diff --git a/.devcontainer/010 - Windows 11 Enterprise/devcontainer.json b/.devcontainer/010 - Windows 11 Enterprise/devcontainer.json
new file mode 100644
index 0000000..cc0e5ae
--- /dev/null
+++ b/.devcontainer/010 - Windows 11 Enterprise/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Windows 11 Enterprise",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "11e"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "../codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.devcontainer/020 - Windows 11 LTSC/devcontainer.json b/.devcontainer/020 - Windows 11 LTSC/devcontainer.json
new file mode 100644
index 0000000..23e54ff
--- /dev/null
+++ b/.devcontainer/020 - Windows 11 LTSC/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Windows 11 LTSC",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "11l"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "../codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.devcontainer/030 - Windows 10 Pro/devcontainer.json b/.devcontainer/030 - Windows 10 Pro/devcontainer.json
new file mode 100644
index 0000000..c5a647b
--- /dev/null
+++ b/.devcontainer/030 - Windows 10 Pro/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Windows 10 Pro",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "10"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "../codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.devcontainer/040 - Windows 10 Enterprise/devcontainer.json b/.devcontainer/040 - Windows 10 Enterprise/devcontainer.json
new file mode 100644
index 0000000..1466e11
--- /dev/null
+++ b/.devcontainer/040 - Windows 10 Enterprise/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Windows 10 Enterprise",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "10e"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "../codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.devcontainer/050 - Windows 10 LTSC/devcontainer.json b/.devcontainer/050 - Windows 10 LTSC/devcontainer.json
new file mode 100644
index 0000000..dfc8f5c
--- /dev/null
+++ b/.devcontainer/050 - Windows 10 LTSC/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Windows 10 LTSC",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "10l"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "../codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.devcontainer/060 - Windows 8.1 Enterprise/devcontainer.json b/.devcontainer/060 - Windows 8.1 Enterprise/devcontainer.json
new file mode 100644
index 0000000..e58f7ad
--- /dev/null
+++ b/.devcontainer/060 - Windows 8.1 Enterprise/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Windows 8.1 Enterprise",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "8e"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "../codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.devcontainer/070 - Windows 7 Ultimate/devcontainer.json b/.devcontainer/070 - Windows 7 Ultimate/devcontainer.json
new file mode 100644
index 0000000..85878f0
--- /dev/null
+++ b/.devcontainer/070 - Windows 7 Ultimate/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Windows 7 Ultimate",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "7u"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "../codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.devcontainer/080 - Windows Vista Ultimate/devcontainer.json b/.devcontainer/080 - Windows Vista Ultimate/devcontainer.json
new file mode 100644
index 0000000..b99c942
--- /dev/null
+++ b/.devcontainer/080 - Windows Vista Ultimate/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Windows Vista Ultimate",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "vu"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "../codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.devcontainer/090 - Windows XP Professional/devcontainer.json b/.devcontainer/090 - Windows XP Professional/devcontainer.json
new file mode 100644
index 0000000..a2c51c4
--- /dev/null
+++ b/.devcontainer/090 - Windows XP Professional/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Windows XP Professional",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "xp"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "../codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.devcontainer/100 - Windows 2000 Professional/devcontainer.json b/.devcontainer/100 - Windows 2000 Professional/devcontainer.json
new file mode 100644
index 0000000..e5fab13
--- /dev/null
+++ b/.devcontainer/100 - Windows 2000 Professional/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Windows 2000 Professional",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "2k"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "../codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.devcontainer/110 - Windows Server 2025/devcontainer.json b/.devcontainer/110 - Windows Server 2025/devcontainer.json
new file mode 100644
index 0000000..96089cc
--- /dev/null
+++ b/.devcontainer/110 - Windows Server 2025/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Windows Server 2025",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "2025"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "../codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.devcontainer/120 - Windows Server 2022/devcontainer.json b/.devcontainer/120 - Windows Server 2022/devcontainer.json
new file mode 100644
index 0000000..9897a67
--- /dev/null
+++ b/.devcontainer/120 - Windows Server 2022/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Windows Server 2022",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "2022"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "../codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.devcontainer/130 - Windows Server 2019/devcontainer.json b/.devcontainer/130 - Windows Server 2019/devcontainer.json
new file mode 100644
index 0000000..9903599
--- /dev/null
+++ b/.devcontainer/130 - Windows Server 2019/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Windows Server 2019",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "2019"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "../codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.devcontainer/140 - Windows Server 2016/devcontainer.json b/.devcontainer/140 - Windows Server 2016/devcontainer.json
new file mode 100644
index 0000000..614b171
--- /dev/null
+++ b/.devcontainer/140 - Windows Server 2016/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Windows Server 2016",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "2016"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "../codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.devcontainer/150 - Windows Server 2012 R2/devcontainer.json b/.devcontainer/150 - Windows Server 2012 R2/devcontainer.json
new file mode 100644
index 0000000..158036c
--- /dev/null
+++ b/.devcontainer/150 - Windows Server 2012 R2/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Windows Server 2012 R2",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "2012"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "../codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.devcontainer/160 - Windows Server 2008 R2/devcontainer.json b/.devcontainer/160 - Windows Server 2008 R2/devcontainer.json
new file mode 100644
index 0000000..5dc1af6
--- /dev/null
+++ b/.devcontainer/160 - Windows Server 2008 R2/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Windows Server 2008 R2",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "2008"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "../codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.devcontainer/170 - Windows Server 2003/devcontainer.json b/.devcontainer/170 - Windows Server 2003/devcontainer.json
new file mode 100644
index 0000000..c47effb
--- /dev/null
+++ b/.devcontainer/170 - Windows Server 2003/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Windows Server 2003",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "2003"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "../codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.devcontainer/180 - Tiny11/devcontainer.json b/.devcontainer/180 - Tiny11/devcontainer.json
new file mode 100644
index 0000000..225a746
--- /dev/null
+++ b/.devcontainer/180 - Tiny11/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Tiny11",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "tiny11"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "../codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.devcontainer/190 - Tiny11 Core/devcontainer.json b/.devcontainer/190 - Tiny11 Core/devcontainer.json
new file mode 100644
index 0000000..78da098
--- /dev/null
+++ b/.devcontainer/190 - Tiny11 Core/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Tiny11 Core",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "core11"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "../codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.devcontainer/200 - Tiny11 Nano/devcontainer.json b/.devcontainer/200 - Tiny11 Nano/devcontainer.json
new file mode 100644
index 0000000..c7fdca9
--- /dev/null
+++ b/.devcontainer/200 - Tiny11 Nano/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Tiny11 Nano",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "nano11"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "../codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.devcontainer/210 - Tiny10/devcontainer.json b/.devcontainer/210 - Tiny10/devcontainer.json
new file mode 100644
index 0000000..3df1b88
--- /dev/null
+++ b/.devcontainer/210 - Tiny10/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Tiny10",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "tiny10"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "../codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.devcontainer/codespaces.yml b/.devcontainer/codespaces.yml
new file mode 100644
index 0000000..85e3f64
--- /dev/null
+++ b/.devcontainer/codespaces.yml
@@ -0,0 +1,21 @@
+services:
+ windows:
+ container_name: windows
+ image: ghcr.io/dockur/windows
+ environment:
+ RAM_SIZE: "half"
+ DISK_SIZE: "max"
+ CPU_CORES: "max"
+ devices:
+ - /dev/kvm
+ - /dev/net/tun
+ cap_add:
+ - NET_ADMIN
+ ports:
+ - 8006:8006
+ - 3389:3389/tcp
+ - 3389:3389/udp
+ volumes:
+ - ./windows:/storage
+ restart: on-failure
+ stop_grace_period: 2m
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
new file mode 100644
index 0000000..d7c98a8
--- /dev/null
+++ b/.devcontainer/devcontainer.json
@@ -0,0 +1,20 @@
+{
+ "name": "Windows 11 Pro",
+ "service": "windows",
+ "containerEnv": {
+ "VERSION": "11"
+ },
+ "forwardPorts": [8006],
+ "portsAttributes": {
+ "8006": {
+ "label": "Web",
+ "onAutoForward": "notify"
+ }
+ },
+ "otherPortsAttributes": {
+ "onAutoForward": "ignore"
+ },
+ "dockerComposeFile": "codespaces.yml",
+ "workspaceFolder": "/workspaces/windows",
+ "initializeCommand": "docker system prune --all --force"
+}
diff --git a/.dockerignore b/.dockerignore
index 258778b..154d44a 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,4 +1,5 @@
.dockerignore
+.devcontainer
.git
.github
.gitignore
diff --git a/.github/ISSUE_TEMPLATE/1-issue.yml b/.github/ISSUE_TEMPLATE/1-issue.yml
new file mode 100644
index 0000000..87860c9
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/1-issue.yml
@@ -0,0 +1,41 @@
+name: "\U0001F6A8 Technical issue"
+description: When you're experiencing problems using the container
+body:
+ - type: input
+ id: os
+ attributes:
+ label: Operating system
+ description: Your Linux distribution (can be shown by `lsb_release -a`).
+ placeholder: e.g. Ubuntu 24.04
+ validations:
+ required: true
+ - type: textarea
+ id: summary
+ attributes:
+ label: Description
+ description: A clear and concise description of your issue.
+ validations:
+ required: true
+ - type: textarea
+ id: compose
+ attributes:
+ label: Docker compose
+ description: The compose file (or otherwise the `docker run` command used).
+ render: yaml
+ validations:
+ required: true
+ - type: textarea
+ id: log
+ attributes:
+ label: Docker log
+ description: The logfile of the container (as shown by `docker logs windows`).
+ render: shell
+ validations:
+ required: true
+ - type: textarea
+ id: screenshot
+ attributes:
+ label: Screenshots (optional)
+ description: Screenshots that might help to make the problem more clear.
+ validations:
+ required: false
diff --git a/.github/ISSUE_TEMPLATE/FEATURE_REQUEST.yml b/.github/ISSUE_TEMPLATE/2-feature.yml
similarity index 100%
rename from .github/ISSUE_TEMPLATE/FEATURE_REQUEST.yml
rename to .github/ISSUE_TEMPLATE/2-feature.yml
diff --git a/.github/ISSUE_TEMPLATE/3-bug.yml b/.github/ISSUE_TEMPLATE/3-bug.yml
new file mode 100644
index 0000000..f614f27
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/3-bug.yml
@@ -0,0 +1,43 @@
+name: "\U0001F41E Bug report"
+description: Create a report to help us improve the container
+title: "[Bug]: "
+labels: ["bug"]
+body:
+ - type: input
+ id: os
+ attributes:
+ label: Operating system
+ description: Your Linux distribution (can be shown by `lsb_release -a`).
+ placeholder: e.g. Ubuntu 24.04
+ validations:
+ required: true
+ - type: textarea
+ id: summary
+ attributes:
+ label: Description
+ description: Describe the expected behaviour, the actual behaviour, and the steps to reproduce.
+ validations:
+ required: true
+ - type: textarea
+ id: compose
+ attributes:
+ label: Docker compose
+ description: The compose file (or otherwise the `docker run` command used).
+ render: yaml
+ validations:
+ required: true
+ - type: textarea
+ id: log
+ attributes:
+ label: Docker log
+ description: The logfile of the container (as shown by `docker logs windows`).
+ render: shell
+ validations:
+ required: true
+ - type: textarea
+ id: screenshot
+ attributes:
+ label: Screenshots (optional)
+ description: Screenshots that might help to make the problem more clear.
+ validations:
+ required: false
diff --git a/.github/ISSUE_TEMPLATE/4-question.yml b/.github/ISSUE_TEMPLATE/4-question.yml
new file mode 100644
index 0000000..9094d6d
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/4-question.yml
@@ -0,0 +1,26 @@
+name: "\U00002753 General question"
+description: Questions about the container not related to an issue
+title: "[Question]: "
+labels: ["question"]
+body:
+ - type: checkboxes
+ attributes:
+ label: Is your question not already answered in the FAQ?
+ description: Please read the [FAQ](https://github.com/dockur/windows/blob/master/readme.md) carefully to avoid asking duplicate questions.
+ options:
+ - label: I made sure the question is not listed in the [FAQ](https://github.com/dockur/windows/blob/master/readme.md).
+ required: true
+ - type: checkboxes
+ attributes:
+ label: Is this a general question and not a technical issue?
+ description: For questions related to issues you must use the [technical issue](https://github.com/dockur/windows/issues/new?assignees=&labels=&projects=&template=1-issue.yml) form instead. It contains all the right fields (system info, logfiles, etc.) we need in order to be able to help you.
+ options:
+ - label: I am sure my question is not about a technical issue.
+ required: true
+ - type: textarea
+ id: question
+ attributes:
+ label: Question
+ description: What's the question you have about the container?
+ validations:
+ required: true
diff --git a/.github/ISSUE_TEMPLATE/BUG_REPORT.yml b/.github/ISSUE_TEMPLATE/BUG_REPORT.yml
deleted file mode 100644
index 58fc2eb..0000000
--- a/.github/ISSUE_TEMPLATE/BUG_REPORT.yml
+++ /dev/null
@@ -1,64 +0,0 @@
-name: "\U0001F41E Bug Report"
-description: Create a report to help us improve the container
-title: "[Bug]: "
-labels: ["bug"]
-body:
- - type: checkboxes
- attributes:
- label: Is there an existing issue for this?
- description: Please search to see if an issue already exists for the bug you encountered.
- options:
- - label: I have searched the existing issues
- required: true
- - type: input
- id: cpu
- attributes:
- label: Machine specifications
- description: The processor and RAM amount in your machine.
- placeholder: e.g. Intel N5105 / 16 GB
- validations:
- required: true
- - type: input
- id: os
- attributes:
- label: Operating system
- description: The Linux distribution and kernel version as shown by `uname -a`.
- placeholder: e.g. Ubuntu 24.04 / Kernel 6.8.0-22-generic
- validations:
- required: true
- - type: input
- id: docker
- attributes:
- label: Docker version
- description: The Docker version as shown by `docker -v`.
- placeholder: e.g. Docker version 26.0.1, build d260a54
- validations:
- required: true
- - type: textarea
- id: summary
- attributes:
- label: Description
- description: A clear and concise description of the problem.
- validations:
- required: true
- - type: textarea
- id: compose
- attributes:
- label: Docker compose
- description: The Docker compose file (or otherwise `run` command).
- validations:
- required: true
- - type: textarea
- id: log
- attributes:
- label: Docker log
- description: The Docker logfile of the container.
- validations:
- required: true
- - type: textarea
- id: screenshot
- attributes:
- label: Screenshots (optional)
- description: Screenshots of the problem.
- validations:
- required: false
diff --git a/.github/ISSUE_TEMPLATE/QUESTION.yml b/.github/ISSUE_TEMPLATE/QUESTION.yml
deleted file mode 100644
index ceefd41..0000000
--- a/.github/ISSUE_TEMPLATE/QUESTION.yml
+++ /dev/null
@@ -1,17 +0,0 @@
-name: "? Question"
-description: General questions about the container
-title: "[Question]: "
-labels: ["question"]
-body:
- - type: markdown
- attributes:
- value: |
- Have a question about Windows for Docker?
- Please make sure to check the [FAQ](https://github.com/dockur/windows/blob/master/readme.md) first!
- - type: textarea
- id: question
- attributes:
- label: Question
- description: What's the question you have about the container?
