github:https://github.com/m2nlight/WindowsServerToWindowsDesktop

下载:https://github.com/m2nlight/WindowsServerToWindowsDesktop/archive/master.zip

它的功能是自动启动音频服务、允许未登录关机、禁用Ctrl+Alt+Del登录系统、禁用关机时要求输入关机原因、CPU性能优秀程序、IE安全策略、登录时不现实服务器管理器、禁用密码混淆和长度要求、当前用户密码永不过期,安装Bitlocker、Direct-Play、无线网络、优质Windows音视频体验组件。

  • Config Service

    • [Automatic] Windows Audio
    • [Automatic] Windows Audio Endpoint Builder
    • [Manual] Windows Remote Management (WS-Management)

  • Config Registry and GroupPolicy

    • Enable Shutdown without logon
    • Disable Shutdown reason On
    • No Lock Screen
    • Disable Ctrl+Alt+Del login
    • Disable UAC
    • Disable DEP (Turn on DEP for essential Windows programs and services only)
    • Disable SEHOP
    • Enable disk performance counters
    • Enable Video Hardware Acceleration (Thanks @cjrcl)
    • Enable Audio Hardware Acceleration
    • CPU Priority for Program
    • Adjust Visual Effects (Manual)
    • Adjust IE MaxConnection
    • IE Security Policy
    • Disable TCP Auto-Tuning
    • Change Power Scheme To High Performance
    • No Autorun Server Manager
    • Disable Password complexity and Minimum password length
    • Current user Password never expires
    • Disable Application Experience task schedulers
    • Disable Customer Experience Improvement Program task schedulers

  • Config Windows Feature

    • BitLocker
    • Direct-Play
    • Wireless-Networking
    • qWave

将脚本复制到桌面,并且要求管理员权限,去运行,输入y开始配置,会重新启动一次系统,演示效果如图:

BAT脚本如下:

 @echo off

 pushd %~dp0

 set gpfile=temp_gpfile

 set currentuser=%username%

 set videopsfile=Acceleration.Level.ps1

 rem UAC code begin

 set getadminfile=getadmin.vbs

 echo Windows Server To Windows Desktop

 echo =================================

 echo Starting

 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\SYSTEM" >nul 2>nul

 if %ERRORLEVEL% EQU 0 (

     goto :Admin

 ) else (

     if %ERRORLEVEL% EQU 2 (

         goto :PathErr

     ) else (

         goto :UAC

     )

 )

 :PathErr

 echo.

 echo Please open "%~n0%~x0" by explorer.exe

 echo.

 echo Press any key to explore the folder...

 pause>nul

 start "" "%SYSTEMROOT%\system32\explorer.exe" /select,"%~f0"

 goto :END

 :UAC

 echo Set sh = CreateObject^("Shell.Application"^) > %getadminfile%

 echo sh.ShellExecute "%~f0", "", "", "runas", 1 >> %getadminfile%

 ping 127.1 -n 1 >nul

 "%SYSTEMROOT%\system32\cscript.exe" %getadminfile%

 goto :END

 :Admin

 if exist %getadminfile% ( del %getadminfile% )

 cls

 rem UAC code end

 if "%currentuser%" == "" set currentuser=Administrator

 echo Windows Server To Windows Desktop

 echo =================================

 ::PowerShell /Command "&{Get-WmiObject -Class Win32_OperatingSystem | Select-Object -ExpandProperty Caption}"

 set caption=

 for /f "skip=1 delims=" %%t in ('wmic os get caption') do (

 if not defined caption set caption=%%t

 )

 echo %caption%

 echo %caption%|find /i "Windows Server">nul 2>nul

 if ERRORLEVEL 1 goto :OSERR

 echo Current Domain: %USERDOMAIN%

 echo Current User: %currentuser%

 echo.

 set /p tmpInput=Maybe will restart computer. Are you ready? (Y/N):

 if /i "%tmpInput%"=="y" goto :START

 echo Canelled.

 echo Press any key to exit...

 pause>nul

 goto :END

 :OSERR

 echo.

 echo ERROR: Unsupported operating system!

 echo Press any key to exit...

 pause>nul

 goto :END

 :START

 echo (1/3) Config Service

 PowerShell /Command "&{Import-Module ServerManager}"

 echo - [Automatic] Windows Audio

 PowerShell /Command "&{Set-Service "Audiosrv" -StartupType Automatic}"

 echo - [Automatic] Windows Audio Endpoint Builder

 PowerShell /Command "&{Set-Service "AudioEndpointBuilder" -StartupType Automatic}"

 echo - [Manual] Windows Remote Management (WS-Management)

