Site Tools


server_configuration_script_v1.1

Mit diesem Script, könnt ihr nach dem ersten Starten einen frisch aufgesetzten Servers die Grundkonfiguration vornehmen. Es werden die Basisdaten abgefragt wie: Name des Servers Beschreibung Domäne User für Domainjoin Passwort für diesen User Ip Konfiguration etc. Man kann in dieser Version die Fileserver Rolle installieren und RDP konfigurieren und eben einen Domainjoin durchführen. Es werden auch ein paar meiner Einstellungen erledigt: -Dateiendungen werden angezeigt -Explorer starten am “My PC” nicht in dieser unsäglichen Standardseite -In der Taskleiste wird Powershell eingeblendet…

Schaut es euch an und wenn ihr es gebrauchen könnt, nutzt es einfach aber seid vorsichtig, ich übernehme keine Haftung.

ServerBaseConfi.ps1
Clear
 
Write-Host 
Write-Host "New Baseconfiguration Setupscript" -foreground "yellow"
Write-Host
 
function Get-ScriptDirectory
{
$Invocation = (Get-Variable MyInvocation -Scope 1).Value
Split-Path $Invocation.MyCommand.Path
}
$ScriptPath = Get-ScriptDirectory
 
Start-Transcript -Path "$ScriptPath\configlog_transcript.txt" -Append >$null
 
$LogDate = (Get-Date).ToString("yyyy.MM.dd")
$LogTime = (Get-Date).ToLongTimeString()
 
"$LogDate $LogTime New config started" | Out-File -FilePath "$ScriptPath\configlog.txt" -Append
 
#Removes any previous password file
Remove-Item -Path $ScriptPath\mysecurestring.txt -ErrorAction SilentlyContinue
 
#Inputs for creds/domain
Do {
$Cname = Read-Host "Enter the intended name for the Server " #Ask for source Hyper-V server with current hosts
$Description = Read-Host "Enter Description for the Server "
$Domain = Read-Host "Enter your domain <contoso.com>  "
$user = Read-Host "Enter your admin account username <admin01> "
$username = "$Domain\$user"
Read-host "Enter your password (It will be stored in an encrypted file $ScriptPath\mysecurestring.txt)"  -assecurestring | convertfrom-securestring | out-file $ScriptPath\mysecurestring.txt
Write-host " "
Write-host "Your inputs: $Cname | $Domain | $user" 
$answer = Read-host "Are you happy with your inputs <yes/no>? " 
 
    If ($answer -eq "yes")
    {
        $success = 1 }
    Elseif ($answer -eq "no")
    {
        Clear
        Write-host "--Cleared for re-input--"
        $success = 0}
   }
    While ($success -eq 0) 
 
Write-host " "
Write-host "Your current inputs: "
Write-host "$Cname | $Domain | $user" 
 
$LogTime = (Get-Date).ToLongTimeString()
"$LogDate $LogTime Base Data entered" | Out-File -FilePath "$ScriptPath\configlog.txt" -Append
 
$OldCName = $env:COMPUTERNAME
$password = cat $ScriptPath\mysecurestring.txt | convertto-securestring
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $username, $password
 
 
Write-host " "
$netadapter = Read-Host "Do you want to configure the IP Settings? "
 
if($netadapter -eq "yes"){
 
#Inputs for adapter
Do {
Write-host "-Server adapter(s) info-"
Get-NetAdapter
Write-host " "  
$Adapter = Read-Host "Enter the intended adapter  "
$IP = Read-Host "Enter intended IP for the server "
$Subnet = Read-Host "Enter subnet mask (prefix length) <24> "
$DefaultG = Read-Host "Enter the default gateway "
$DNS = Read-Host "Enter your primary DNS "
$DNS2 = Read-Host "Enter your secondary DNS "
Write-host " "
Write-host "Your inputs: $Adapter | $IP | $Subnet | $DefaultG | $DNS | $DNS2"
$answer = Read-host "Are you happy with your inputs <yes/no>? "
 
    If ($answer -eq "yes")
    {
        $success = 2 }
    Elseif ($answer -eq "no")
    {
        Clear
        Write-host "--Cleared for re-input--"
        Write-host "Your inputs: $Cname | $Domain | $user" 
        $success = 1}
    } 
    While ($success -eq 1) 
 