- validations:
- required: true
diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
new file mode 100644
index 0000000..3ba13e0
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1 @@
+blank_issues_enabled: false
diff --git a/.github/winboat.png b/.github/winboat.png
new file mode 100644
index 0000000..2b5f6db
Binary files /dev/null and b/.github/winboat.png differ
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index d437ad8..27c6385 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -2,16 +2,6 @@ name: Build
on:
workflow_dispatch:
- push:
- branches:
- - master
- paths-ignore:
- - '**/*.md'
- - '**/*.yml'
- - '.gitignore'
- - '.dockerignore'
- - '.github/**'
- - '.github/workflows/**'
concurrency:
group: build
@@ -32,7 +22,7 @@ jobs:
steps:
-
name: Checkout
- uses: actions/checkout@v4
+ uses: actions/checkout@v5
with:
fetch-depth: 0
-
@@ -50,7 +40,7 @@ jobs:
labels: |
org.opencontainers.image.title=${{ vars.NAME }}
env:
- DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index
+ DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
@@ -69,7 +59,7 @@ jobs:
password: ${{ secrets.GITHUB_TOKEN }}
-
name: Build Docker image
- uses: docker/build-push-action@v5
+ uses: docker/build-push-action@v6
with:
context: .
push: true
diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml
index ea76481..9e9d278 100644
--- a/.github/workflows/check.yml
+++ b/.github/workflows/check.yml
@@ -7,19 +7,29 @@ jobs:
name: shellcheck
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v4
- - name: Run ShellCheck
+ -
+ name: Checkout
+ uses: actions/checkout@v5
+ -
+ name: Run ShellCheck
uses: ludeeus/action-shellcheck@master
env:
SHELLCHECK_OPTS: -x --source-path=src -e SC1091 -e SC2001 -e SC2002 -e SC2034 -e SC2064 -e SC2153 -e SC2317 -e SC2028
- - name: Validate XML
+ -
+ name: Lint Dockerfile
+ uses: hadolint/hadolint-action@v3.3.0
+ with:
+ dockerfile: Dockerfile
+ ignore: DL3006,DL3008
+ failure-threshold: warning
+ -
+ name: Validate XML
uses: action-pack/valid-xml@v1
with:
path: "assets"
file-endings: ".xml"
- - name: Lint Dockerfile
- uses: hadolint/hadolint-action@v3.1.0
+ -
+ name: Validate JSON and YML files
+ uses: GrantBirki/json-yaml-validate@v4
with:
- dockerfile: Dockerfile
- ignore: DL3008,DL4006,SC3037
- failure-threshold: warning
+ yaml_exclude_regex: ".*\\kubernetes\\.yml$"
diff --git a/.github/workflows/hub.yml b/.github/workflows/hub.yml
index 0e0bcd1..0b2c17e 100644
--- a/.github/workflows/hub.yml
+++ b/.github/workflows/hub.yml
@@ -12,10 +12,10 @@ jobs:
dockerHubDescription:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v5
-
name: Docker Hub Description
- uses: peter-evans/dockerhub-description@v4
+ uses: peter-evans/dockerhub-description@v5
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
diff --git a/.github/workflows/review.yml b/.github/workflows/review.yml
new file mode 100644
index 0000000..51f8503
--- /dev/null
+++ b/.github/workflows/review.yml
@@ -0,0 +1,66 @@
+on:
+ pull_request:
+
+name: "Review"
+
+permissions:
+ contents: read
+ pull-requests: write
+ checks: write
+
+jobs:
+ review:
+ name: review
+ runs-on: ubuntu-latest
+ steps:
+ -
+ name: Checkout
+ uses: actions/checkout@v5
+ -
+ name: Spelling
+ uses: reviewdog/action-misspell@v1
+ with:
+ locale: "US"
+ level: warning
+ pattern: |
+ *.md
+ *.sh
+ reporter: github-pr-review
+ github_token: ${{ secrets.REPO_ACCESS_TOKEN }}
+ -
+ name: Hadolint
+ uses: reviewdog/action-hadolint@v1
+ with:
+ level: warning
+ reporter: github-pr-review
+ hadolint_ignore: DL3006 DL3008
+ github_token: ${{ secrets.REPO_ACCESS_TOKEN }}
+ -
+ name: YamlLint
+ uses: reviewdog/action-yamllint@v1
+ with:
+ level: warning
+ reporter: github-pr-review
+ github_token: ${{ secrets.REPO_ACCESS_TOKEN }}
+ -
+ name: ActionLint
+ uses: reviewdog/action-actionlint@v1
+ with:
+ level: warning
+ reporter: github-pr-review
+ github_token: ${{ secrets.REPO_ACCESS_TOKEN }}
+ -
+ name: Shellformat
+ uses: reviewdog/action-shfmt@v1
+ with:
+ level: warning
+ shfmt_flags: "-i 2 -ci -bn"
+ github_token: ${{ secrets.REPO_ACCESS_TOKEN }}
+ -
+ name: Shellcheck
+ uses: reviewdog/action-shellcheck@v1
+ with:
+ level: warning
+ reporter: github-pr-review
+ shellcheck_flags: -x -e SC1091 -e SC2001 -e SC2002 -e SC2034 -e SC2064 -e SC2153 -e SC2317 -e SC2028
+ github_token: ${{ secrets.REPO_ACCESS_TOKEN }}
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 4903636..c275f1a 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -1,12 +1,6 @@
on:
workflow_dispatch:
pull_request:
- paths:
- - '**/*.sh'
- - '**/*.xml'
- - '.github/workflows/test.yml'
- - '.github/workflows/check.yml'
- - 'Dockerfile'
name: "Test"
permissions: {}
diff --git a/Dockerfile b/Dockerfile
index c2035eb..bf6dab2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,45 +1,46 @@
-FROM scratch
-COPY --from=qemux/qemu-docker:4.25 / /
+# syntax=docker/dockerfile:1
-ARG DEBCONF_NOWARNINGS "yes"
-ARG DEBIAN_FRONTEND "noninteractive"
-ARG DEBCONF_NONINTERACTIVE_SEEN "true"
+ARG VERSION_ARG="latest"
+FROM scratch AS build-amd64
-RUN apt-get update && \
+COPY --from=qemux/qemu:7.27 / /
+
+ARG TARGETARCH
+ARG DEBCONF_NOWARNINGS="yes"
+ARG DEBIAN_FRONTEND="noninteractive"
+ARG DEBCONF_NONINTERACTIVE_SEEN="true"
+
+RUN set -eu && \
+ apt-get update && \
apt-get --no-install-recommends -y install \
- bc \
- curl \
- 7zip \
- wsdd \
samba \
+ wimtools \
dos2unix \
cabextract \
- genisoimage \
- libxml2-utils && \
- echo "deb http://deb.debian.org/debian/ sid main" >> /etc/apt/sources.list.d/sid.list && \
- echo -e "Package: *\nPin: release n=trixie\nPin-Priority: 900\nPackage: *\nPin: release n=sid\nPin-Priority: 400" | tee /etc/apt/preferences.d/preferences > /dev/null && \
- apt-get update && \
- apt-get -t sid --no-install-recommends -y install wimtools && \
+ libxml2-utils \
+ libarchive-tools && \
+ wget "https://github.com/gershnik/wsdd-native/releases/download/v1.22/wsddn_1.22_${TARGETARCH}.deb" -O /tmp/wsddn.deb -q && \
+ dpkg -i /tmp/wsddn.deb && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
-COPY ./src /run/
-COPY ./assets /run/assets
+COPY --chmod=755 ./src /run/
+COPY --chmod=755 ./assets /run/assets
-ADD https://raw.githubusercontent.com/christgau/wsdd/v0.8/src/wsdd.py /usr/sbin/wsdd
-ADD https://github.com/qemus/virtiso/releases/download/v0.1.248/virtio-win-0.1.248.iso /run/drivers.iso
+ADD --chmod=664 https://github.com/qemus/virtiso-whql/releases/download/v1.9.48-0/virtio-win-1.9.48.tar.xz /var/drivers.txz
-RUN chmod +x /run/*.sh && chmod +x /usr/sbin/wsdd
+FROM dockurr/windows-arm:${VERSION_ARG} AS build-arm64
+FROM build-${TARGETARCH}
-EXPOSE 8006 3389
-VOLUME /storage
-
-ENV RAM_SIZE "4G"
-ENV CPU_CORES "2"
-ENV DISK_SIZE "64G"
-ENV VERSION "win11"
-
-ARG VERSION_ARG "0.0"
+ARG VERSION_ARG="0.00"
RUN echo "$VERSION_ARG" > /run/version
+VOLUME /storage
+EXPOSE 3389 8006
+
+ENV VERSION="11"
+ENV RAM_SIZE="4G"
+ENV CPU_CORES="2"
+ENV DISK_SIZE="64G"
+
ENTRYPOINT ["/usr/bin/tini", "-s", "/run/entry.sh"]
diff --git a/assets/win10x64-enterprise-eval.xml b/assets/win10x64-enterprise-eval.xml
index e993ffb..ee75f27 100644
--- a/assets/win10x64-enterprise-eval.xml
+++ b/assets/win10x64-enterprise-eval.xml
@@ -80,56 +80,12 @@
true
Docker
Windows for Docker
-
false
false
-
-
-
- D:\viostor\w10\amd64
-
-
- D:\NetKVM\w10\amd64
-
-
- D:\Balloon\w10\amd64
-
-
- D:\pvpanic\w10\amd64
-
-
- D:\qemupciserial\w10\amd64
-
-
- D:\qxldod\w10\amd64
-
-
- D:\vioinput\w10\amd64
-
-
- D:\viorng\w10\amd64
-
-
- D:\vioscsi\w10\amd64
-
-
- D:\vioserial\w10\amd64
-
-
- D:\viogpudo\w10\amd64
-
-
- D:\sriov\w10\amd64
-
-
- D:\viofs\w10\amd64
-
-
-
@@ -285,6 +241,11 @@
24
reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f
+
+ 25
+ reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f
+ Set Network Location to Home
+
@@ -297,8 +258,8 @@
true
- Remote Desktop
all
+ @FirewallAPI.dll,-28752
@@ -338,13 +299,18 @@
<![CDATA[true</PlainText>
</Password>
</AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideLocalAccountScreen>true</HideLocalAccountScreen>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
- <NetworkLocation>Other</NetworkLocation>
+ <NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>3</ProtectYourPC>
<SkipUserOOBE>true</SkipUserOOBE>
<SkipMachineOOBE>true</SkipMachineOOBE>
@@ -357,11 +323,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>2</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Allow RDP login with blank password</Description>
- </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -384,88 +345,93 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>7</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>8</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>9</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>10</Order>
+ <Order>8</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>11</Order>
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Hide Copilot button</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>12</Order>
+ <Order>11</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>13</Order>
+ <Order>12</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>14</Order>
+ <Order>13</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
- <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Cortana" /v "IsAvailable" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Cortana</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>16</Order>
- <CommandLine>reg.exe add "HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AllowCortana" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Cortana in search</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Search from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>18</Order>
+ <Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>19</Order>
+ <Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>20</Order>
+ <Order>18</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Dsh" /v "AllowNewsAndInterests" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Widgets</Description>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>22</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "SearchOnTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable search box in the taskbar</Description>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>23</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Turn off Windows Update auto download</Description>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
</FirstLogonCommands>
</component>
diff --git a/assets/win10x64-enterprise.xml b/assets/win10x64-enterprise.xml
new file mode 100644
index 0000000..5e5eb8c
--- /dev/null
+++ b/assets/win10x64-enterprise.xml
@@ -0,0 +1,442 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <!-- System partition (ESP) -->
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>EFI</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Microsoft reserved partition (MSR) -->
+ <CreatePartition wcm:action="add">
+ <Order>2</Order>
+ <Type>MSR</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Windows partition -->
+ <CreatePartition wcm:action="add">
+ <Order>3</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <!-- System partition (ESP) -->
+ <ModifyPartition wcm:action="add">
+ <Order>1</Order>
+ <PartitionID>1</PartitionID>
+ <Label>System</Label>
+ <Format>FAT32</Format>
+ </ModifyPartition>
+ <!-- MSR partition does not need to be modified -->
+ <ModifyPartition wcm:action="add">
+ <Order>2</Order>
+ <PartitionID>2</PartitionID>
+ </ModifyPartition>
+ <!-- Windows partition -->
+ <ModifyPartition wcm:action="add">
+ <Order>3</Order>
+ <PartitionID>3</PartitionID>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Format>NTFS</Format>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>3</PartitionID>
+ </InstallTo>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <DynamicUpdate>
+ <Enable>true</Enable>
+ <WillShowUI>Never</WillShowUI>
+ </DynamicUpdate>
+ <UpgradeData>
+ <Upgrade>false</Upgrade>
+ <WillShowUI>Never</WillShowUI>
+ </UpgradeData>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ <ProductKey>
+ <Key>NPPR9-FWDCX-D2C8J-H872K-2YT43</Key>
+ </ProductKey>
+ </UserData>
+ <EnableFirewall>false</EnableFirewall>
+ <Diagnostics>
+ <OptIn>false</OptIn>
+ </Diagnostics>
+ </component>
+ </settings>
+ <settings pass="offlineServicing">
+ <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <EnableLUA>false</EnableLUA>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ <SupportHours>24/7</SupportHours>
+ <SupportPhone />
+ <SupportProvider>Dockur</SupportProvider>
+ <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+ </OEMInformation>
+ <OEMName>Windows for Docker</OEMName>
+ </component>
+ <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableWER>1</DisableWER>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <RunSynchronous>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE" /v BypassNRO /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>2</Order>
+ <Path>reg.exe load "HKU\mount" "C:\Users\Default\NTUSER.DAT"</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "ContentDeliveryAllowed" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "FeatureManagementEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "OEMPreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEverEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SilentInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SoftLandingEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContentEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-310093Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338387Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338388Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338389Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338393Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353698Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SystemPaneSuggestionsEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <Path>reg.exe unload "HKU\mount"</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>22</Order>
+ <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>23</Order>
+ <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>25</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
+ </RunSynchronous>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAuthentication>0</UserAuthentication>
+ </component>
+ <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <FirewallGroups>
+ <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+ <Active>true</Active>
+ <Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
+ </FirewallGroup>
+ </FirewallGroups>
+ </component>
+ </settings>
+ <settings pass="auditSystem" />
+ <settings pass="auditUser" />
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PreventDeviceEncryption>true</PreventDeviceEncryption>
+ </component>
+ <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <HideLocalAccountScreen>true</HideLocalAccountScreen>
+ <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+ <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+ <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>true</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Enable option for passwordless sign-in</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Hide Copilot button</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Search from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Task View from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Widgets from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Chat from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>22</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>23</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/win10x64-iot.xml b/assets/win10x64-iot.xml
index affc4bf..00a049e 100644
--- a/assets/win10x64-iot.xml
+++ b/assets/win10x64-iot.xml
@@ -95,49 +95,6 @@
<OptIn>false</OptIn>
</Diagnostics>
</component>
- <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
- <DriverPaths>
- <PathAndCredentials wcm:action="add" wcm:keyValue="1">
- <Path>D:\viostor\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="2">
- <Path>D:\NetKVM\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="3">
- <Path>D:\Balloon\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="4">
- <Path>D:\pvpanic\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="5">
- <Path>D:\qemupciserial\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="6">
- <Path>D:\qxldod\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="7">
- <Path>D:\vioinput\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="8">
- <Path>D:\viorng\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="9">
- <Path>D:\vioscsi\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="10">
- <Path>D:\vioserial\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="11">
- <Path>D:\viogpudo\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="12">
- <Path>D:\sriov\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="13">
- <Path>D:\viofs\w10\amd64</Path>
- </PathAndCredentials>
- </DriverPaths>
- </component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -293,6 +250,11 @@
<Order>24</Order>
<Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
</RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>25</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -305,8 +267,8 @@
<FirewallGroups>
<FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
<Active>true</Active>
- <Group>Remote Desktop</Group>
<Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
</FirewallGroup>
</FirewallGroups>
</component>
@@ -346,13 +308,18 @@
<PlainText>true</PlainText>
</Password>
</AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideLocalAccountScreen>true</HideLocalAccountScreen>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
- <NetworkLocation>Other</NetworkLocation>
+ <NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>3</ProtectYourPC>
<SkipUserOOBE>true</SkipUserOOBE>
<SkipMachineOOBE>true</SkipMachineOOBE>
@@ -365,11 +332,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>2</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Allow RDP login with blank password</Description>
- </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -392,88 +354,93 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>7</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>8</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>9</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>10</Order>
+ <Order>8</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>11</Order>
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Hide Copilot button</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>12</Order>
+ <Order>11</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>13</Order>
+ <Order>12</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>14</Order>
+ <Order>13</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
- <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Cortana" /v "IsAvailable" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Cortana</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>16</Order>
- <CommandLine>reg.exe add "HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AllowCortana" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Cortana in search</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Search from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>18</Order>
+ <Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>19</Order>
+ <Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>20</Order>
+ <Order>18</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Dsh" /v "AllowNewsAndInterests" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Widgets</Description>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>22</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "SearchOnTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable search box in the taskbar</Description>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>23</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Turn off Windows Update auto download</Description>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
</FirstLogonCommands>
</component>
diff --git a/assets/win10x64-ltsc.xml b/assets/win10x64-ltsc.xml
index 32a16ec..e77dd6a 100644
--- a/assets/win10x64-ltsc.xml
+++ b/assets/win10x64-ltsc.xml
@@ -86,56 +86,12 @@
<AcceptEula>true</AcceptEula>
<FullName>Docker</FullName>
<Organization>Windows for Docker</Organization>
- <ProductKey />
</UserData>
<EnableFirewall>false</EnableFirewall>
<Diagnostics>
<OptIn>false</OptIn>
</Diagnostics>
</component>
- <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
- <DriverPaths>
- <PathAndCredentials wcm:action="add" wcm:keyValue="1">
- <Path>D:\viostor\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="2">
- <Path>D:\NetKVM\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="3">
- <Path>D:\Balloon\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="4">
- <Path>D:\pvpanic\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="5">
- <Path>D:\qemupciserial\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="6">
- <Path>D:\qxldod\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="7">
- <Path>D:\vioinput\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="8">
- <Path>D:\viorng\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="9">
- <Path>D:\vioscsi\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="10">
- <Path>D:\vioserial\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="11">
- <Path>D:\viogpudo\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="12">
- <Path>D:\sriov\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="13">
- <Path>D:\viofs\w10\amd64</Path>
- </PathAndCredentials>
- </DriverPaths>
- </component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -291,6 +247,11 @@
<Order>24</Order>
<Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
</RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>25</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -303,8 +264,8 @@
<FirewallGroups>
<FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
<Active>true</Active>
- <Group>Remote Desktop</Group>
<Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
</FirewallGroup>
</FirewallGroups>
</component>
@@ -344,13 +305,18 @@
<PlainText>true</PlainText>
</Password>
</AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideLocalAccountScreen>true</HideLocalAccountScreen>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