 PowerShell /Command "&{Set-Service "WinRM" -StartupType Manual}"

 echo (2/3) Config Registry and GroupPolicy

 echo - Enable Shutdown without logon

 REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v ShutdownWithoutLogon /t REG_DWORD /d 1 /f>nul

 echo - Disable Shutdown reason On

 REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Reliability" /v ShutdownReasonOn /t REG_DWORD /d 0 /f>nul

 :: echo - No Lock Screen

 :: reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Personalization" /v "NoLockScreen" /t REG_DWORD /d 0x1 /f>nul

 echo - Disable Ctrl+Alt+Del login

 REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v DisableCAD /t REG_DWORD /d 1 /f>nul

 echo - Disable UAC

 reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableLUA" /t REG_DWORD /d 0x0 /f>nul

 echo - Disable DEP (Turn on DEP for essential Windows programs and services only)

 bcdedit /set {current} nx OptIn>nul

 ::bcdedit /set {current} nx AlwaysOff>nul

 echo - Disable SEHOP

 reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\kernel" /v "DisableExceptionChainValidation" /t REG_DWORD /d 0x1 /f>nul

 echo - Enable disk performance counters

 diskperf -Y>nul

 if exist %videopsfile%. (

 echo - Enable Video Hardware Acceleration

 PowerShell -ExecutionPolicy Unrestricted -File %videopsfile%>nul

 del Acceleration.Level.reg /f /q

 )

 echo - Enable Audio Hardware Acceleration

 reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Multimedia\SystemProfile" /v "SystemResponsiveness" /t REG_DWORD /d 0x14 /f>nul

 echo - CPU Priority for Program

 REG ADD HKLM\SYSTEM\CurrentControlSet\Control\PriorityControl /v Win32PrioritySeparation /t REG_DWORD /d 38 /f>nul

 echo - Adjust Visual Effects (Manual)

 SystemPropertiesPerformance.exe

 ::reg add HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\VisualEffects /v VisualFXSetting /t REG_DWORD /d 1 /f>nul

 ::reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\VisualEffects /v VisualFXSetting /t REG_DWORD /d 1 /f>nul

 ::reg add "HKCU\Control Panel\Desktop" /v DragFullWindows /t REG_SZ /d 1 /f>nul

 ::reg add "HKCU\Control Panel\Desktop" /v FontSmoothing /t REG_SZ /d 2 /f>nul

 ::reg add "HKCU\Control Panel\Desktop" /v MinAnimate /t REG_SZ /d 1 /f>nul

 ::reg add "HKCU\Control Panel\Desktop" /v UserPreferencesMask /t REG_BINARY /d 9E3E078012000000 /f>nul

 echo - Adjust IE Max Connection

 reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v "MaxConnectionsPer1_0Server" /t REG_DWORD /d 10 /f>nul

 echo - IE Security Policy

 REG ADD "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}" /v IsInstalled /t REG_DWORD /d 0 /f>nul

 REG ADD "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}" /v IsInstalled /t REG_DWORD /d 0 /f>nul

 Rundll32 iesetup.dll, IEHardenLMSettings

 Rundll32 iesetup.dll, IEHardenUser

 Rundll32 iesetup.dll, IEHardenAdmin

 echo - Disable TCP Auto-Tuning

 netsh interface tcp set heuristics disabled>nul

 echo - Change Power Scheme To High Performance

 powercfg -s 8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c>nul

 echo - No Autorun Server Manager

 REG ADD HKLM\Software\Microsoft\ServerManager /v DoNotOpenServerManagerAtLogon /t REG_DWORD /d 1 /f>nul

 echo - Disable Password complexity and Minimum password length

 echo [version]>%gpfile%.inf

 echo signature="$CHICAGO$">>%gpfile%.inf

 echo [System Access]>>%gpfile%.inf

 echo MinimumPasswordLength = 0 >>%gpfile%.inf

 echo PasswordComplexity = 0 >>%gpfile%.inf

 secedit /configure /db %gpfile%.sdb /cfg %gpfile%.inf /log %gpfile%.log>nul 2>nul

 del %gpfile%.inf %gpfile%.sdb %gpfile%.log %gpfile%.jfm /f /q

 echo - %currentuser%'s Password never expires

 wmic Path Win32_UserAccount Where Name="%currentuser%" Set PasswordExpires="FALSE">nul

 echo   PasswordExpires List:

 wmic useraccount get Name,PasswordExpires

 echo - Disable Application Experience task schedulers

 schtasks /change /tn "\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" /disable>nul 2>nul

