Windows 2003/2008 server config batch file

This is a script we use to quickly configure an initial Winders installation on that there server pre-domain join. It's a batch file and I've not yet configured it as a PowerShell script.

The WSUS portion of the script can be used to fix a misbehaving WSUS client as well. :)

#### BEGIN SCRIPT ####
 @echo off


 echo:
echo ======================================================================
echo DO NOT RUN THIS SCRIPT ON A DOMAIN MEMBER SERVER!
echo ======================================================================
PAUSE
echo:
:: Allow single label domain name
echo ----------------------------------------------------------------------
echo Setting 'Allow single label domain name'...

 reg add "HKLM\SYSTEM\CurrentControlSet\services\Netlogon\Parameters" /v "AllowSingleLabelDnsDomain" /t reg_dword /d 00000001 /f

 echo:
:: Set Windows Firewall to OFF for all profiles
echo ----------------------------------------------------------------------
echo Disabling Windows Firewall...

 net start MpsSvc
netsh advfirewall set allprofiles state off

 echo:
:: Set RDP enabled
echo ----------------------------------------------------------------------
echo Enabling RDP...

 reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v "fDenyTSConnections" /t reg_dword /d 00000000 /f

 echo:
:: Set NTP client for non-domain servers only
:: Change x.x.x.x to the IP of your NTP server
echo ----------------------------------------------------------------------
echo Syncing with NTP server...

 tzutil /s "Central Standard Time"
net start bits
net start w32time
w32tm /config /manualpeerlist:x.x.x.x /syncfromflags:manual /update
net stop w32time && net start w32time
w32tm /resync

 echo:
:: Configure WSUS client
:: Change the x.x.x.x to the IP of your WSUS server
echo ----------------------------------------------------------------------
echo Setting up WSUS client...

 net stop bits && net stop wuauserv
ipconfig /flushdns
del "C:\Users\All Users\Application Data\Microsoft\Network\Downloader\*.*" /Q
del "C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\*.*" /Q
reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v "BalloonTime" /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v "BalloonType" /f
net start wuauserv
net stop bits && net stop wuauserv
regsvr32 wuaueng.dll /s
reg add HKLM\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate /v "WUServer" /t reg_sz /d "http://x.x.x.x" /f
reg add HKLM\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate /v "WUStatusServer" /t reg_sz /d "http://x.x.x.x" /f
reg add HKLM\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate /v "TargetGroupEnabled" /t reg_dword /d 00000001 /f
reg add HKLM\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate /v "TargetGroup" /t reg_sz /d "WSUS Servers" /f
reg add HKLM\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate\AU /v "UseWUServer" /t reg_dword /d 0000001 /f
reg add HKLM\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate\AU /v "NoAutoUpdate" /t reg_dword /d 00000000 /f
reg add HKLM\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate\AU /v "AUOptions" /t reg_dword /d 00000002 /f
reg add HKLM\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate\AU /v "ScheduledInstallDay" /t reg_dword /d 00000000 /f
reg add HKLM\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate\AU /v "ScheduledInstallTime" /t reg_dword /d 00000003 /f
net start bits && net start wuauserv
wuauclt.exe /detectnow

 echo:
:: Rename default admin account, rename/disable Guest account
:: Change 'NEWNAME' to what you want for guest and admin accounts
echo ----------------------------------------------------------------------
echo Renaming Administrator and Guest accounts...

 wmic useraccount where name='Guest' call rename name='NEWNAME'
wmic useraccount where name='NEWNAME' set disabled='True'
wmic useraccount where name='Administrator' set passwordexpires='False'
wmic useraccount where name='Administrator' call rename name='NEWNAME'
echo If Admin account was renamed, log out before making further changes.
set ask==none
set /p ask=Log out now? Type YES, NO or hit ENTER to exit: 
if %ask%==y goto logoff
if %ask%==yes goto logoff
if %ask%==n goto exit
if %ask%==no goto exit
if %ask%==none goto exit
:logoff
echo Logging off...
logoff
:exit
echo:
echo Remember to log off if Admin account has been renamed.
echo:
timeout 5 > nul
echo:
exit

#### END SCRIPT ####

Comments

  1. Abdul Rehman KanjuDecember 14, 2021 at 6:09 AM

    Such a Nice post. Thanks for Awesome tips Keep it up
    windows-firewall-control-crack/
    movavi-photo-manager-crack

    ReplyDelete
  2. Bhatti SahbJanuary 4, 2022 at 6:21 AM

    Many thanks for sharing such incredible knowledge. It's really good for your website.
    The info on your website inspires me greatly. This website I'm bookmarked. Maintain it and thanks again.
    I'm really impressed with your writing skills, as smart as the strucAOMEI
    Prosoft Data Rescue Pro Crack

    ReplyDelete
  3. UnknownJanuary 20, 2022 at 6:23 PM

    Go Hard XL
    Go Hard XL
    Go Hard XL
    Go Hard XL
    Go Hard XL
    Go Hard XL

    ReplyDelete

Post a Comment