- <NetworkLocation>Other</NetworkLocation>
+ <NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>3</ProtectYourPC>
<SkipUserOOBE>true</SkipUserOOBE>
<SkipMachineOOBE>true</SkipMachineOOBE>
@@ -363,11 +329,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>2</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Allow RDP login with blank password</Description>
- </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -390,88 +351,93 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>7</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>8</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>9</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>10</Order>
+ <Order>8</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>11</Order>
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Hide Copilot button</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>12</Order>
+ <Order>11</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>13</Order>
+ <Order>12</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>14</Order>
+ <Order>13</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
- <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Cortana" /v "IsAvailable" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Cortana</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>16</Order>
- <CommandLine>reg.exe add "HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AllowCortana" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Cortana in search</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Search from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>18</Order>
+ <Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>19</Order>
+ <Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>20</Order>
+ <Order>18</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Dsh" /v "AllowNewsAndInterests" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Widgets</Description>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>22</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "SearchOnTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable search box in the taskbar</Description>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>23</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Turn off Windows Update auto download</Description>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
</FirstLogonCommands>
</component>
diff --git a/assets/win10x64.xml b/assets/win10x64.xml
index 994b7b9..7c21359 100644
--- a/assets/win10x64.xml
+++ b/assets/win10x64.xml
@@ -89,49 +89,6 @@
<OptIn>false</OptIn>
</Diagnostics>
</component>
- <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
- <DriverPaths>
- <PathAndCredentials wcm:action="add" wcm:keyValue="1">
- <Path>D:\viostor\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="2">
- <Path>D:\NetKVM\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="3">
- <Path>D:\Balloon\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="4">
- <Path>D:\pvpanic\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="5">
- <Path>D:\qemupciserial\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="6">
- <Path>D:\qxldod\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="7">
- <Path>D:\vioinput\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="8">
- <Path>D:\viorng\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="9">
- <Path>D:\vioscsi\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="10">
- <Path>D:\vioserial\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="11">
- <Path>D:\viogpudo\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="12">
- <Path>D:\sriov\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="13">
- <Path>D:\viofs\w10\amd64</Path>
- </PathAndCredentials>
- </DriverPaths>
- </component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -287,6 +244,11 @@
<Order>24</Order>
<Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
</RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>25</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -299,8 +261,8 @@
<FirewallGroups>
<FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
<Active>true</Active>
- <Group>Remote Desktop</Group>
<Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
</FirewallGroup>
</FirewallGroups>
</component>
@@ -340,13 +302,18 @@
<PlainText>true</PlainText>
</Password>
</AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideLocalAccountScreen>true</HideLocalAccountScreen>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
- <NetworkLocation>Other</NetworkLocation>
+ <NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>3</ProtectYourPC>
<SkipUserOOBE>true</SkipUserOOBE>
<SkipMachineOOBE>true</SkipMachineOOBE>
@@ -359,11 +326,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>2</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Allow RDP login with blank password</Description>
- </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -386,88 +348,93 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>7</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>8</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>9</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>10</Order>
+ <Order>8</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>11</Order>
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Hide Copilot button</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>12</Order>
+ <Order>11</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>13</Order>
+ <Order>12</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>14</Order>
+ <Order>13</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
- <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Cortana" /v "IsAvailable" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Cortana</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>16</Order>
- <CommandLine>reg.exe add "HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AllowCortana" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Cortana in search</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Search from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>18</Order>
+ <Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>19</Order>
+ <Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>20</Order>
+ <Order>18</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Dsh" /v "AllowNewsAndInterests" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Widgets</Description>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>22</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "SearchOnTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable search box in the taskbar</Description>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>23</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Turn off Windows Update auto download</Description>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
</FirstLogonCommands>
</component>
diff --git a/assets/win11x64-enterprise-eval.xml b/assets/win11x64-enterprise-eval.xml
index 8489b8d..39c3f02 100644
--- a/assets/win11x64-enterprise-eval.xml
+++ b/assets/win11x64-enterprise-eval.xml
@@ -80,7 +80,6 @@
<AcceptEula>true</AcceptEula>
<FullName>Docker</FullName>
<Organization>Windows for Docker</Organization>
- <ProductKey />
</UserData>
<EnableFirewall>false</EnableFirewall>
<Diagnostics>
@@ -105,49 +104,6 @@
</RunSynchronousCommand>
</RunSynchronous>
</component>
- <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
- <DriverPaths>
- <PathAndCredentials wcm:action="add" wcm:keyValue="1">
- <Path>D:\viostor\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="2">
- <Path>D:\NetKVM\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="3">
- <Path>D:\Balloon\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="4">
- <Path>D:\pvpanic\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="5">
- <Path>D:\qemupciserial\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="6">
- <Path>D:\qxldod\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="7">
- <Path>D:\vioinput\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="8">
- <Path>D:\viorng\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="9">
- <Path>D:\vioscsi\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="10">
- <Path>D:\vioserial\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="11">
- <Path>D:\viogpudo\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="12">
- <Path>D:\sriov\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="13">
- <Path>D:\viofs\w11\amd64</Path>
- </PathAndCredentials>
- </DriverPaths>
- </component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -303,6 +259,16 @@
<Order>24</Order>
<Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
</RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>25</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>26</Order>
+ <Path>pnputil -i -a C:\Windows\Drivers\viogpudo\viogpudo.inf</Path>
+ <Description>Install VirtIO display driver</Description>
+ </RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -315,8 +281,8 @@
<FirewallGroups>
<FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
<Active>true</Active>
- <Group>Remote Desktop</Group>
<Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
</FirewallGroup>
</FirewallGroups>
</component>
@@ -356,13 +322,18 @@
<PlainText>true</PlainText>
</Password>
</AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideLocalAccountScreen>true</HideLocalAccountScreen>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
- <NetworkLocation>Other</NetworkLocation>
+ <NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>3</ProtectYourPC>
<SkipUserOOBE>true</SkipUserOOBE>
<SkipMachineOOBE>true</SkipMachineOOBE>
@@ -377,43 +348,38 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Allow RDP login with blank password</Description>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "RequireSecuritySignature" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable SMB signing requirement</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>3</Order>
+ <Order>4</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Enable option for passwordless sign-in</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>4</Order>
- <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+ <Order>5</Order>
+ <CommandLine>powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoProfile -NonInteractive set-localuser -name "Docker" -passwordneverexpires 1</CommandLine>
<Description>Password Never Expires</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>5</Order>
+ <Order>6</Order>
<CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>6</Order>
+ <Order>7</Order>
<CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
<Description>Disable monitor blanking</Description>
</SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>7</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>8</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>9</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Disable first-run experience in Edge</Description>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Hide Copilot button</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
@@ -442,59 +408,64 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
- <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Cortana" /v "IsAvailable" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Cortana</Description>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
- <CommandLine>reg.exe add "HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AllowCortana" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Cortana in search</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>17</Order>
- <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Remove Search from the Taskbar</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>18</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>19</Order>
+ <Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>20</Order>
+ <Order>18</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>21</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Dsh" /v "AllowNewsAndInterests" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Widgets</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>22</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "SearchOnTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable search box in the taskbar</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>23</Order>
+ <Order>19</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>24</Order>
+ <Order>20</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>22</Order>
<CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV1 /d 0 /t REG_DWORD /f</CommandLine>
<Description>Disable unsupported hardware notifications</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>25</Order>
+ <Order>23</Order>
<CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV2 /d 0 /t REG_DWORD /f</CommandLine>
<Description>Disable unsupported hardware notifications</Description>
</SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <CommandLine>cmd /C rd /q C:\Windows.old</CommandLine>
+ <Description>Remove empty Windows.old folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>25</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>26</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
</FirstLogonCommands>
</component>
</settings>
diff --git a/assets/win11x64-enterprise.xml b/assets/win11x64-enterprise.xml
new file mode 100644
index 0000000..bafed49
--- /dev/null
+++ b/assets/win11x64-enterprise.xml
@@ -0,0 +1,475 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <!-- System partition (ESP) -->
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>EFI</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Microsoft reserved partition (MSR) -->
+ <CreatePartition wcm:action="add">
+ <Order>2</Order>
+ <Type>MSR</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Windows partition -->
+ <CreatePartition wcm:action="add">
+ <Order>3</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <!-- System partition (ESP) -->
+ <ModifyPartition wcm:action="add">
+ <Order>1</Order>
+ <PartitionID>1</PartitionID>
+ <Label>System</Label>
+ <Format>FAT32</Format>
+ </ModifyPartition>
+ <!-- MSR partition does not need to be modified -->
+ <ModifyPartition wcm:action="add">
+ <Order>2</Order>
+ <PartitionID>2</PartitionID>
+ </ModifyPartition>
+ <!-- Windows partition -->
+ <ModifyPartition wcm:action="add">
+ <Order>3</Order>
+ <PartitionID>3</PartitionID>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Format>NTFS</Format>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>3</PartitionID>
+ </InstallTo>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <DynamicUpdate>
+ <Enable>true</Enable>
+ <WillShowUI>Never</WillShowUI>
+ </DynamicUpdate>
+ <UpgradeData>
+ <Upgrade>false</Upgrade>
+ <WillShowUI>Never</WillShowUI>
+ </UpgradeData>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ <ProductKey>
+ <Key>NPPR9-FWDCX-D2C8J-H872K-2YT43</Key>
+ </ProductKey>
+ </UserData>
+ <EnableFirewall>false</EnableFirewall>
+ <Diagnostics>
+ <OptIn>false</OptIn>
+ </Diagnostics>
+ <RunSynchronous>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassTPMCheck /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>2</Order>
+ <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassSecureBootCheck /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassRAMCheck /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <Path>reg.exe add "HKLM\SYSTEM\Setup\MoSetup" /v AllowUpgradesWithUnsupportedTPMOrCPU /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ </RunSynchronous>
+ </component>
+ </settings>
+ <settings pass="offlineServicing">
+ <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <EnableLUA>false</EnableLUA>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ <SupportHours>24/7</SupportHours>
+ <SupportPhone />
+ <SupportProvider>Dockur</SupportProvider>
+ <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+ </OEMInformation>
+ <OEMName>Windows for Docker</OEMName>
+ </component>
+ <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableWER>1</DisableWER>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <RunSynchronous>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE" /v BypassNRO /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>2</Order>
+ <Path>reg.exe load "HKU\mount" "C:\Users\Default\NTUSER.DAT"</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "ContentDeliveryAllowed" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "FeatureManagementEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "OEMPreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEverEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SilentInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SoftLandingEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContentEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-310093Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338387Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338388Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338389Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338393Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353698Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SystemPaneSuggestionsEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <Path>reg.exe unload "HKU\mount"</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>22</Order>
+ <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>23</Order>
+ <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>25</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>26</Order>
+ <Path>pnputil -i -a C:\Windows\Drivers\viogpudo\viogpudo.inf</Path>
+ <Description>Install VirtIO display driver</Description>
+ </RunSynchronousCommand>
+ </RunSynchronous>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAuthentication>0</UserAuthentication>
+ </component>
+ <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <FirewallGroups>
+ <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+ <Active>true</Active>
+ <Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
+ </FirewallGroup>
+ </FirewallGroups>
+ </component>
+ </settings>
+ <settings pass="auditSystem" />
+ <settings pass="auditUser" />
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PreventDeviceEncryption>true</PreventDeviceEncryption>
+ </component>
+ <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <HideLocalAccountScreen>true</HideLocalAccountScreen>
+ <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+ <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+ <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>true</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>2</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "RequireSecuritySignature" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable SMB signing requirement</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Enable option for passwordless sign-in</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoProfile -NonInteractive set-localuser -name "Docker" -passwordneverexpires 1</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Hide Copilot button</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Task View from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Widgets from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Chat from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>22</Order>
+ <CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV1 /d 0 /t REG_DWORD /f</CommandLine>
+ <Description>Disable unsupported hardware notifications</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>23</Order>
+ <CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV2 /d 0 /t REG_DWORD /f</CommandLine>
+ <Description>Disable unsupported hardware notifications</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <CommandLine>cmd /C rd /q C:\Windows.old</CommandLine>
+ <Description>Remove empty Windows.old folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>25</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>26</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/win11x64-iot.xml b/assets/win11x64-iot.xml
new file mode 100644
index 0000000..d6825d0
--- /dev/null
+++ b/assets/win11x64-iot.xml
@@ -0,0 +1,475 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <!-- System partition (ESP) -->
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>EFI</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Microsoft reserved partition (MSR) -->
+ <CreatePartition wcm:action="add">
+ <Order>2</Order>
+ <Type>MSR</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Windows partition -->
+ <CreatePartition wcm:action="add">
+ <Order>3</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <!-- System partition (ESP) -->
+ <ModifyPartition wcm:action="add">
+ <Order>1</Order>
+ <PartitionID>1</PartitionID>
+ <Label>System</Label>
+ <Format>FAT32</Format>
+ </ModifyPartition>
+ <!-- MSR partition does not need to be modified -->
+ <ModifyPartition wcm:action="add">
+ <Order>2</Order>
+ <PartitionID>2</PartitionID>
+ </ModifyPartition>
+ <!-- Windows partition -->
+ <ModifyPartition wcm:action="add">
+ <Order>3</Order>
+ <PartitionID>3</PartitionID>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Format>NTFS</Format>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>3</PartitionID>
+ </InstallTo>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <DynamicUpdate>
+ <Enable>true</Enable>
+ <WillShowUI>Never</WillShowUI>
+ </DynamicUpdate>
+ <UpgradeData>
+ <Upgrade>false</Upgrade>
+ <WillShowUI>Never</WillShowUI>
+ </UpgradeData>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ <ProductKey>
+ <Key>CGK42-GYN6Y-VD22B-BX98W-J8JXD</Key>
+ </ProductKey>
+ </UserData>
+ <EnableFirewall>false</EnableFirewall>
+ <Diagnostics>
+ <OptIn>false</OptIn>
+ </Diagnostics>
+ <RunSynchronous>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassTPMCheck /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>2</Order>
+ <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassSecureBootCheck /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassRAMCheck /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <Path>reg.exe add "HKLM\SYSTEM\Setup\MoSetup" /v AllowUpgradesWithUnsupportedTPMOrCPU /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ </RunSynchronous>
+ </component>
+ </settings>
+ <settings pass="offlineServicing">