 schtasks /change /tn "\Microsoft\Windows\Application Experience\ProgramDataUpdater" /disable>nul 2>nul

 schtasks /change /tn "\Microsoft\Windows\Application Experience\StartupAppTask" /disable>nul 2>nul

 echo - Disable Customer Experience Improvement Program task schedulers

 schtasks /change /tn "\Microsoft\Windows\Customer Experience Improvement Program\Consolidator" /disable>nul 2>nul

 schtasks /change /tn "\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask" /disable>nul 2>nul

 schtasks /change /tn "\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip" /disable>nul 2>nul

 echo (3/3) Config Windows Feature

 echo - BitLocker

 echo - Direct-Play

 echo - Wireless-Networking

 echo - qWave

 echo please wait...

 PowerShell /Command "&{Install-WindowsFeature "BitLocker","Direct-Play","Wireless-Networking","qWave" -Restart}"

 echo Completed!

 echo Press any key to exit...

 pause>nul

 :END

 if exist %getadminfile% ( del %getadminfile% )

 popd

Acceleration.Level.ps1

 function WriteKey($File, $Key)

 {

     ECHO $Key >> $File;

     ECHO '"Acceleration.Level"=dword:00000000' >> $File;

     ECHO "" >> $File;

 }

 function Generate($File, $ControlSet)

 {

     $Item = Get-Item -Path "HKLM:\HARDWARE\DEVICEMAP\VIDEO";

     $ValueNames = $Item.GetValueNames();

     foreach($ValueName in $ValueNames)

     {

         if($ValueName.StartsWith("\Device\Video"))

         {

             $Value = $Item.GetValue($ValueName);

             if($Value.Length -gt 43)

             {

                 $Guid = $Value.SubString($Value.Length - 43, 38);

                 $ObjectNumber = $Value.SubString($Value.Length - 4);

                 try

                 {

                     [System.Guid]::Parse($Guid);

                     [System.Int32]::Parse($ObjectNumber);

                 }

                 catch

                 {

                     continue;

                 }

                 $Path = "HKLM:\SYSTEM\" + $ControlSet + "\Control\Video\" + $Guid + "\Video";

                 $Service = (Get-Item -Path $Path).GetValue("Service");

                 $Path = "HKLM:\SYSTEM\" + $ControlSet + "\Services\" + $Service;

                 $ChildItems = Get-ChildItem -Path $Path;

                 foreach($ChildItem in $ChildItems)

                 {

                     if($ChildItem.PSChildName.StartsWith("Device"))

                     {

                         $Key = "[" + $ChildItem.Name + "]";

                         WriteKey $File $Key;

                     }

                 }

                 $Key = "[HKEY_LOCAL_MACHINE\SYSTEM\" + $ControlSet + "\Control\Video\" + $Guid + "\" + $ObjectNumber + "]";

                 WriteKey $File $Key;

                 $Key = "[HKEY_LOCAL_MACHINE\SYSTEM\" + $ControlSet + "\Control\Video\" + $Guid + "\" + $ObjectNumber + "\Settings]";

                 WriteKey $File $Key;

             }

         }

     }

     $VideoControllers = Get-WmiObject -Class Win32_VideoController;

     foreach($VideoController in $VideoControllers)

     {

         $PnPEntities = Get-WmiObject -Class Win32_PnPEntity;

         foreach($PnPEntity in $PnPEntities)

         {

             if($PnPEntity.PNPDeviceID -eq $VideoController.PNPDeviceID)

             {

                 $Path = "HKLM:\SYSTEM\" + $ControlSet + "\Control\Class\" + $PnPEntity.ClassGuid;

                 $ChildItems = Get-ChildItem -Path $Path;

                 foreach($ChildItem in $ChildItems)

                 {

                     try

                     {

                         [System.Int32]::Parse($ChildItem.PSChildName);

                     }

                     catch

                     {

                         continue;

                     }

                     $Key = "[" + $ChildItem.Name + "]";

                     WriteKey $File $Key;

                     $Key = "[" + $ChildItem.Name + "\Settings]";

                     WriteKey $File $Key;

                 }

             }

         }

     }

 }

 $File = "Acceleration.Level.reg";

 New-Item $File -Type File -Force;

 ECHO "Windows Registry Editor Version 5.00" > $File;

 ECHO "" >> $File;

 Generate $File "ControlSet001";

 Generate $File "ControlSet002";

 Generate $File "CurrentControlSet";

 TYPE $File;

 regedit.exe /s $File;

Windows Server 2016 桌面环境的自动配置脚本(2017-10-24更新)的更多相关文章

  1. Windows Server 2016 桌面环境的自动配置脚本

    除非学习要求,还是建议使用Windows 10 LTSB 2016或其他桌面系统. github:https://github.com/m2nlight/WindowsServerToWindowsD ...

