github.com/hashicorp/packer@v1.14.3/provisioner/powershell/test-fixtures/scripts/bootstrap_win.txt

github.com/hashicorp/packer@v1.14.3/provisioner/powershell/test-fixtures/scripts/bootstrap_win.txt (about)

     1  <powershell>
     2  # Set administrator password
     3  net user Administrator SuperS3cr3t!!!!
     4  wmic useraccount where "name='Administrator'" set PasswordExpires=FALSE
     5  
     6  # First, make sure WinRM can't be connected to
     7  netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new enable=yes action=block
     8  
     9  # Delete any existing WinRM listeners
    10  winrm delete winrm/config/listener?Address=*+Transport=HTTP  2>$Null
    11  winrm delete winrm/config/listener?Address=*+Transport=HTTPS 2>$Null
    12  
    13  # Disable group policies which block basic authentication and unencrypted login
    14  
    15  Set-ItemProperty -Path HKLM:\Software\Policies\Microsoft\Windows\WinRM\Client -Name AllowBasic -Value 1
    16  Set-ItemProperty -Path HKLM:\Software\Policies\Microsoft\Windows\WinRM\Client -Name AllowUnencryptedTraffic -Value 1
    17  Set-ItemProperty -Path HKLM:\Software\Policies\Microsoft\Windows\WinRM\Service -Name AllowBasic -Value 1
    18  Set-ItemProperty -Path HKLM:\Software\Policies\Microsoft\Windows\WinRM\Service -Name AllowUnencryptedTraffic -Value 1
    19  
    20  
    21  # Create a new WinRM listener and configure
    22  winrm create winrm/config/listener?Address=*+Transport=HTTP
    23  winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="0"}'
    24  winrm set winrm/config '@{MaxTimeoutms="7200000"}'
    25  winrm set winrm/config/service '@{AllowUnencrypted="true"}'
    26  winrm set winrm/config/service '@{MaxConcurrentOperationsPerUser="12000"}'
    27  winrm set winrm/config/service/auth '@{Basic="true"}'
    28  winrm set winrm/config/client/auth '@{Basic="true"}'
    29  
    30  # Configure UAC to allow privilege elevation in remote shells
    31  $Key = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System'
    32  $Setting = 'LocalAccountTokenFilterPolicy'
    33  Set-ItemProperty -Path $Key -Name $Setting -Value 1 -Force
    34  
    35  # Configure and restart the WinRM Service; Enable the required firewall exception
    36  Stop-Service -Name WinRM
    37  Set-Service -Name WinRM -StartupType Automatic
    38  netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new action=allow localip=any remoteip=any
    39  Start-Service -Name WinRM
    40  </powershell>