+ <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <EnableLUA>false</EnableLUA>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ <SupportHours>24/7</SupportHours>
+ <SupportPhone />
+ <SupportProvider>Dockur</SupportProvider>
+ <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+ </OEMInformation>
+ <OEMName>Windows for Docker</OEMName>
+ </component>
+ <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableWER>1</DisableWER>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <RunSynchronous>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE" /v BypassNRO /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>2</Order>
+ <Path>reg.exe load "HKU\mount" "C:\Users\Default\NTUSER.DAT"</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "ContentDeliveryAllowed" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "FeatureManagementEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "OEMPreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEverEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SilentInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SoftLandingEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContentEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-310093Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338387Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338388Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338389Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338393Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353698Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SystemPaneSuggestionsEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <Path>reg.exe unload "HKU\mount"</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>22</Order>
+ <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>23</Order>
+ <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>25</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>26</Order>
+ <Path>pnputil -i -a C:\Windows\Drivers\viogpudo\viogpudo.inf</Path>
+ <Description>Install VirtIO display driver</Description>
+ </RunSynchronousCommand>
+ </RunSynchronous>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAuthentication>0</UserAuthentication>
+ </component>
+ <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <FirewallGroups>
+ <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+ <Active>true</Active>
+ <Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
+ </FirewallGroup>
+ </FirewallGroups>
+ </component>
+ </settings>
+ <settings pass="auditSystem" />
+ <settings pass="auditUser" />
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PreventDeviceEncryption>true</PreventDeviceEncryption>
+ </component>
+ <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <HideLocalAccountScreen>true</HideLocalAccountScreen>
+ <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+ <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+ <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>true</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>2</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "RequireSecuritySignature" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable SMB signing requirement</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Enable option for passwordless sign-in</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoProfile -NonInteractive set-localuser -name "Docker" -passwordneverexpires 1</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Hide Copilot button</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Task View from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Widgets from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Chat from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>22</Order>
+ <CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV1 /d 0 /t REG_DWORD /f</CommandLine>
+ <Description>Disable unsupported hardware notifications</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>23</Order>
+ <CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV2 /d 0 /t REG_DWORD /f</CommandLine>
+ <Description>Disable unsupported hardware notifications</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <CommandLine>cmd /C rd /q C:\Windows.old</CommandLine>
+ <Description>Remove empty Windows.old folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>25</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>26</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/win11x64-ltsc.xml b/assets/win11x64-ltsc.xml
new file mode 100644
index 0000000..a9a6ce7
--- /dev/null
+++ b/assets/win11x64-ltsc.xml
@@ -0,0 +1,475 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <!-- System partition (ESP) -->
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>EFI</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Microsoft reserved partition (MSR) -->
+ <CreatePartition wcm:action="add">
+ <Order>2</Order>
+ <Type>MSR</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Windows partition -->
+ <CreatePartition wcm:action="add">
+ <Order>3</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <!-- System partition (ESP) -->
+ <ModifyPartition wcm:action="add">
+ <Order>1</Order>
+ <PartitionID>1</PartitionID>
+ <Label>System</Label>
+ <Format>FAT32</Format>
+ </ModifyPartition>
+ <!-- MSR partition does not need to be modified -->
+ <ModifyPartition wcm:action="add">
+ <Order>2</Order>
+ <PartitionID>2</PartitionID>
+ </ModifyPartition>
+ <!-- Windows partition -->
+ <ModifyPartition wcm:action="add">
+ <Order>3</Order>
+ <PartitionID>3</PartitionID>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Format>NTFS</Format>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>3</PartitionID>
+ </InstallTo>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <DynamicUpdate>
+ <Enable>true</Enable>
+ <WillShowUI>Never</WillShowUI>
+ </DynamicUpdate>
+ <UpgradeData>
+ <Upgrade>false</Upgrade>
+ <WillShowUI>Never</WillShowUI>
+ </UpgradeData>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ <ProductKey>
+ <Key>M7XTQ-FN8P6-TTKYV-9D4CC-J462D</Key>
+ </ProductKey>
+ </UserData>
+ <EnableFirewall>false</EnableFirewall>
+ <Diagnostics>
+ <OptIn>false</OptIn>
+ </Diagnostics>
+ <RunSynchronous>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassTPMCheck /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>2</Order>
+ <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassSecureBootCheck /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassRAMCheck /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <Path>reg.exe add "HKLM\SYSTEM\Setup\MoSetup" /v AllowUpgradesWithUnsupportedTPMOrCPU /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ </RunSynchronous>
+ </component>
+ </settings>
+ <settings pass="offlineServicing">
+ <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <EnableLUA>false</EnableLUA>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ <SupportHours>24/7</SupportHours>
+ <SupportPhone />
+ <SupportProvider>Dockur</SupportProvider>
+ <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+ </OEMInformation>
+ <OEMName>Windows for Docker</OEMName>
+ </component>
+ <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableWER>1</DisableWER>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <RunSynchronous>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE" /v BypassNRO /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>2</Order>
+ <Path>reg.exe load "HKU\mount" "C:\Users\Default\NTUSER.DAT"</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "ContentDeliveryAllowed" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "FeatureManagementEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "OEMPreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEverEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SilentInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SoftLandingEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContentEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-310093Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338387Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338388Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338389Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338393Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353698Enabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SystemPaneSuggestionsEnabled" /t REG_DWORD /d 0 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <Path>reg.exe add "HKU\mount\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <Path>reg.exe unload "HKU\mount"</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>22</Order>
+ <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>23</Order>
+ <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>25</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>26</Order>
+ <Path>pnputil -i -a C:\Windows\Drivers\viogpudo\viogpudo.inf</Path>
+ <Description>Install VirtIO display driver</Description>
+ </RunSynchronousCommand>
+ </RunSynchronous>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAuthentication>0</UserAuthentication>
+ </component>
+ <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <FirewallGroups>
+ <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+ <Active>true</Active>
+ <Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
+ </FirewallGroup>
+ </FirewallGroups>
+ </component>
+ </settings>
+ <settings pass="auditSystem" />
+ <settings pass="auditUser" />
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PreventDeviceEncryption>true</PreventDeviceEncryption>
+ </component>
+ <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <HideLocalAccountScreen>true</HideLocalAccountScreen>
+ <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+ <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+ <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>true</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>2</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "RequireSecuritySignature" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable SMB signing requirement</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Enable option for passwordless sign-in</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoProfile -NonInteractive set-localuser -name "Docker" -passwordneverexpires 1</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Hide Copilot button</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Task View from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Widgets from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Chat from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>22</Order>
+ <CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV1 /d 0 /t REG_DWORD /f</CommandLine>
+ <Description>Disable unsupported hardware notifications</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>23</Order>
+ <CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV2 /d 0 /t REG_DWORD /f</CommandLine>
+ <Description>Disable unsupported hardware notifications</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <CommandLine>cmd /C rd /q C:\Windows.old</CommandLine>
+ <Description>Remove empty Windows.old folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>25</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>26</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/win11x64.xml b/assets/win11x64.xml
index 4d02972..8082c7c 100644
--- a/assets/win11x64.xml
+++ b/assets/win11x64.xml
@@ -107,49 +107,6 @@
</RunSynchronousCommand>
</RunSynchronous>
</component>
- <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
- <DriverPaths>
- <PathAndCredentials wcm:action="add" wcm:keyValue="1">
- <Path>D:\viostor\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="2">
- <Path>D:\NetKVM\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="3">
- <Path>D:\Balloon\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="4">
- <Path>D:\pvpanic\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="5">
- <Path>D:\qemupciserial\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="6">
- <Path>D:\qxldod\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="7">
- <Path>D:\vioinput\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="8">
- <Path>D:\viorng\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="9">
- <Path>D:\vioscsi\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="10">
- <Path>D:\vioserial\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="11">
- <Path>D:\viogpudo\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="12">
- <Path>D:\sriov\w11\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="13">
- <Path>D:\viofs\w11\amd64</Path>
- </PathAndCredentials>
- </DriverPaths>
- </component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -305,6 +262,16 @@
<Order>24</Order>
<Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d 1 /f</Path>
</RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>25</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>26</Order>
+ <Path>pnputil -i -a C:\Windows\Drivers\viogpudo\viogpudo.inf</Path>
+ <Description>Install VirtIO display driver</Description>
+ </RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -317,8 +284,8 @@
<FirewallGroups>
<FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
<Active>true</Active>
- <Group>Remote Desktop</Group>
<Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
</FirewallGroup>
</FirewallGroups>
</component>
@@ -358,13 +325,18 @@
<PlainText>true</PlainText>
</Password>
</AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideLocalAccountScreen>true</HideLocalAccountScreen>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
- <NetworkLocation>Other</NetworkLocation>
+ <NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>3</ProtectYourPC>
<SkipUserOOBE>true</SkipUserOOBE>
<SkipMachineOOBE>true</SkipMachineOOBE>
@@ -379,43 +351,38 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>2</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Allow RDP login with blank password</Description>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "RequireSecuritySignature" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable SMB signing requirement</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>3</Order>
+ <Order>4</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Enable option for passwordless sign-in</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>4</Order>
- <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+ <Order>5</Order>
+ <CommandLine>powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoProfile -NonInteractive set-localuser -name "Docker" -passwordneverexpires 1</CommandLine>
<Description>Password Never Expires</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>5</Order>
+ <Order>6</Order>
<CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>6</Order>
+ <Order>7</Order>
<CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
<Description>Disable monitor blanking</Description>
</SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>7</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>8</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>9</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Disable first-run experience in Edge</Description>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Hide Copilot button</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>10</Order>
@@ -444,59 +411,64 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
- <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Cortana" /v "IsAvailable" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Cortana</Description>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>16</Order>
- <CommandLine>reg.exe add "HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AllowCortana" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Cortana in search</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>17</Order>
- <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Remove Search from the Taskbar</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>18</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>19</Order>
+ <Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>20</Order>
+ <Order>18</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>21</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Dsh" /v "AllowNewsAndInterests" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Widgets</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>22</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "SearchOnTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable search box in the taskbar</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>23</Order>
+ <Order>19</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off Windows Update auto download</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>24</Order>
+ <Order>20</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>22</Order>
<CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV1 /d 0 /t REG_DWORD /f</CommandLine>
<Description>Disable unsupported hardware notifications</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>25</Order>
+ <Order>23</Order>
<CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV2 /d 0 /t REG_DWORD /f</CommandLine>
<Description>Disable unsupported hardware notifications</Description>
</SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <CommandLine>cmd /C rd /q C:\Windows.old</CommandLine>
+ <Description>Remove empty Windows.old folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>25</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>26</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
</FirstLogonCommands>
</component>
</settings>
diff --git a/assets/win2008r2-eval.xml b/assets/win2008r2-eval.xml
new file mode 100644
index 0000000..09a23ce
--- /dev/null
+++ b/assets/win2008r2-eval.xml
@@ -0,0 +1,304 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <WillShowUI>OnError</WillShowUI>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>Primary</Type>
+ <Size>100</Size>
+ </CreatePartition>
+ <CreatePartition wcm:action="add">
+ <Order>2</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <ModifyPartition wcm:action="add">
+ <Format>NTFS</Format>
+ <Label>System Reserved</Label>
+ <Order>1</Order>
+ <Active>true</Active>
+ <PartitionID>1</PartitionID>
+ <TypeID>0x27</TypeID>
+ </ModifyPartition>
+ <ModifyPartition wcm:action="add">
+ <Active>true</Active>
+ <Format>NTFS</Format>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Order>2</Order>
+ <PartitionID>2</PartitionID>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallFrom>
+ <MetaData wcm:action="add">
+ <Value>1</Value>
+ <Key>/IMAGE/INDEX</Key>
+ </MetaData>
+ </InstallFrom>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>2</PartitionID>
+ </InstallTo>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <DynamicUpdate>
+ <Enable>true</Enable>
+ <WillShowUI>Never</WillShowUI>
+ </DynamicUpdate>
+ <UpgradeData>
+ <Upgrade>false</Upgrade>
+ <WillShowUI>Never</WillShowUI>
+ </UpgradeData>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ </UserData>
+ <EnableFirewall>false</EnableFirewall>
+ <Diagnostics>
+ <OptIn>false</OptIn>
+ </Diagnostics>
+ </component>
+ </settings>
+ <settings pass="offlineServicing">
+ <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <EnableLUA>false</EnableLUA>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ </OEMInformation>
+ </component>
+ <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableWER>1</DisableWER>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+ </component>
+ <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAuthentication>0</UserAuthentication>
+ </component>
+ <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <FirewallGroups>
+ <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+ <Active>true</Active>
+ <Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
+ </FirewallGroup>
+ </FirewallGroups>
+ </component>
+ </settings>
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>true</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Enable option for passwordless sign-in</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/win2008r2.xml b/assets/win2008r2.xml
index 6c81a33..5dee0a5 100644
--- a/assets/win2008r2.xml
+++ b/assets/win2008r2.xml
@@ -75,47 +75,15 @@
<AcceptEula>true</AcceptEula>
<FullName>Docker</FullName>
<Organization>Windows for Docker</Organization>
- <ProductKey />
+ <ProductKey>
+ <Key>YC6KT-GKW9T-YTKYR-T4X34-R7VHC</Key>
+ </ProductKey>
</UserData>
<EnableFirewall>false</EnableFirewall>
<Diagnostics>
<OptIn>false</OptIn>
</Diagnostics>
</component>
- <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
- <DriverPaths>
- <PathAndCredentials wcm:action="add" wcm:keyValue="1">
- <Path>D:\viostor\2k8R2\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="2">
- <Path>D:\NetKVM\2k8R2\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="3">
- <Path>D:\Balloon\2k8R2\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="4">
- <Path>D:\pvpanic\2k8R2\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="5">
- <Path>D:\qemupciserial\2k8R2\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="6">
- <Path>D:\qxldod\2k8R2\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="7">
- <Path>D:\vioinput\2k8R2\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="8">
- <Path>D:\viorng\2k8R2\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="9">
- <Path>D:\vioscsi\2k8R2\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="10">
- <Path>D:\vioserial\2k8R2\amd64</Path>
- </PathAndCredentials>
- </DriverPaths>
- </component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -168,6 +136,12 @@
<UILanguage>en-US</UILanguage>
<UserLocale>en-US</UserLocale>
</component>
+ <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+ </component>
+ <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+ </component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<fDenyTSConnections>false</fDenyTSConnections>
</component>
@@ -178,8 +152,8 @@
<FirewallGroups>
<FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
<Active>true</Active>
- <Group>Remote Desktop</Group>
<Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
</FirewallGroup>
</FirewallGroups>
</component>
@@ -211,10 +185,15 @@
<PlainText>true</PlainText>
</Password>
</AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
- <NetworkLocation>Other</NetworkLocation>
+ <NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>3</ProtectYourPC>
<SkipUserOOBE>true</SkipUserOOBE>
<SkipMachineOOBE>true</SkipMachineOOBE>
@@ -228,69 +207,99 @@