  2. python环境变量自动配置脚本(setx使用)

    前言 setx不是windows系统自带的工具,需要到微软官网下载,但是有的系统也会自带.(是官方提供的,可放心食用) set和setx都可以用来配置环境变量.他们的不同点在于,set只是临时的修改环 ...

  3. Windows Server 2016 IIS的安装与配置

    1. 打开服务器管理器,点击[添加角色和功能选项].        2. 进入“添加角色和功能向导”页面,点击下一步. 3. 安装类型选择[基于角色或基于功能的安装],点击下一步. 4. 进入服务器选 ...

  4. Windows Server 2016

    Windows Server 2016 正式版教程:安装.激活.设置 http://www.ithome.com/html/win10/261386.htm 2016-9-29 12:57:58来源: ...

  5. Windows Server 2016 配置 IIS 的详细步骤

    Ø  简介 本文主要记录 Windows Server 2016 环境下,安装配置 IIS 的详细步骤.需要说明的是,在选择"功能"或"角色服务"时不建议将所有 ...

  6. Windows Server 2016 + SCO 2016 安装及配置介绍

    Windows Server 2016 + SCO 2016 安装及配置介绍 高文龙关注1人评论6332人阅读2017-02-26 23:23:02 Windows Server 2016 + SCO ...

  7. Windows Server 2016 上配置 APACHE+SSL+PHP+perl

    Windows Server 2016 上配置 APACHE+SSL+PHP+perl 安装环境 谷歌云实例 Windows Server 2016 Apache Apache/2.4.25 (win ...

  8. 如何在Windows Server 2016启用或关闭Internet Explorer增强的安全配置

    一般我们安装完服务器后,开启 Internet Explorer 会发现无法上网或者上网内容被屏蔽掉了 问题的发生原因 在 Windows Server 2016 通常扮演重要的服务器角色,不应该用来 ...

  9. [转]Windows Server 2016 服务器IIS配置

    本文转自:https://blog.csdn.net/corson/article/details/82185407 多余的话就不说了,配置Windows Server 2016服务器具体如下图    ...

随机推荐

  1. mybatis框架(三)

    mybatis框架

  2. 解决ubuntu 无法挂载移动硬盘问题 unknown filesystem type 'exfat'

    Ubuntu 13.10 或以上 安装exfat-fuse: sudo apt-get install exfat-fuse Ubuntu 13.04 或以下 sudo apt-add-reposit ...

  3. SAP系统接口方式:

    SAP系统接口方式: 1.PI - 信使中间件 (大公司多选择) 数据: SAP- PI- U8 U8- PI- SAPPI 底层用的还是webservice 技术优点:实时性高: 可处理大数据(在调 ...

  4. c++ 11nullptr

    1. 引入nullptr的原因 引入nullptr的原因,这个要从NULL说起.对于C和C++程序员来说,一定不会对NULL感到陌生.但是C和C++中的NULL却不等价.NULL表示指针不指向任何对象 ...

  5. blogCMS中出现的错误整理

    1.在写日期归档的时候,出现如下错误: not enough values to unpack (expected 2, got 1) 出现这个错误是因为:字符串需要能够split成2份才能赋值给2个 ...

  6. 常用模块(hashlib,configparser,logging)

    常用模块(hashlib,configparser,logging) hashlib hashlib 摘要算法的模块md5 sha1 sha256 sha512摘要的过程 不可逆能做的事:文件的一致性 ...

  7. 微信小程序 使用腾讯地图SDK详解及实现步骤

    信小程序 使用腾讯地图SDK详解及实现步骤    微信小程序JavaScript SDK: 官方文档:http://lbs.qq.com/qqmap_wx_jssdk/index.html 步骤: 1 ...

  8. No module named bz2

    yum install bzip* python2.6 import bz2 python2.7 import bz2 error 解决:sudo cp /usr/lib64/python2.6/li ...

  9. 20145217《网络对抗》 MAL_简单后门学习总结

    20145217<网络对抗> MAL_简单后门学习总结 实践内容: 1.netcat的应用 2.socat的应用 3.meterpreter的应用 知识点学习总结 后门程序一般是指那些绕过 ...

  10. python的正则表达式捕获组命名问题