There must be a way to automate all of the pre-requisites! I have made a start in Powershell in scripting out the most common ones. Please be aware that your own environment pre-requisites may differ wildly. There are numerous things to consider:
- Disk partitioning
- Anti-virus\firewall exceptions
- Local security policies
- Local group membership
These are just a few of things that the following script does not do! But what it does you may find useful so here is what I have so far:
Write-Host "setting temporary folders"
New-Item c:\epmtmp -type directory
[Environment]::SetEnvironmentVariable("TMP", "c:\epmtmp", "User")
[Environment]::SetEnvironmentVariable("TEMP", "c:\epmtmp", "User")
Write-Host "disabling IPV6 tunnels"
C:\windows\system32\cmd /c netsh interface ipv6 6to4 set state state=disabled undoonstop=disabled
C:\windows\system32\cmd /c netsh interface ipv6 isatap set state state=disabled
C:\windows\system32\cmd /c netsh interface teredo set state disabled
Write-Host "setting max TCP ports"
C:\windows\system32\cmd /c netsh int ipv4 set dynamicport tcp start=1025 num=64500
Write-Host "disabling DEP"
C:\windows\system32\cmd /c bcdedit /set nx AlwaysOff
C:\windows\system32\cmd /c bcdedit /set pae ForceEnable
Write-Host "configuring power settings to High Performance"
C:\windows\system32\cmd /c powercfg.exe -setactive 8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c
Write-Host "disabling IPV6"
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters' -Name DisabledComponents -Value 0xffffffff
Write-Host "ensuring the registry is not unloaded on log off"
Set-ItemProperty -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\System' -Name DisableForceUnload -Value 1
Write-Host "press any key to exit"
Have I missed anything? Let me know what else you have found you can automate and we can all becoming lazier sysadmins :)