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>2</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Allow RDP login with blank password</Description>
+ <Order>3</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Enable option for passwordless sign-in</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>3</Order>
+ <Order>4</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
<Description>Password Never Expires</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>4</Order>
+ <Order>5</Order>
<CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>5</Order>
+ <Order>6</Order>
<CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
<Description>Disable monitor blanking</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>6</Order>
+ <Order>7</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>7</Order>
+ <Order>8</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>8</Order>
+ <Order>9</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
+ </SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>9</Order>
+ <Order>10</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>10</Order>
+ <Order>11</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>11</Order>
+ <Order>12</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>12</Order>
+ <Order>13</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>13</Order>
+ <Order>14</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>14</Order>
+ <Order>15</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
</FirstLogonCommands>
</component>
diff --git a/assets/win2012r2-eval.xml b/assets/win2012r2-eval.xml
index 1a8221a..6351559 100644
--- a/assets/win2012r2-eval.xml
+++ b/assets/win2012r2-eval.xml
@@ -63,7 +63,7 @@
<ImageInstall>
<OSImage>
<InstallFrom>
- <MetaData wcm:action="add">
+ <MetaData wcm:action="add">
<Key>/image/index</Key>
<Value>2</Value>
</MetaData>
@@ -88,56 +88,12 @@
<AcceptEula>true</AcceptEula>
<FullName>Docker</FullName>
<Organization>Windows for Docker</Organization>
- <ProductKey />
</UserData>
<EnableFirewall>false</EnableFirewall>
<Diagnostics>
<OptIn>false</OptIn>
</Diagnostics>
</component>
- <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
- <DriverPaths>
- <PathAndCredentials wcm:action="add" wcm:keyValue="1">
- <Path>D:\viostor\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="2">
- <Path>D:\NetKVM\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="3">
- <Path>D:\Balloon\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="4">
- <Path>D:\pvpanic\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="5">
- <Path>D:\qemupciserial\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="6">
- <Path>D:\qxldod\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="7">
- <Path>D:\vioinput\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="8">
- <Path>D:\viorng\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="9">
- <Path>D:\vioscsi\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="10">
- <Path>D:\vioserial\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="11">
- <Path>D:\viogpudo\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="12">
- <Path>D:\sriov\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="13">
- <Path>D:\viofs\2k16\amd64</Path>
- </PathAndCredentials>
- </DriverPaths>
- </component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -192,6 +148,15 @@
<UILanguageFallback>en-US</UILanguageFallback>
<UserLocale>en-US</UserLocale>
</component>
+ <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <RunSynchronous>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
+ </RunSynchronous>
+ </component>
<component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
</component>
@@ -208,8 +173,8 @@
<FirewallGroups>
<FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
<Active>true</Active>
- <Group>Remote Desktop</Group>
<Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
</FirewallGroup>
</FirewallGroups>
</component>
@@ -247,13 +212,18 @@
<PlainText>true</PlainText>
</Password>
</AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideLocalAccountScreen>true</HideLocalAccountScreen>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
- <NetworkLocation>Other</NetworkLocation>
+ <NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>3</ProtectYourPC>
<SkipUserOOBE>true</SkipUserOOBE>
<SkipMachineOOBE>true</SkipMachineOOBE>
@@ -266,11 +236,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>2</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Allow RDP login with blank password</Description>
- </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -293,43 +258,68 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>7</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>8</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>9</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>10</Order>
+ <Order>8</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>11</Order>
+ <Order>9</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>12</Order>
+ <Order>10</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>13</Order>
+ <Order>11</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>14</Order>
+ <Order>12</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
</FirstLogonCommands>
</component>
diff --git a/assets/win2012r2.xml b/assets/win2012r2.xml
new file mode 100644
index 0000000..bb3dd70
--- /dev/null
+++ b/assets/win2012r2.xml
@@ -0,0 +1,330 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UILanguageFallback>en-US</UILanguageFallback>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <!-- System partition (ESP) -->
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>EFI</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Microsoft reserved partition (MSR) -->
+ <CreatePartition wcm:action="add">
+ <Order>2</Order>
+ <Type>MSR</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Windows partition -->
+ <CreatePartition wcm:action="add">
+ <Order>3</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <!-- System partition (ESP) -->
+ <ModifyPartition wcm:action="add">
+ <Order>1</Order>
+ <PartitionID>1</PartitionID>
+ <Label>System</Label>
+ <Format>FAT32</Format>
+ </ModifyPartition>
+ <!-- MSR partition does not need to be modified -->
+ <ModifyPartition wcm:action="add">
+ <Order>2</Order>
+ <PartitionID>2</PartitionID>
+ </ModifyPartition>
+ <!-- Windows partition -->
+ <ModifyPartition wcm:action="add">
+ <Order>3</Order>
+ <PartitionID>3</PartitionID>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Format>NTFS</Format>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallFrom>
+ <MetaData wcm:action="add">
+ <Key>/image/index</Key>
+ <Value>2</Value>
+ </MetaData>
+ </InstallFrom>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>3</PartitionID>
+ </InstallTo>
+ <WillShowUI>OnError</WillShowUI>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <DynamicUpdate>
+ <Enable>true</Enable>
+ <WillShowUI>Never</WillShowUI>
+ </DynamicUpdate>
+ <UpgradeData>
+ <Upgrade>false</Upgrade>
+ <WillShowUI>Never</WillShowUI>
+ </UpgradeData>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ <ProductKey>
+ <Key>D2N9P-3P6X9-2R39C-7RTCD-MDVJX</Key>
+ </ProductKey>
+ </UserData>
+ <EnableFirewall>false</EnableFirewall>
+ <Diagnostics>
+ <OptIn>false</OptIn>
+ </Diagnostics>
+ </component>
+ </settings>
+ <settings pass="offlineServicing">
+ <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <EnableLUA>false</EnableLUA>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ </OEMInformation>
+ <OEMName>Windows for Docker</OEMName>
+ </component>
+ <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableWER>1</DisableWER>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UILanguageFallback>en-US</UILanguageFallback>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <RunSynchronous>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
+ </RunSynchronous>
+ </component>
+ <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+ </component>
+ <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAuthentication>0</UserAuthentication>
+ </component>
+ <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <FirewallGroups>
+ <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+ <Active>true</Active>
+ <Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
+ </FirewallGroup>
+ </FirewallGroups>
+ </component>
+ </settings>
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PreventDeviceEncryption>true</PreventDeviceEncryption>
+ </component>
+ <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <HideLocalAccountScreen>true</HideLocalAccountScreen>
+ <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+ <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+ <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>true</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Enable option for passwordless sign-in</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/win2016-eval.xml b/assets/win2016-eval.xml
index 4c5f0fa..d788960 100644
--- a/assets/win2016-eval.xml
+++ b/assets/win2016-eval.xml
@@ -88,56 +88,12 @@
<AcceptEula>true</AcceptEula>
<FullName>Docker</FullName>
<Organization>Windows for Docker</Organization>
- <ProductKey />
</UserData>
<EnableFirewall>false</EnableFirewall>
<Diagnostics>
<OptIn>false</OptIn>
</Diagnostics>
</component>
- <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
- <DriverPaths>
- <PathAndCredentials wcm:action="add" wcm:keyValue="1">
- <Path>D:\viostor\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="2">
- <Path>D:\NetKVM\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="3">
- <Path>D:\Balloon\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="4">
- <Path>D:\pvpanic\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="5">
- <Path>D:\qemupciserial\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="6">
- <Path>D:\qxldod\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="7">
- <Path>D:\vioinput\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="8">
- <Path>D:\viorng\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="9">
- <Path>D:\vioscsi\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="10">
- <Path>D:\vioserial\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="11">
- <Path>D:\viogpudo\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="12">
- <Path>D:\sriov\2k16\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="13">
- <Path>D:\viofs\2k16\amd64</Path>
- </PathAndCredentials>
- </DriverPaths>
- </component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -192,6 +148,15 @@
<UILanguageFallback>en-US</UILanguageFallback>
<UserLocale>en-US</UserLocale>
</component>
+ <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <RunSynchronous>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
+ </RunSynchronous>
+ </component>
<component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
</component>
@@ -208,8 +173,8 @@
<FirewallGroups>
<FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
<Active>true</Active>
- <Group>Remote Desktop</Group>
<Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
</FirewallGroup>
</FirewallGroups>
</component>
@@ -247,13 +212,18 @@
<PlainText>true</PlainText>
</Password>
</AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideLocalAccountScreen>true</HideLocalAccountScreen>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
- <NetworkLocation>Other</NetworkLocation>
+ <NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>3</ProtectYourPC>
<SkipUserOOBE>true</SkipUserOOBE>
<SkipMachineOOBE>true</SkipMachineOOBE>
@@ -266,11 +236,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>2</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Allow RDP login with blank password</Description>
- </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -293,88 +258,88 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>7</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>8</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>9</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>10</Order>
+ <Order>8</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>11</Order>
+ <Order>9</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>12</Order>
+ <Order>10</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>13</Order>
+ <Order>11</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>14</Order>
+ <Order>12</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>15</Order>
- <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Cortana" /v "IsAvailable" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Cortana</Description>
+ <Order>13</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>16</Order>
- <CommandLine>reg.exe add "HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AllowCortana" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Cortana in search</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>17</Order>
+ <Order>14</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Search from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>18</Order>
+ <Order>15</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>19</Order>
+ <Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>20</Order>
+ <Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Dsh" /v "AllowNewsAndInterests" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Widgets</Description>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>22</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "SearchOnTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable search box in the taskbar</Description>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>23</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Turn off Windows Update auto download</Description>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
</FirstLogonCommands>
</component>
diff --git a/assets/win2016.xml b/assets/win2016.xml
new file mode 100644
index 0000000..e055e00
--- /dev/null
+++ b/assets/win2016.xml
@@ -0,0 +1,350 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UILanguageFallback>en-US</UILanguageFallback>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <!-- System partition (ESP) -->
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>EFI</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Microsoft reserved partition (MSR) -->
+ <CreatePartition wcm:action="add">
+ <Order>2</Order>
+ <Type>MSR</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Windows partition -->
+ <CreatePartition wcm:action="add">
+ <Order>3</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <!-- System partition (ESP) -->
+ <ModifyPartition wcm:action="add">
+ <Order>1</Order>
+ <PartitionID>1</PartitionID>
+ <Label>System</Label>
+ <Format>FAT32</Format>
+ </ModifyPartition>
+ <!-- MSR partition does not need to be modified -->
+ <ModifyPartition wcm:action="add">
+ <Order>2</Order>
+ <PartitionID>2</PartitionID>
+ </ModifyPartition>
+ <!-- Windows partition -->
+ <ModifyPartition wcm:action="add">
+ <Order>3</Order>
+ <PartitionID>3</PartitionID>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Format>NTFS</Format>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallFrom>
+ <MetaData wcm:action="add">
+ <Key>/IMAGE/NAME</Key>
+ <Value>Windows Server 2016 SERVERSTANDARD</Value>
+ </MetaData>
+ </InstallFrom>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>3</PartitionID>
+ </InstallTo>
+ <WillShowUI>OnError</WillShowUI>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <DynamicUpdate>
+ <Enable>true</Enable>
+ <WillShowUI>Never</WillShowUI>
+ </DynamicUpdate>
+ <UpgradeData>
+ <Upgrade>false</Upgrade>
+ <WillShowUI>Never</WillShowUI>
+ </UpgradeData>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ <ProductKey>
+ <Key>WC2BQ-8NRM3-FDDYY-2BFGV-KHKQY</Key>
+ </ProductKey>
+ </UserData>
+ <EnableFirewall>false</EnableFirewall>
+ <Diagnostics>
+ <OptIn>false</OptIn>
+ </Diagnostics>
+ </component>
+ </settings>
+ <settings pass="offlineServicing">
+ <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <EnableLUA>false</EnableLUA>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ </OEMInformation>
+ <OEMName>Windows for Docker</OEMName>
+ </component>
+ <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableWER>1</DisableWER>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UILanguageFallback>en-US</UILanguageFallback>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <RunSynchronous>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
+ </RunSynchronous>
+ </component>
+ <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+ </component>
+ <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAuthentication>0</UserAuthentication>
+ </component>
+ <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <FirewallGroups>
+ <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+ <Active>true</Active>
+ <Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
+ </FirewallGroup>
+ </FirewallGroups>
+ </component>
+ </settings>
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PreventDeviceEncryption>true</PreventDeviceEncryption>
+ </component>
+ <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <HideLocalAccountScreen>true</HideLocalAccountScreen>
+ <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+ <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+ <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>true</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Enable option for passwordless sign-in</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Search from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Task View from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Widgets from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Chat from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>22</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>23</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/win2019-eval.xml b/assets/win2019-eval.xml
index ac3d142..332d974 100644
--- a/assets/win2019-eval.xml
+++ b/assets/win2019-eval.xml
@@ -88,56 +88,12 @@
<AcceptEula>true</AcceptEula>
<FullName>Docker</FullName>
<Organization>Windows for Docker</Organization>
- <ProductKey />
</UserData>
<EnableFirewall>false</EnableFirewall>
<Diagnostics>
<OptIn>false</OptIn>
</Diagnostics>
</component>
- <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
- <DriverPaths>
- <PathAndCredentials wcm:action="add" wcm:keyValue="1">
- <Path>D:\viostor\2k19\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="2">
- <Path>D:\NetKVM\2k19\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="3">
- <Path>D:\Balloon\2k19\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="4">
- <Path>D:\pvpanic\2k19\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="5">
- <Path>D:\qemupciserial\2k19\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="6">
- <Path>D:\qxldod\2k19\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="7">
- <Path>D:\vioinput\2k19\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="8">
- <Path>D:\viorng\2k19\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="9">
- <Path>D:\vioscsi\2k19\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="10">
- <Path>D:\vioserial\2k19\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="11">
- <Path>D:\viogpudo\2k19\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="12">
- <Path>D:\sriov\2k19\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="13">
- <Path>D:\viofs\2k19\amd64</Path>
- </PathAndCredentials>
- </DriverPaths>
- </component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -196,6 +152,15 @@
<UILanguageFallback>en-US</UILanguageFallback>
<UserLocale>en-US</UserLocale>
</component>
+ <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <RunSynchronous>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
+ </RunSynchronous>
+ </component>
<component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
</component>
@@ -212,8 +177,8 @@
<FirewallGroups>
<FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
<Active>true</Active>
- <Group>Remote Desktop</Group>
<Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
</FirewallGroup>
</FirewallGroups>
</component>
@@ -251,13 +216,18 @@
<PlainText>true</PlainText>
</Password>
</AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideLocalAccountScreen>true</HideLocalAccountScreen>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
- <NetworkLocation>Other</NetworkLocation>
+ <NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>3</ProtectYourPC>
<SkipUserOOBE>true</SkipUserOOBE>
<SkipMachineOOBE>true</SkipMachineOOBE>
@@ -270,11 +240,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>2</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Allow RDP login with blank password</Description>
- </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -297,88 +262,88 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>7</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>8</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>9</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>10</Order>
+ <Order>8</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>11</Order>
+ <Order>9</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>12</Order>
+ <Order>10</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>13</Order>
+ <Order>11</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>14</Order>
+ <Order>12</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>15</Order>
- <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Cortana" /v "IsAvailable" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Cortana</Description>
+ <Order>13</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>16</Order>
- <CommandLine>reg.exe add "HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AllowCortana" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Cortana in search</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>17</Order>
+ <Order>14</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Search from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>18</Order>
+ <Order>15</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>19</Order>
+ <Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>20</Order>
+ <Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Dsh" /v "AllowNewsAndInterests" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Widgets</Description>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>22</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "SearchOnTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable search box in the taskbar</Description>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>23</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Turn off Windows Update auto download</Description>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