Write-host "$Adapter | $IP | $Subnet | $DefaultG | $DNS | $DNS2"
 
#Configuring Network adapter
Write-Host " "
Write-Host "-Configuring $Adapter settings-"
Remove-NetIPAddress -InterfaceAlias $Adapter -Confirm:$false
Remove-NetRoute -InterfaceAlias $Adapter -Confirm:$false
New-NetIPAddress -InterfaceAlias $Adapter -IPAddress $IP -PrefixLength $Subnet -DefaultGateway $DefaultG
Set-DnsClientServerAddress -InterfaceAlias $Adapter -ServerAddresses $DNS,$DNS2
 
Write-host " "
Write-host "-Adapter Settings Completed-"
Write-host " "	
 
$LogTime = (Get-Date).ToLongTimeString()
"$LogDate $LogTime Networkadapter configurated" | Out-File -FilePath "$ScriptPath\configlog.txt" -Append
 
} 
 
 
Write-host " "
$remote = Read-Host "Do you want to setup Remote Desktop <yes|no> "
 
if($remote -eq "yes"){
 
#Enable remote desktop
set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
netsh advfirewall firewall set rule name="Remote Desktop - User Mode (TCP-In)" new enable =Yes profile="domain,private"
netsh advfirewall firewall set rule name="Remote Desktop - User Mode (UDP-In)" new enable =Yes profile="domain,private"
set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication" -Value 1
Write-Host "-Remote desktop setup-"
$LogTime = (Get-Date).ToLongTimeString()
"$LogDate $LogTime RDP configurated" | Out-File -FilePath "$ScriptPath\configlog.txt" -Append
}
Write-host " "
$FileS = Read-Host "Do you want to join install the feature 'File Server' Enabling access to files on the server over the network? "
if($FileS -eq "yes"){
Install-WindowsFeature -name FS-FileServer
$LogTime = (Get-Date).ToLongTimeString()
"$LogDate $LogTime Fileserverrole installed" | Out-File -FilePath "$ScriptPath\configlog.txt" -Append
} 
 
Write-host " "
$regsettings = Read-Host "Do you want to enable Standardsettings in Explorer? (Show Filextensions... etc.) "
 
if($regsettings -eq "yes"){
 
#Set Registry Entries
REG add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System /v OEMBackground /t REG_DWORD /d 0 /f
REG add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System /v EnableSmartScreen /t REG_DWORD /d 1 /f
REG add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System /v DisableLockScreenAppNotifications /t REG_DWORD /d 1 /f
REG add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Personalization /v NoLockScreen /t REG_DWORD /d 1 /f
REG add HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v HideFileExt /t REG_DWORD /d 0 /f
REG add HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v LaunchTo /t REG_DWORD /d 1 /f
Copy-Item -Path $ScriptPath/Layout.xml -Destination C:\Layout.xml
Import-StartLayout -LayoutPath /Layout.xml -MountPath C:\
Write-host "Layout Import done "
Remove-Item C:\Layout.xml -Force
$LogTime = (Get-Date).ToLongTimeString()
"$LogDate $LogTime Standardsetting configurated" | Out-File -FilePath "$ScriptPath\configlog.txt" -Append
sleep 5
} 
 
Write-host " "
$domainjoin = Read-Host "Do you want to join the server to the domain? "
 
if($domainjoin -eq "yes"){
 
#Join domain/Rename
Rename-Computer -NewName $Cname
Get-CimInstance -ClassName Win32_OperatingSystem | Set-CimInstance -Property @{Description = "$Description"}
sleep 5
Add-Computer -ComputerName $CName -DomainName $Domain -credential $cred -force -Options JoinWithNewName,AccountCreate
$LogTime = (Get-Date).ToLongTimeString()
"$LogDate $LogTime Domainjoin done, Restart will follow, Config finished" | Out-File -FilePath "$ScriptPath\configlog.txt" -Append
} 
 
#Removes password file
Remove-Item -Path $ScriptPath\mysecurestring.txt -ErrorAction SilentlyContinue
 
$LogTime = (Get-Date).ToLongTimeString()
"$LogDate $LogTime Serverbaseconfiguration done" | Out-File -FilePath "$ScriptPath\configlog.txt" -Append
 
Stop-Transcript
server_configuration_script_v1.1.txt · Last modified: 2019/04/08 16:34 by 192.168.1.1