ChildItem -Path $Path;

                 foreach($ChildItem in $ChildItems)

                 {

                     if($ChildItem.PSChildName.StartsWith("Device"))

                     {

                         $Key = "[" + $ChildItem.Name + "]";

                         WriteKey $File $Key;

                     }

                 }

                 $Key = "[HKEY_LOCAL_MACHINE\SYSTEM\" + $ControlSet + "\Control\Video\" + $Guid + "\" + $ObjectNumber + "]";

                 WriteKey $File $Key;

                 $Key = "[HKEY_LOCAL_MACHINE\SYSTEM\" + $ControlSet + "\Control\Video\" + $Guid + "\" + $ObjectNumber + "\Settings]";

                 WriteKey $File $Key;

             }

         }

     }

     $VideoControllers = Get-WmiObject -Class Win32_VideoController;

     foreach($VideoController in $VideoControllers)

     {

         $PnPEntities = Get-WmiObject -Class Win32_PnPEntity;

         foreach($PnPEntity in $PnPEntities)

         {

             if($PnPEntity.PNPDeviceID -eq $VideoController.PNPDeviceID)

             {

                 $Path = "HKLM:\SYSTEM\" + $ControlSet + "\Control\Class\" + $PnPEntity.ClassGuid;

                 $ChildItems = Get-ChildItem -Path $Path;

                 foreach($ChildItem in $ChildItems)

                 {

                     try

                     {

                         [System.Int32]::Parse($ChildItem.PSChildName);

                     }

                     catch

                     {

                         continue;

                     }

                     $Key = "[" + $ChildItem.Name + "]";

                     WriteKey $File $Key;

                     $Key = "[" + $ChildItem.Name + "\Settings]";

                     WriteKey $File $Key;

                 }

             }

         }

     }

 }

 $File = "Acceleration.Level.reg";

 New-Item $File -Type File -Force;

 ECHO "Windows Registry Editor Version 5.00" > $File;

 ECHO "" >> $File;

 Generate $File "ControlSet001";

 Generate $File "ControlSet002";

 Generate $File "CurrentControlSet";

 TYPE $File;

 regedit.exe /s $File;

Windows Server 2016 桌面环境的自动配置脚本(2017-10-24更新)的更多相关文章

  1. Windows Server 2016 桌面环境的自动配置脚本

    除非学习要求,还是建议使用Windows 10 LTSB 2016或其他桌面系统. github:https://github.com/m2nlight/WindowsServerToWindowsD ...

  2. python环境变量自动配置脚本(setx使用)

    前言 setx不是windows系统自带的工具,需要到微软官网下载,但是有的系统也会自带.(是官方提供的,可放心食用) set和setx都可以用来配置环境变量.他们的不同点在于,set只是临时的修改环 ...

  3. Windows Server 2016 IIS的安装与配置

    1. 打开服务器管理器,点击[添加角色和功能选项].        2. 进入“添加角色和功能向导”页面,点击下一步. 3. 安装类型选择[基于角色或基于功能的安装],点击下一步. 4. 进入服务器选 ...

  4. Windows Server 2016

    Windows Server 2016 正式版教程:安装.激活.设置 http://www.ithome.com/html/win10/261386.htm 2016-9-29 12:57:58来源: ...

  5. Windows Server 2016 配置 IIS 的详细步骤

    Ø  简介 本文主要记录 Windows Server 2016 环境下,安装配置 IIS 的详细步骤.需要说明的是,在选择"功能"或"角色服务"时不建议将所有 ...

  6. Windows Server 2016 + SCO 2016 安装及配置介绍

    Windows Server 2016 + SCO 2016 安装及配置介绍 高文龙关注1人评论6332人阅读2017-02-26 23:23:02 Windows Server 2016 + SCO ...

  7. Windows Server 2016 上配置 APACHE+SSL+PHP+perl

    Windows Server 2016 上配置 APACHE+SSL+PHP+perl 安装环境 谷歌云实例 Windows Server 2016 Apache Apache/2.4.25 (win ...

  8. 如何在Windows Server 2016启用或关闭Internet Explorer增强的安全配置

    一般我们安装完服务器后,开启 Internet Explorer 会发现无法上网或者上网内容被屏蔽掉了 问题的发生原因 在 Windows Server 2016 通常扮演重要的服务器角色,不应该用来 ...

  9. [转]Windows Server 2016 服务器IIS配置

    本文转自:https://blog.csdn.net/corson/article/details/82185407 多余的话就不说了,配置Windows Server 2016服务器具体如下图    ...

随机推荐

  1. Codeforces Round#251(Div 2)D Devu and his Brother

    --你以为你以为的.就是你以为的? --有时候还真是 题目链接:http://codeforces.com/contest/439/problem/D 题意大概就是要求第一个数组的最小值要不小于第二个 ...

  2. ionic学习笔记—创建项目

    环境搭建: 安装node.js  --> npm或cnpm   -->  安装jdk  -->  安装AndroidSDK  -->  安装cordova  -->  安 ...

  3. HTTP协议简要介绍

    1. 网络基础 TCP/IP 通常使用的网络是在TCP/IP协议簇基础上运作的. HTTP属于它内部的一个子集. TCP/IP分为4个层次, 应用层, 传输层, 网络层, 链路层. (Applicat ...

  4. 华为大数据项目fusionInsight

    项目简述:基于开源Hadoop2.0架构的集群网络,进行海量数据的分布式计算.由于Hadoop集群规模不断扩大,而搭建一个同等规模的测试集群需要一笔昂贵的开销.目前有100台左右物料,期望预测计算节点 ...

  5. python16_day07【Socket网络编程】

    一.简介 1.理解C/S,B/S 2.IOS七层模型(http://www.cnblogs.com/linhaifeng/articles/5937962.html) 二.什么是Socket 我们看看 ...

  6. samba、nginx服务

    一.部署samba Samba是在Linux和UNIX系统上实现SMB协议的一个免费软件,由服务器及客户端程序构成,Samba主要用于Linux或UNIX和Windows系统之间的文件共享. SMB( ...

  7. python之路 IO多路复用 线程进程初步了解

    一.IO多路复用 1.客户端 #!/usr/bin/env python #-*-coding:utf-8-*- import socket sk=socket.socket() sk.connect ...

  8. Python框架之Tornado(请求阶段)

    上图是tornado程序启动以及接收到客户端请求后的整个过程,对于整个过程可以分为两大部分: 启动程序阶段,又称为待请求阶段(上图1.2所有系列和3.0) 接收并处理客户端请求阶段(上图3系列) 简而 ...

  9. 利用同步网盘搭建个人或团队SVN服务器

    这篇文章是以前写的,现在强烈推荐两个站.1.http://git.oschina.com 2.http://www.coding.net. 推荐理由:1.可创建私有项目.2.免费稳定.3.VS2013 ...

  10. win7 64位下使用regsvr32注册activex dll .

    由于公司产品用了很多activex dll,而我的操作系统是64位的win7,在注册这些dll时碰到了很多问题,经过摸索,最后还是成功注册了,步骤如下: 1.在C:\Windows\SysWOW64\ ...