</FirstLogonCommands>
</component>
diff --git a/assets/win2019-hv.xml b/assets/win2019-hv.xml
new file mode 100644
index 0000000..2fb6e32
--- /dev/null
+++ b/assets/win2019-hv.xml
@@ -0,0 +1,356 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UILanguageFallback>en-US</UILanguageFallback>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <!-- System partition (ESP) -->
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>EFI</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Microsoft reserved partition (MSR) -->
+ <CreatePartition wcm:action="add">
+ <Order>2</Order>
+ <Type>MSR</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Windows partition -->
+ <CreatePartition wcm:action="add">
+ <Order>3</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <!-- System partition (ESP) -->
+ <ModifyPartition wcm:action="add">
+ <Order>1</Order>
+ <PartitionID>1</PartitionID>
+ <Label>System</Label>
+ <Format>FAT32</Format>
+ </ModifyPartition>
+ <!-- MSR partition does not need to be modified -->
+ <ModifyPartition wcm:action="add">
+ <Order>2</Order>
+ <PartitionID>2</PartitionID>
+ </ModifyPartition>
+ <!-- Windows partition -->
+ <ModifyPartition wcm:action="add">
+ <Order>3</Order>
+ <PartitionID>3</PartitionID>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Format>NTFS</Format>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallFrom>
+ <MetaData wcm:action="add">
+ <Key>/IMAGE/NAME</Key>
+ <Value>Hyper-V Server 2019 SERVERHYPERCORE</Value>
+ </MetaData>
+ </InstallFrom>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>3</PartitionID>
+ </InstallTo>
+ <WillShowUI>OnError</WillShowUI>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <DynamicUpdate>
+ <Enable>true</Enable>
+ <WillShowUI>Never</WillShowUI>
+ </DynamicUpdate>
+ <UpgradeData>
+ <Upgrade>false</Upgrade>
+ <WillShowUI>Never</WillShowUI>
+ </UpgradeData>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ </UserData>
+ <EnableFirewall>false</EnableFirewall>
+ <Diagnostics>
+ <OptIn>false</OptIn>
+ </Diagnostics>
+ </component>
+ </settings>
+ <settings pass="offlineServicing">
+ <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <EnableLUA>false</EnableLUA>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ <SupportHours>24/7</SupportHours>
+ <SupportPhone />
+ <SupportProvider>Dockur</SupportProvider>
+ <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+ </OEMInformation>
+ <OEMName>Windows for Docker</OEMName>
+ </component>
+ <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableWER>1</DisableWER>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UILanguageFallback>en-US</UILanguageFallback>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <RunSynchronous>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>2</Order>
+ <Path>dism.exe /online /Disable-Feature /FeatureName:Microsoft-Hyper-V /NoRestart</Path>
+ <Description>Disable Hyper-V role</Description>
+ </RunSynchronousCommand>
+ </RunSynchronous>
+ </component>
+ <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+ </component>
+ <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAuthentication>0</UserAuthentication>
+ </component>
+ <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <FirewallGroups>
+ <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+ <Active>true</Active>
+ <Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
+ </FirewallGroup>
+ </FirewallGroups>
+ </component>
+ </settings>
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PreventDeviceEncryption>true</PreventDeviceEncryption>
+ </component>
+ <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <HideLocalAccountScreen>true</HideLocalAccountScreen>
+ <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+ <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+ <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>true</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Enable option for passwordless sign-in</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Search from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Task View from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Widgets from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Chat from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>22</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>23</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/win2019.xml b/assets/win2019.xml
new file mode 100644
index 0000000..b5d8235
--- /dev/null
+++ b/assets/win2019.xml
@@ -0,0 +1,354 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UILanguageFallback>en-US</UILanguageFallback>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <!-- System partition (ESP) -->
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>EFI</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Microsoft reserved partition (MSR) -->
+ <CreatePartition wcm:action="add">
+ <Order>2</Order>
+ <Type>MSR</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Windows partition -->
+ <CreatePartition wcm:action="add">
+ <Order>3</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <!-- System partition (ESP) -->
+ <ModifyPartition wcm:action="add">
+ <Order>1</Order>
+ <PartitionID>1</PartitionID>
+ <Label>System</Label>
+ <Format>FAT32</Format>
+ </ModifyPartition>
+ <!-- MSR partition does not need to be modified -->
+ <ModifyPartition wcm:action="add">
+ <Order>2</Order>
+ <PartitionID>2</PartitionID>
+ </ModifyPartition>
+ <!-- Windows partition -->
+ <ModifyPartition wcm:action="add">
+ <Order>3</Order>
+ <PartitionID>3</PartitionID>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Format>NTFS</Format>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallFrom>
+ <MetaData wcm:action="add">
+ <Key>/IMAGE/NAME</Key>
+ <Value>Windows Server 2019 SERVERSTANDARD</Value>
+ </MetaData>
+ </InstallFrom>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>3</PartitionID>
+ </InstallTo>
+ <WillShowUI>OnError</WillShowUI>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <DynamicUpdate>
+ <Enable>true</Enable>
+ <WillShowUI>Never</WillShowUI>
+ </DynamicUpdate>
+ <UpgradeData>
+ <Upgrade>false</Upgrade>
+ <WillShowUI>Never</WillShowUI>
+ </UpgradeData>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ <ProductKey>
+ <Key>N69G4-B89J2-4G8F4-WWYCC-J464C</Key>
+ </ProductKey>
+ </UserData>
+ <EnableFirewall>false</EnableFirewall>
+ <Diagnostics>
+ <OptIn>false</OptIn>
+ </Diagnostics>
+ </component>
+ </settings>
+ <settings pass="offlineServicing">
+ <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <EnableLUA>false</EnableLUA>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ <SupportHours>24/7</SupportHours>
+ <SupportPhone />
+ <SupportProvider>Dockur</SupportProvider>
+ <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+ </OEMInformation>
+ <OEMName>Windows for Docker</OEMName>
+ </component>
+ <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableWER>1</DisableWER>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UILanguageFallback>en-US</UILanguageFallback>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <RunSynchronous>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
+ </RunSynchronous>
+ </component>
+ <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+ </component>
+ <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAuthentication>0</UserAuthentication>
+ </component>
+ <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <FirewallGroups>
+ <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+ <Active>true</Active>
+ <Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
+ </FirewallGroup>
+ </FirewallGroups>
+ </component>
+ </settings>
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PreventDeviceEncryption>true</PreventDeviceEncryption>
+ </component>
+ <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <HideLocalAccountScreen>true</HideLocalAccountScreen>
+ <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+ <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+ <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>true</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Enable option for passwordless sign-in</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Search from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Task View from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Widgets from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Chat from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>22</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>23</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/win2022-eval.xml b/assets/win2022-eval.xml
index 0ed385c..5748cb4 100644
--- a/assets/win2022-eval.xml
+++ b/assets/win2022-eval.xml
@@ -88,56 +88,12 @@
<AcceptEula>true</AcceptEula>
<FullName>Docker</FullName>
<Organization>Windows for Docker</Organization>
- <ProductKey />
</UserData>
<EnableFirewall>false</EnableFirewall>
<Diagnostics>
<OptIn>false</OptIn>
</Diagnostics>
</component>
- <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
- <DriverPaths>
- <PathAndCredentials wcm:action="add" wcm:keyValue="1">
- <Path>D:\viostor\2k22\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="2">
- <Path>D:\NetKVM\2k22\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="3">
- <Path>D:\Balloon\2k22\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="4">
- <Path>D:\pvpanic\2k22\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="5">
- <Path>D:\qemupciserial\2k22\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="6">
- <Path>D:\qxldod\2k22\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="7">
- <Path>D:\vioinput\2k22\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="8">
- <Path>D:\viorng\2k22\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="9">
- <Path>D:\vioscsi\2k22\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="10">
- <Path>D:\vioserial\2k22\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="11">
- <Path>D:\viogpudo\2k22\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="12">
- <Path>D:\sriov\2k22\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="13">
- <Path>D:\viofs\2k22\amd64</Path>
- </PathAndCredentials>
- </DriverPaths>
- </component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -196,6 +152,15 @@
<UILanguageFallback>en-US</UILanguageFallback>
<UserLocale>en-US</UserLocale>
</component>
+ <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <RunSynchronous>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
+ </RunSynchronous>
+ </component>
<component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
</component>
@@ -212,8 +177,8 @@
<FirewallGroups>
<FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
<Active>true</Active>
- <Group>Remote Desktop</Group>
<Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
</FirewallGroup>
</FirewallGroups>
</component>
@@ -251,13 +216,18 @@
<PlainText>true</PlainText>
</Password>
</AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideLocalAccountScreen>true</HideLocalAccountScreen>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
- <NetworkLocation>Other</NetworkLocation>
+ <NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>3</ProtectYourPC>
<SkipUserOOBE>true</SkipUserOOBE>
<SkipMachineOOBE>true</SkipMachineOOBE>
@@ -270,11 +240,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>2</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Allow RDP login with blank password</Description>
- </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -297,88 +262,88 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>7</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>8</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>9</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>10</Order>
+ <Order>8</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>11</Order>
+ <Order>9</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>12</Order>
+ <Order>10</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>13</Order>
+ <Order>11</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>14</Order>
+ <Order>12</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>15</Order>
- <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Cortana" /v "IsAvailable" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Cortana</Description>
+ <Order>13</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>16</Order>
- <CommandLine>reg.exe add "HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AllowCortana" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Cortana in search</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>17</Order>
+ <Order>14</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Search from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>18</Order>
+ <Order>15</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Task View from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>19</Order>
+ <Order>16</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Widgets from the Taskbar</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>20</Order>
+ <Order>17</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Remove Chat from the Taskbar</Description>
</SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>21</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Dsh" /v "AllowNewsAndInterests" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable Widgets</Description>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>22</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "SearchOnTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Disable search box in the taskbar</Description>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>23</Order>
- <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Turn off Windows Update auto download</Description>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
</FirstLogonCommands>
</component>
diff --git a/assets/win2022.xml b/assets/win2022.xml
new file mode 100644
index 0000000..eac9414
--- /dev/null
+++ b/assets/win2022.xml
@@ -0,0 +1,354 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UILanguageFallback>en-US</UILanguageFallback>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <!-- System partition (ESP) -->
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>EFI</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Microsoft reserved partition (MSR) -->
+ <CreatePartition wcm:action="add">
+ <Order>2</Order>
+ <Type>MSR</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Windows partition -->
+ <CreatePartition wcm:action="add">
+ <Order>3</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <!-- System partition (ESP) -->
+ <ModifyPartition wcm:action="add">
+ <Order>1</Order>
+ <PartitionID>1</PartitionID>
+ <Label>System</Label>
+ <Format>FAT32</Format>
+ </ModifyPartition>
+ <!-- MSR partition does not need to be modified -->
+ <ModifyPartition wcm:action="add">
+ <Order>2</Order>
+ <PartitionID>2</PartitionID>
+ </ModifyPartition>
+ <!-- Windows partition -->
+ <ModifyPartition wcm:action="add">
+ <Order>3</Order>
+ <PartitionID>3</PartitionID>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Format>NTFS</Format>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallFrom>
+ <MetaData wcm:action="add">
+ <Key>/IMAGE/NAME</Key>
+ <Value>Windows Server 2022 SERVERSTANDARD</Value>
+ </MetaData>
+ </InstallFrom>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>3</PartitionID>
+ </InstallTo>
+ <WillShowUI>OnError</WillShowUI>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <DynamicUpdate>
+ <Enable>true</Enable>
+ <WillShowUI>Never</WillShowUI>
+ </DynamicUpdate>
+ <UpgradeData>
+ <Upgrade>false</Upgrade>
+ <WillShowUI>Never</WillShowUI>
+ </UpgradeData>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ <ProductKey>
+ <Key>VDYBN-27WPP-V4HQT-9VMD4-VMK7H</Key>
+ </ProductKey>
+ </UserData>
+ <EnableFirewall>false</EnableFirewall>
+ <Diagnostics>
+ <OptIn>false</OptIn>
+ </Diagnostics>
+ </component>
+ </settings>
+ <settings pass="offlineServicing">
+ <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <EnableLUA>false</EnableLUA>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ <SupportHours>24/7</SupportHours>
+ <SupportPhone />
+ <SupportProvider>Dockur</SupportProvider>
+ <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+ </OEMInformation>
+ <OEMName>Windows for Docker</OEMName>
+ </component>
+ <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableWER>1</DisableWER>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UILanguageFallback>en-US</UILanguageFallback>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <RunSynchronous>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
+ </RunSynchronous>
+ </component>
+ <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+ </component>
+ <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAuthentication>0</UserAuthentication>
+ </component>
+ <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <FirewallGroups>
+ <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+ <Active>true</Active>
+ <Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
+ </FirewallGroup>
+ </FirewallGroups>
+ </component>
+ </settings>
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PreventDeviceEncryption>true</PreventDeviceEncryption>
+ </component>
+ <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <HideLocalAccountScreen>true</HideLocalAccountScreen>
+ <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+ <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+ <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>true</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Enable option for passwordless sign-in</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Search from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Task View from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Widgets from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Chat from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>22</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>23</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/win2025-eval.xml b/assets/win2025-eval.xml
new file mode 100644
index 0000000..5b92f00
--- /dev/null
+++ b/assets/win2025-eval.xml
@@ -0,0 +1,361 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UILanguageFallback>en-US</UILanguageFallback>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <!-- System partition (ESP) -->
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>EFI</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Microsoft reserved partition (MSR) -->
+ <CreatePartition wcm:action="add">
+ <Order>2</Order>
+ <Type>MSR</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Windows partition -->
+ <CreatePartition wcm:action="add">
+ <Order>3</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <!-- System partition (ESP) -->
+ <ModifyPartition wcm:action="add">
+ <Order>1</Order>
+ <PartitionID>1</PartitionID>
+ <Label>System</Label>
+ <Format>FAT32</Format>
+ </ModifyPartition>
+ <!-- MSR partition does not need to be modified -->
+ <ModifyPartition wcm:action="add">
+ <Order>2</Order>
+ <PartitionID>2</PartitionID>
+ </ModifyPartition>
+ <!-- Windows partition -->
+ <ModifyPartition wcm:action="add">
+ <Order>3</Order>
+ <PartitionID>3</PartitionID>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Format>NTFS</Format>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallFrom>
+ <MetaData wcm:action="add">
+ <Key>/IMAGE/NAME</Key>
+ <Value>Windows Server 2025 SERVERSTANDARD</Value>
+ </MetaData>
+ </InstallFrom>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>3</PartitionID>
+ </InstallTo>
+ <WillShowUI>OnError</WillShowUI>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <DynamicUpdate>
+ <Enable>true</Enable>
+ <WillShowUI>Never</WillShowUI>
+ </DynamicUpdate>
+ <UpgradeData>
+ <Upgrade>false</Upgrade>
+ <WillShowUI>Never</WillShowUI>
+ </UpgradeData>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ </UserData>
+ <EnableFirewall>false</EnableFirewall>
+ <Diagnostics>
+ <OptIn>false</OptIn>
+ </Diagnostics>
+ </component>
+ </settings>
+ <settings pass="offlineServicing">
+ <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <EnableLUA>false</EnableLUA>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ <SupportHours>24/7</SupportHours>
+ <SupportPhone />
+ <SupportProvider>Dockur</SupportProvider>
+ <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+ </OEMInformation>
+ <OEMName>Windows for Docker</OEMName>
+ </component>
+ <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableWER>1</DisableWER>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UILanguageFallback>en-US</UILanguageFallback>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <RunSynchronous>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>2</Order>
+ <Path>pnputil -i -a C:\Windows\Drivers\viogpudo\viogpudo.inf</Path>
+ <Description>Install VirtIO display driver</Description>
+ </RunSynchronousCommand>
+ </RunSynchronous>
+ </component>
+ <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+ </component>
+ <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAuthentication>0</UserAuthentication>
+ </component>
+ <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <FirewallGroups>
+ <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+ <Active>true</Active>
+ <Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
+ </FirewallGroup>
+ </FirewallGroups>
+ </component>
+ </settings>
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PreventDeviceEncryption>true</PreventDeviceEncryption>
+ </component>
+ <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <HideLocalAccountScreen>true</HideLocalAccountScreen>
+ <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+ <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+ <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>true</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>2</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "RequireSecuritySignature" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable SMB signing requirement</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Enable option for passwordless sign-in</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoProfile -NonInteractive set-localuser -name "Docker" -passwordneverexpires 1</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Hide Copilot button</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Task View from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Widgets from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Chat from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>22</Order>
+ <CommandLine>cmd /C rd /q C:\Windows.old</CommandLine>
+ <Description>Remove empty Windows.old folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>23</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/win2025.xml b/assets/win2025.xml
new file mode 100644
index 0000000..2796db6
--- /dev/null
+++ b/assets/win2025.xml
@@ -0,0 +1,364 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UILanguageFallback>en-US</UILanguageFallback>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <!-- System partition (ESP) -->
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>EFI</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Microsoft reserved partition (MSR) -->
+ <CreatePartition wcm:action="add">
+ <Order>2</Order>
+ <Type>MSR</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Windows partition -->
+ <CreatePartition wcm:action="add">
+ <Order>3</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <!-- System partition (ESP) -->
+ <ModifyPartition wcm:action="add">
+ <Order>1</Order>
+ <PartitionID>1</PartitionID>
+ <Label>System</Label>
+ <Format>FAT32</Format>
+ </ModifyPartition>
+ <!-- MSR partition does not need to be modified -->
+ <ModifyPartition wcm:action="add">
+ <Order>2</Order>
+ <PartitionID>2</PartitionID>
+ </ModifyPartition>
+ <!-- Windows partition -->
+ <ModifyPartition wcm:action="add">
+ <Order>3</Order>
+ <PartitionID>3</PartitionID>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Format>NTFS</Format>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallFrom>
+ <MetaData wcm:action="add">
+ <Key>/IMAGE/NAME</Key>
+ <Value>Windows Server 2025 SERVERSTANDARD</Value>
+ </MetaData>
+ </InstallFrom>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>3</PartitionID>
+ </InstallTo>
+ <WillShowUI>OnError</WillShowUI>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <DynamicUpdate>
+ <Enable>true</Enable>
+ <WillShowUI>Never</WillShowUI>
+ </DynamicUpdate>
+ <UpgradeData>
+ <Upgrade>false</Upgrade>
+ <WillShowUI>Never</WillShowUI>
+ </UpgradeData>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ <ProductKey>
+ <Key>TVRH6-WHNXV-R9WG3-9XRFY-MY832</Key>
+ </ProductKey>
+ </UserData>
+ <EnableFirewall>false</EnableFirewall>
+ <Diagnostics>
+ <OptIn>false</OptIn>
+ </Diagnostics>
+ </component>
+ </settings>
+ <settings pass="offlineServicing">
+ <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <EnableLUA>false</EnableLUA>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ <SupportHours>24/7</SupportHours>
+ <SupportPhone />
+ <SupportProvider>Dockur</SupportProvider>
+ <SupportURL>https://github.com/dockur/windows/issues</SupportURL>
+ </OEMInformation>
+ <OEMName>Windows for Docker</OEMName>
+ </component>
+ <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableWER>1</DisableWER>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UILanguageFallback>en-US</UILanguageFallback>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <RunSynchronous>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>2</Order>
+ <Path>pnputil -i -a C:\Windows\Drivers\viogpudo\viogpudo.inf</Path>
+ <Description>Install VirtIO display driver</Description>
+ </RunSynchronousCommand>
+ </RunSynchronous>
+ </component>
+ <component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
+ </component>
+ <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAuthentication>0</UserAuthentication>
+ </component>
+ <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <FirewallGroups>
+ <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+ <Active>true</Active>
+ <Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
+ </FirewallGroup>
+ </FirewallGroups>
+ </component>
+ </settings>
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PreventDeviceEncryption>true</PreventDeviceEncryption>
+ </component>
+ <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <HideLocalAccountScreen>true</HideLocalAccountScreen>
+ <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+ <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+ <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>true</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>2</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "RequireSecuritySignature" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable SMB signing requirement</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Enable option for passwordless sign-in</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>powershell.exe -ExecutionPolicy Unrestricted -NoLogo -NoProfile -NonInteractive set-localuser -name "Docker" -passwordneverexpires 1</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Hide Copilot button</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Task View from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarDa" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Widgets from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMn" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Remove Chat from the Taskbar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>22</Order>
+ <CommandLine>cmd /C rd /q C:\Windows.old</CommandLine>
+ <Description>Remove empty Windows.old folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>23</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/win7x64-enterprise-eval.xml b/assets/win7x64-enterprise-eval.xml
new file mode 100644
index 0000000..c3cc15b
--- /dev/null
+++ b/assets/win7x64-enterprise-eval.xml
@@ -0,0 +1,283 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <WillShowUI>OnError</WillShowUI>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>Primary</Type>
+ <Size>100</Size>
+ </CreatePartition>
+ <CreatePartition wcm:action="add">
+ <Order>2</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <ModifyPartition wcm:action="add">
+ <Format>NTFS</Format>
+ <Label>System Reserved</Label>
+ <Order>1</Order>
+ <Active>true</Active>
+ <PartitionID>1</PartitionID>
+ <TypeID>0x27</TypeID>
+ </ModifyPartition>
+ <ModifyPartition wcm:action="add">
+ <Active>true</Active>
+ <Format>NTFS</Format>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Order>2</Order>
+ <PartitionID>2</PartitionID>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallFrom>
+ <MetaData wcm:action="add">
+ <Value>Windows 7 Enterprise</Value>
+ <Key>/IMAGE/NAME</Key>
+ </MetaData>
+ </InstallFrom>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>2</PartitionID>
+ </InstallTo>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <DynamicUpdate>
+ <Enable>true</Enable>
+ <WillShowUI>Never</WillShowUI>
+ </DynamicUpdate>
+ <UpgradeData>
+ <Upgrade>false</Upgrade>
+ <WillShowUI>Never</WillShowUI>
+ </UpgradeData>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ </UserData>
+ <EnableFirewall>false</EnableFirewall>
+ <Diagnostics>
+ <OptIn>false</OptIn>
+ </Diagnostics>
+ </component>
+ </settings>
+ <settings pass="offlineServicing">
+ <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <EnableLUA>false</EnableLUA>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ </OEMInformation>
+ </component>
+ <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableWER>1</DisableWER>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAuthentication>0</UserAuthentication>
+ </component>
+ <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <FirewallGroups>
+ <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+ <Active>true</Active>
+ <Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
+ </FirewallGroup>
+ </FirewallGroups>
+ </component>
+ </settings>
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>true</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/win7x64-enterprise.xml b/assets/win7x64-enterprise.xml
new file mode 100644
index 0000000..b362a9f
--- /dev/null
+++ b/assets/win7x64-enterprise.xml
@@ -0,0 +1,287 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <WillShowUI>OnError</WillShowUI>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>Primary</Type>
+ <Size>100</Size>
+ </CreatePartition>
+ <CreatePartition wcm:action="add">
+ <Order>2</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <ModifyPartition wcm:action="add">
+ <Format>NTFS</Format>
+ <Label>System Reserved</Label>
+ <Order>1</Order>
+ <Active>true</Active>
+ <PartitionID>1</PartitionID>
+ <TypeID>0x27</TypeID>
+ </ModifyPartition>
+ <ModifyPartition wcm:action="add">
+ <Active>true</Active>
+ <Format>NTFS</Format>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Order>2</Order>
+ <PartitionID>2</PartitionID>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallFrom>
+ <MetaData wcm:action="add">
+ <Value>Windows 7 Enterprise</Value>
+ <Key>/IMAGE/NAME</Key>
+ </MetaData>
+ </InstallFrom>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>2</PartitionID>
+ </InstallTo>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <DynamicUpdate>
+ <Enable>true</Enable>
+ <WillShowUI>Never</WillShowUI>
+ </DynamicUpdate>
+ <UpgradeData>
+ <Upgrade>false</Upgrade>
+ <WillShowUI>Never</WillShowUI>
+ </UpgradeData>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ <ProductKey>
+ <Key>H7X92-3VPBB-Q799D-Y6JJ3-86WC6</Key>
+ <WillShowUI>OnError</WillShowUI>
+ </ProductKey>
+ </UserData>
+ <EnableFirewall>false</EnableFirewall>
+ <Diagnostics>
+ <OptIn>false</OptIn>
+ </Diagnostics>
+ </component>
+ </settings>
+ <settings pass="offlineServicing">
+ <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <EnableLUA>false</EnableLUA>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ </OEMInformation>
+ </component>
+ <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableWER>1</DisableWER>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAuthentication>0</UserAuthentication>
+ </component>
+ <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <FirewallGroups>
+ <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+ <Active>true</Active>
+ <Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
+ </FirewallGroup>
+ </FirewallGroups>
+ </component>
+ </settings>
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>true</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/win7x64-ultimate.xml b/assets/win7x64-ultimate.xml
new file mode 100644
index 0000000..2ee085a
--- /dev/null
+++ b/assets/win7x64-ultimate.xml
@@ -0,0 +1,287 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <WillShowUI>OnError</WillShowUI>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>Primary</Type>
+ <Size>100</Size>
+ </CreatePartition>
+ <CreatePartition wcm:action="add">
+ <Order>2</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <ModifyPartition wcm:action="add">
+ <Format>NTFS</Format>
+ <Label>System Reserved</Label>
+ <Order>1</Order>
+ <Active>true</Active>
+ <PartitionID>1</PartitionID>
+ <TypeID>0x27</TypeID>
+ </ModifyPartition>
+ <ModifyPartition wcm:action="add">
+ <Active>true</Active>
+ <Format>NTFS</Format>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Order>2</Order>
+ <PartitionID>2</PartitionID>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallFrom>
+ <MetaData wcm:action="add">
+ <Value>Windows 7 Ultimate</Value>
+ <Key>/IMAGE/NAME</Key>
+ </MetaData>
+ </InstallFrom>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>2</PartitionID>
+ </InstallTo>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <DynamicUpdate>
+ <Enable>true</Enable>
+ <WillShowUI>Never</WillShowUI>
+ </DynamicUpdate>
+ <UpgradeData>
+ <Upgrade>false</Upgrade>
+ <WillShowUI>Never</WillShowUI>
+ </UpgradeData>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ <ProductKey>
+ <Key>D4F6K-QK3RD-TMVMJ-BBMRX-3MBMV</Key>
+ <WillShowUI>OnError</WillShowUI>
+ </ProductKey>
+ </UserData>
+ <EnableFirewall>false</EnableFirewall>
+ <Diagnostics>
+ <OptIn>false</OptIn>
+ </Diagnostics>
+ </component>
+ </settings>
+ <settings pass="offlineServicing">
+ <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <EnableLUA>false</EnableLUA>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ </OEMInformation>
+ </component>
+ <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableWER>1</DisableWER>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAuthentication>0</UserAuthentication>
+ </component>
+ <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <FirewallGroups>
+ <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+ <Active>true</Active>
+ <Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
+ </FirewallGroup>
+ </FirewallGroups>
+ </component>
+ </settings>
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>true</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/win7x64.xml b/assets/win7x64.xml
index 427ae56..3769dfd 100644
--- a/assets/win7x64.xml
+++ b/assets/win7x64.xml
@@ -52,8 +52,8 @@
<OSImage>
<InstallFrom>
<MetaData wcm:action="add">
- <Value>1</Value>
- <Key>/IMAGE/INDEX</Key>
+ <Value>Windows 7 PROFESSIONAL</Value>
+ <Key>/IMAGE/NAME</Key>
</MetaData>
</InstallFrom>
<InstallTo>
@@ -76,7 +76,7 @@
<FullName>Docker</FullName>
<Organization>Windows for Docker</Organization>
<ProductKey>
- <Key>H7X92-3VPBB-Q799D-Y6JJ3-86WC6</Key>
+ <Key>HYF8J-CVRMY-CM74G-RPHKF-PW487</Key>
<WillShowUI>OnError</WillShowUI>
</ProductKey>
</UserData>
@@ -85,40 +85,6 @@
<OptIn>false</OptIn>
</Diagnostics>
</component>
- <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
- <DriverPaths>
- <PathAndCredentials wcm:action="add" wcm:keyValue="1">
- <Path>D:\viostor\w7\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="2">
- <Path>D:\NetKVM\w7\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="3">
- <Path>D:\Balloon\w7\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="4">
- <Path>D:\pvpanic\w7\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="5">
- <Path>D:\qemupciserial\w7\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="6">
- <Path>D:\qxldod\w8\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="7">
- <Path>D:\vioinput\w7\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="8">
- <Path>D:\viorng\w7\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="9">
- <Path>D:\vioscsi\w7\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="10">
- <Path>D:\vioserial\w7\amd64</Path>
- </PathAndCredentials>
- </DriverPaths>
- </component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -181,8 +147,8 @@
<FirewallGroups>
<FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
<Active>true</Active>
- <Group>Remote Desktop</Group>
<Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
</FirewallGroup>
</FirewallGroups>
</component>
@@ -214,10 +180,15 @@
<PlainText>true</PlainText>
</Password>
</AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
- <NetworkLocation>Other</NetworkLocation>
+ <NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>3</ProtectYourPC>
<SkipUserOOBE>true</SkipUserOOBE>
<SkipMachineOOBE>true</SkipMachineOOBE>
@@ -230,11 +201,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>2</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Allow RDP login with blank password</Description>
- </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
@@ -264,7 +230,7 @@
<Order>8</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
+ </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>9</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
@@ -295,6 +261,26 @@
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Enable RemoteAPP to launch unlisted programs</Description>
</SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
</FirstLogonCommands>
</component>
</settings>
diff --git a/assets/win7x86-enterprise.xml b/assets/win7x86-enterprise.xml
new file mode 100644
index 0000000..7ac8ef0
--- /dev/null
+++ b/assets/win7x86-enterprise.xml
@@ -0,0 +1,287 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <WillShowUI>OnError</WillShowUI>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>Primary</Type>
+ <Size>100</Size>
+ </CreatePartition>
+ <CreatePartition wcm:action="add">
+ <Order>2</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <ModifyPartition wcm:action="add">
+ <Format>NTFS</Format>
+ <Label>System Reserved</Label>
+ <Order>1</Order>
+ <Active>true</Active>
+ <PartitionID>1</PartitionID>
+ <TypeID>0x27</TypeID>
+ </ModifyPartition>
+ <ModifyPartition wcm:action="add">
+ <Active>true</Active>
+ <Format>NTFS</Format>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Order>2</Order>
+ <PartitionID>2</PartitionID>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallFrom>
+ <MetaData wcm:action="add">
+ <Value>Windows 7 Enterprise</Value>
+ <Key>/IMAGE/NAME</Key>
+ </MetaData>
+ </InstallFrom>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>2</PartitionID>
+ </InstallTo>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <DynamicUpdate>
+ <Enable>true</Enable>
+ <WillShowUI>Never</WillShowUI>
+ </DynamicUpdate>
+ <UpgradeData>
+ <Upgrade>false</Upgrade>
+ <WillShowUI>Never</WillShowUI>
+ </UpgradeData>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ <ProductKey>
+ <Key>H7X92-3VPBB-Q799D-Y6JJ3-86WC6</Key>
+ <WillShowUI>OnError</WillShowUI>
+ </ProductKey>
+ </UserData>
+ <EnableFirewall>false</EnableFirewall>
+ <Diagnostics>
+ <OptIn>false</OptIn>
+ </Diagnostics>
+ </component>
+ </settings>
+ <settings pass="offlineServicing">
+ <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <EnableLUA>false</EnableLUA>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-SPP" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ </OEMInformation>
+ </component>
+ <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableWER>1</DisableWER>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAuthentication>0</UserAuthentication>
+ </component>
+ <component name="Networking-MPSSVC-Svc" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <FirewallGroups>
+ <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+ <Active>true</Active>
+ <Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
+ </FirewallGroup>
+ </FirewallGroups>
+ </component>
+ </settings>
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>true</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/win7x86-ultimate.xml b/assets/win7x86-ultimate.xml
new file mode 100644
index 0000000..419a508
--- /dev/null
+++ b/assets/win7x86-ultimate.xml
@@ -0,0 +1,287 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <WillShowUI>OnError</WillShowUI>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>Primary</Type>
+ <Size>100</Size>
+ </CreatePartition>
+ <CreatePartition wcm:action="add">
+ <Order>2</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <ModifyPartition wcm:action="add">
+ <Format>NTFS</Format>
+ <Label>System Reserved</Label>
+ <Order>1</Order>
+ <Active>true</Active>
+ <PartitionID>1</PartitionID>
+ <TypeID>0x27</TypeID>
+ </ModifyPartition>
+ <ModifyPartition wcm:action="add">
+ <Active>true</Active>
+ <Format>NTFS</Format>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Order>2</Order>
+ <PartitionID>2</PartitionID>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallFrom>
+ <MetaData wcm:action="add">
+ <Value>Windows 7 Ultimate</Value>
+ <Key>/IMAGE/NAME</Key>
+ </MetaData>
+ </InstallFrom>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>2</PartitionID>
+ </InstallTo>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <DynamicUpdate>
+ <Enable>true</Enable>
+ <WillShowUI>Never</WillShowUI>
+ </DynamicUpdate>
+ <UpgradeData>
+ <Upgrade>false</Upgrade>
+ <WillShowUI>Never</WillShowUI>
+ </UpgradeData>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ <ProductKey>
+ <Key>D4F6K-QK3RD-TMVMJ-BBMRX-3MBMV</Key>
+ <WillShowUI>OnError</WillShowUI>
+ </ProductKey>
+ </UserData>
+ <EnableFirewall>false</EnableFirewall>
+ <Diagnostics>
+ <OptIn>false</OptIn>
+ </Diagnostics>
+ </component>
+ </settings>
+ <settings pass="offlineServicing">
+ <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <EnableLUA>false</EnableLUA>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-SPP" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ </OEMInformation>
+ </component>
+ <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableWER>1</DisableWER>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAuthentication>0</UserAuthentication>
+ </component>
+ <component name="Networking-MPSSVC-Svc" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <FirewallGroups>
+ <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+ <Active>true</Active>
+ <Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
+ </FirewallGroup>
+ </FirewallGroups>
+ </component>
+ </settings>
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>true</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/win7x86.xml b/assets/win7x86.xml
new file mode 100644
index 0000000..bae5a8f
--- /dev/null
+++ b/assets/win7x86.xml
@@ -0,0 +1,287 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <WillShowUI>OnError</WillShowUI>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>Primary</Type>
+ <Size>100</Size>
+ </CreatePartition>
+ <CreatePartition wcm:action="add">
+ <Order>2</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <ModifyPartition wcm:action="add">
+ <Format>NTFS</Format>
+ <Label>System Reserved</Label>
+ <Order>1</Order>
+ <Active>true</Active>
+ <PartitionID>1</PartitionID>
+ <TypeID>0x27</TypeID>
+ </ModifyPartition>
+ <ModifyPartition wcm:action="add">
+ <Active>true</Active>
+ <Format>NTFS</Format>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Order>2</Order>
+ <PartitionID>2</PartitionID>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallFrom>
+ <MetaData wcm:action="add">
+ <Value>Windows 7 PROFESSIONAL</Value>
+ <Key>/IMAGE/NAME</Key>
+ </MetaData>
+ </InstallFrom>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>2</PartitionID>
+ </InstallTo>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <DynamicUpdate>
+ <Enable>true</Enable>
+ <WillShowUI>Never</WillShowUI>
+ </DynamicUpdate>
+ <UpgradeData>
+ <Upgrade>false</Upgrade>
+ <WillShowUI>Never</WillShowUI>
+ </UpgradeData>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ <ProductKey>
+ <Key>HYF8J-CVRMY-CM74G-RPHKF-PW487</Key>
+ <WillShowUI>OnError</WillShowUI>
+ </ProductKey>
+ </UserData>
+ <EnableFirewall>false</EnableFirewall>
+ <Diagnostics>
+ <OptIn>false</OptIn>
+ </Diagnostics>
+ </component>
+ </settings>
+ <settings pass="offlineServicing">
+ <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <EnableLUA>false</EnableLUA>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-SPP" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ </OEMInformation>
+ </component>
+ <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableWER>1</DisableWER>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAuthentication>0</UserAuthentication>
+ </component>
+ <component name="Networking-MPSSVC-Svc" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <FirewallGroups>
+ <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+ <Active>true</Active>
+ <Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
+ </FirewallGroup>
+ </FirewallGroups>
+ </component>
+ </settings>
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>true</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/win81x64-enterprise-eval.xml b/assets/win81x64-enterprise-eval.xml
index d8acc85..745fd9d 100644
--- a/assets/win81x64-enterprise-eval.xml
+++ b/assets/win81x64-enterprise-eval.xml
@@ -80,56 +80,12 @@
<AcceptEula>true</AcceptEula>
<FullName>Docker</FullName>
<Organization>Windows for Docker</Organization>
- <ProductKey />
</UserData>
<EnableFirewall>false</EnableFirewall>
<Diagnostics>
<OptIn>false</OptIn>
</Diagnostics>
</component>
- <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
- <DriverPaths>
- <PathAndCredentials wcm:action="add" wcm:keyValue="1">
- <Path>D:\viostor\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="2">
- <Path>D:\NetKVM\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="3">
- <Path>D:\Balloon\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="4">
- <Path>D:\pvpanic\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="5">
- <Path>D:\qemupciserial\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="6">
- <Path>D:\qxldod\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="7">
- <Path>D:\vioinput\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="8">
- <Path>D:\viorng\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="9">
- <Path>D:\vioscsi\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="10">
- <Path>D:\vioserial\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="11">
- <Path>D:\viogpudo\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="12">
- <Path>D:\sriov\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="13">
- <Path>D:\viofs\w10\amd64</Path>
- </PathAndCredentials>
- </DriverPaths>
- </component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -183,6 +139,15 @@
<UILanguage>en-US</UILanguage>
<UserLocale>en-US</UserLocale>
</component>
+ <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <RunSynchronous>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
+ </RunSynchronous>
+ </component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<fDenyTSConnections>false</fDenyTSConnections>
</component>
@@ -193,8 +158,8 @@
<FirewallGroups>
<FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
<Active>true</Active>
- <Group>Remote Desktop</Group>
<Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
</FirewallGroup>
</FirewallGroups>
</component>
@@ -232,13 +197,18 @@
<PlainText>true</PlainText>
</Password>
</AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideLocalAccountScreen>true</HideLocalAccountScreen>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
- <NetworkLocation>Other</NetworkLocation>
+ <NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>3</ProtectYourPC>
<SkipUserOOBE>true</SkipUserOOBE>
<SkipMachineOOBE>true</SkipMachineOOBE>
@@ -251,11 +221,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>2</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Allow RDP login with blank password</Description>
- </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -278,43 +243,68 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>7</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>8</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>9</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>10</Order>
+ <Order>8</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>11</Order>
+ <Order>9</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>12</Order>
+ <Order>10</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>13</Order>
+ <Order>11</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>14</Order>
+ <Order>12</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
</FirstLogonCommands>
</component>
diff --git a/assets/win81x64-enterprise.xml b/assets/win81x64-enterprise.xml
new file mode 100644
index 0000000..a073c38
--- /dev/null
+++ b/assets/win81x64-enterprise.xml
@@ -0,0 +1,315 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <!-- System partition (ESP) -->
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>EFI</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Microsoft reserved partition (MSR) -->
+ <CreatePartition wcm:action="add">
+ <Order>2</Order>
+ <Type>MSR</Type>
+ <Size>128</Size>
+ </CreatePartition>
+ <!-- Windows partition -->
+ <CreatePartition wcm:action="add">
+ <Order>3</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <!-- System partition (ESP) -->
+ <ModifyPartition wcm:action="add">
+ <Order>1</Order>
+ <PartitionID>1</PartitionID>
+ <Label>System</Label>
+ <Format>FAT32</Format>
+ </ModifyPartition>
+ <!-- MSR partition does not need to be modified -->
+ <ModifyPartition wcm:action="add">
+ <Order>2</Order>
+ <PartitionID>2</PartitionID>
+ </ModifyPartition>
+ <!-- Windows partition -->
+ <ModifyPartition wcm:action="add">
+ <Order>3</Order>
+ <PartitionID>3</PartitionID>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Format>NTFS</Format>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>3</PartitionID>
+ </InstallTo>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <DynamicUpdate>
+ <Enable>true</Enable>
+ <WillShowUI>Never</WillShowUI>
+ </DynamicUpdate>
+ <UpgradeData>
+ <Upgrade>false</Upgrade>
+ <WillShowUI>Never</WillShowUI>
+ </UpgradeData>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ <ProductKey>
+ <Key>FHQNR-XYXYC-8PMHT-TV4PH-DRQ3H</Key>
+ </ProductKey>
+ </UserData>
+ <EnableFirewall>false</EnableFirewall>
+ <Diagnostics>
+ <OptIn>false</OptIn>
+ </Diagnostics>
+ </component>
+ </settings>
+ <settings pass="offlineServicing">
+ <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <EnableLUA>false</EnableLUA>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnPSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ </OEMInformation>
+ <OEMName>Windows for Docker</OEMName>
+ </component>
+ <component name="Microsoft-Windows-ErrorReportingCore" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableWER>1</DisableWER>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableAccelerators>true</DisableAccelerators>
+ <DisableFirstRunWizard>true</DisableFirstRunWizard>
+ <Home_Page>https://google.com</Home_Page>
+ <Help_Page>about:blank</Help_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <RunSynchronous>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
+ </RunSynchronous>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAuthentication>0</UserAuthentication>
+ </component>
+ <component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <FirewallGroups>
+ <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
+ <Active>true</Active>
+ <Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
+ </FirewallGroup>
+ </FirewallGroups>
+ </component>
+ </settings>
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PreventDeviceEncryption>true</PreventDeviceEncryption>
+ </component>
+ <component name="Microsoft-Windows-EnhancedStorage-Adm" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <HideLocalAccountScreen>true</HideLocalAccountScreen>
+ <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+ <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+ <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>true</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Enable option for passwordless sign-in</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/win81x64.xml b/assets/win81x64.xml
index 2eb540a..6b45785 100644
--- a/assets/win81x64.xml
+++ b/assets/win81x64.xml
@@ -96,49 +96,6 @@
<OptIn>false</OptIn>
</Diagnostics>
</component>
- <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
- <DriverPaths>
- <PathAndCredentials wcm:action="add" wcm:keyValue="1">
- <Path>D:\viostor\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="2">
- <Path>D:\NetKVM\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="3">
- <Path>D:\Balloon\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="4">
- <Path>D:\pvpanic\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="5">
- <Path>D:\qemupciserial\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="6">
- <Path>D:\qxldod\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="7">
- <Path>D:\vioinput\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="8">
- <Path>D:\viorng\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="9">
- <Path>D:\vioscsi\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="10">
- <Path>D:\vioserial\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="11">
- <Path>D:\viogpudo\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="12">
- <Path>D:\sriov\w10\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="13">
- <Path>D:\viofs\w10\amd64</Path>
- </PathAndCredentials>
- </DriverPaths>
- </component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -192,6 +149,15 @@
<UILanguage>en-US</UILanguage>
<UserLocale>en-US</UserLocale>
</component>
+ <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <RunSynchronous>
+ <RunSynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category /t REG_DWORD /d 1 /f</Path>
+ <Description>Set Network Location to Home</Description>
+ </RunSynchronousCommand>
+ </RunSynchronous>
+ </component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<fDenyTSConnections>false</fDenyTSConnections>
</component>
@@ -202,8 +168,8 @@
<FirewallGroups>
<FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
<Active>true</Active>
- <Group>Remote Desktop</Group>
<Profile>all</Profile>
+ <Group>@FirewallAPI.dll,-28752</Group>
</FirewallGroup>
</FirewallGroups>
</component>
@@ -241,13 +207,18 @@
<PlainText>true</PlainText>
</Password>
</AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideLocalAccountScreen>true</HideLocalAccountScreen>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
- <NetworkLocation>Other</NetworkLocation>
+ <NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>3</ProtectYourPC>
<SkipUserOOBE>true</SkipUserOOBE>
<SkipMachineOOBE>true</SkipMachineOOBE>
@@ -260,11 +231,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>2</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Allow RDP login with blank password</Description>
- </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v "DevicePasswordLessBuildVersion" /t REG_DWORD /d 0 /f</CommandLine>
@@ -287,43 +253,68 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>7</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>8</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>9</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Disable first-run experience in Edge</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>10</Order>
+ <Order>8</Order>
<CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>11</Order>
+ <Order>9</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>12</Order>
+ <Order>10</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
<Description>Disable Hibernation</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>13</Order>
+ <Order>11</Order>
<CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
<Description>Disable Sleep</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>14</Order>
+ <Order>12</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off Windows Update auto download</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
</FirstLogonCommands>
</component>
diff --git a/assets/winvistax64-enterprise.xml b/assets/winvistax64-enterprise.xml
new file mode 100644
index 0000000..a3dac19
--- /dev/null
+++ b/assets/winvistax64-enterprise.xml
@@ -0,0 +1,266 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <WillShowUI>OnError</WillShowUI>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <ModifyPartition wcm:action="add">
+ <Active>true</Active>
+ <Format>NTFS</Format>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Order>1</Order>
+ <PartitionID>1</PartitionID>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallFrom>
+ <MetaData wcm:action="add">
+ <Value>Windows Vista Enterprise</Value>
+ <Key>/IMAGE/NAME</Key>
+ </MetaData>
+ </InstallFrom>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>1</PartitionID>
+ </InstallTo>
+ <WillShowUI>OnError</WillShowUI>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ <ProductKey>
+ <Key>VKK3X-68KWM-X2YGT-QR4M6-4BWMV</Key>
+ </ProductKey>
+ </UserData>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-Licensing-SLC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-Licensing-SLC-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <ProductKey>VKK3X-68KWM-X2YGT-QR4M6-4BWMV</ProductKey>
+ <TimeZone>Pacific Standard Time</TimeZone>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ </OEMInformation>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ </settings>
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <Home_Page>about:blank</Home_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>false</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>netsh.exe advfirewall firewall set rule group="@FirewallAPI.dll,-28752" new enable=Yes</CommandLine>
+ <Description>Add RDP in firewall</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Enable RDP</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Windows\Sidebar" /v "TurnOffSidebar" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off sidebar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v "ScreenSaveActive" /t REG_SZ /d 0 /f</CommandLine>
+ <Description>Disable screensaver</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v SCRNSAVE.EXE /t REG_SZ /d C:\Windows\System32\scrnsavex.scr /f</CommandLine>
+ <Description>Disable screensaver</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>22</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>23</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/winvistax64-ultimate.xml b/assets/winvistax64-ultimate.xml
new file mode 100644
index 0000000..eb12e60
--- /dev/null
+++ b/assets/winvistax64-ultimate.xml
@@ -0,0 +1,266 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <WillShowUI>OnError</WillShowUI>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <ModifyPartition wcm:action="add">
+ <Active>true</Active>
+ <Format>NTFS</Format>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Order>1</Order>
+ <PartitionID>1</PartitionID>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallFrom>
+ <MetaData wcm:action="add">
+ <Value>Windows Vista Ultimate</Value>
+ <Key>/IMAGE/NAME</Key>
+ </MetaData>
+ </InstallFrom>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>1</PartitionID>
+ </InstallTo>
+ <WillShowUI>OnError</WillShowUI>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ <ProductKey>
+ <Key>VMCB9-FDRV6-6CDQM-RV23K-RP8F7</Key>
+ </ProductKey>
+ </UserData>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-Licensing-SLC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-Licensing-SLC-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <ProductKey>VMCB9-FDRV6-6CDQM-RV23K-RP8F7</ProductKey>
+ <TimeZone>Pacific Standard Time</TimeZone>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ </OEMInformation>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ </settings>
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <Home_Page>about:blank</Home_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>false</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>netsh.exe advfirewall firewall set rule group="@FirewallAPI.dll,-28752" new enable=Yes</CommandLine>
+ <Description>Add RDP in firewall</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Enable RDP</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Windows\Sidebar" /v "TurnOffSidebar" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off sidebar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v "ScreenSaveActive" /t REG_SZ /d 0 /f</CommandLine>
+ <Description>Disable screensaver</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v SCRNSAVE.EXE /t REG_SZ /d C:\Windows\System32\scrnsavex.scr /f</CommandLine>
+ <Description>Disable screensaver</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>22</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>23</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/winvistax64.xml b/assets/winvistax64.xml
index 22739a1..ad2ac70 100644
--- a/assets/winvistax64.xml
+++ b/assets/winvistax64.xml
@@ -20,29 +20,17 @@
<CreatePartition wcm:action="add">
<Order>1</Order>
<Type>Primary</Type>
- <Size>100</Size>
- </CreatePartition>
- <CreatePartition wcm:action="add">
- <Order>2</Order>
- <Type>Primary</Type>
<Extend>true</Extend>
</CreatePartition>
</CreatePartitions>
<ModifyPartitions>
- <ModifyPartition wcm:action="add">
- <Format>NTFS</Format>
- <Label>System Reserved</Label>
- <Order>1</Order>
- <Active>true</Active>
- <PartitionID>1</PartitionID>
- </ModifyPartition>
<ModifyPartition wcm:action="add">
<Active>true</Active>
<Format>NTFS</Format>
<Label>Windows</Label>
<Letter>C</Letter>
- <Order>2</Order>
- <PartitionID>2</PartitionID>
+ <Order>1</Order>
+ <PartitionID>1</PartitionID>
</ModifyPartition>
</ModifyPartitions>
</Disk>
@@ -51,13 +39,13 @@
<OSImage>
<InstallFrom>
<MetaData wcm:action="add">
- <Value>Windows Vista Ultimate</Value>
+ <Value>Windows Vista BUSINESS</Value>
<Key>/IMAGE/NAME</Key>
</MetaData>
</InstallFrom>
<InstallTo>
<DiskID>0</DiskID>
- <PartitionID>2</PartitionID>
+ <PartitionID>1</PartitionID>
</InstallTo>
<WillShowUI>OnError</WillShowUI>
<InstallToAvailablePartition>false</InstallToAvailablePartition>
@@ -68,23 +56,10 @@
<FullName>Docker</FullName>
<Organization>Windows for Docker</Organization>
<ProductKey>
- <Key>VMCB9-FDRV6-6CDQM-RV23K-RP8F7</Key>
+ <Key>4D2XH-PRBMM-8Q22B-K8BM3-MRW4W</Key>
</ProductKey>
</UserData>
</component>
- <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
- <DriverPaths>
- <PathAndCredentials wcm:action="add" wcm:keyValue="1">
- <Path>D:\viostor\2k8\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="2">
- <Path>D:\NetKVM\2k8\amd64</Path>
- </PathAndCredentials>
- <PathAndCredentials wcm:action="add" wcm:keyValue="3">
- <Path>D:\vioscsi\2k8\amd64</Path>
- </PathAndCredentials>
- </DriverPaths>
- </component>
</settings>
<settings pass="generalize">
<component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -100,7 +75,7 @@
</component>
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<ComputerName>*</ComputerName>
- <ProductKey>VMCB9-FDRV6-6CDQM-RV23K-RP8F7</ProductKey>
+ <ProductKey>4D2XH-PRBMM-8Q22B-K8BM3-MRW4W</ProductKey>
<TimeZone>Pacific Standard Time</TimeZone>
<OEMInformation>
<Manufacturer>Dockur</Manufacturer>
@@ -119,6 +94,7 @@
<settings pass="oobeSystem">
<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
<UILanguage>en-US</UILanguage>
<UserLocale>en-US</UserLocale>
</component>
@@ -154,9 +130,14 @@
<PlainText>true</PlainText>
</Password>
</AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
<OOBE>
<HideEULAPage>true</HideEULAPage>
- <NetworkLocation>Other</NetworkLocation>
+ <NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>3</ProtectYourPC>
<SkipUserOOBE>true</SkipUserOOBE>
<SkipMachineOOBE>false</SkipMachineOOBE>
@@ -169,11 +150,6 @@
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Allow guest access to network shares</Description>
</SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>2</Order>
- <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
- <Description>Allow RDP login with blank password</Description>
- </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>3</Order>
<CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
@@ -203,7 +179,7 @@
<Order>8</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
<Description>Disable Network Discovery popup</Description>
- </SynchronousCommand>
+ </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>9</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
@@ -231,33 +207,58 @@
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>14</Order>
- <CommandLine>netsh.exe advfirewall firewall set rule group="Remote Desktop" new enable=Yes</CommandLine>
+ <CommandLine>netsh.exe advfirewall firewall set rule group="@FirewallAPI.dll,-28752" new enable=Yes</CommandLine>
<Description>Add RDP in firewall</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>15</Order>
- <CommandLine>netsh.exe Advfirewall set allprofiles state off</CommandLine>
- <Description>Disable firewall</Description>
- </SynchronousCommand>
- <SynchronousCommand wcm:action="add">
- <Order>16</Order>
<CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f</CommandLine>
<Description>Enable RDP</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
- <Order>17</Order>
+ <Order>16</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Windows\Sidebar" /v "TurnOffSidebar" /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off sidebar</Description>
</SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v "ScreenSaveActive" /t REG_SZ /d 0 /f</CommandLine>
+ <Description>Disable screensaver</Description>
+ </SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>18</Order>
- <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v "ScreenSaveActive" /t REG_DWORD /d 0 /f</CommandLine>
+ <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v SCRNSAVE.EXE /t REG_SZ /d C:\Windows\System32\scrnsavex.scr /f</CommandLine>
<Description>Disable screensaver</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<Order>19</Order>
<CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
- <Description>Enable RemoteAPP to launch unlisted programs</Description>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>22</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>23</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
</SynchronousCommand>
</FirstLogonCommands>
</component>
diff --git a/assets/winvistax86-enterprise.xml b/assets/winvistax86-enterprise.xml
new file mode 100644
index 0000000..5092331
--- /dev/null
+++ b/assets/winvistax86-enterprise.xml
@@ -0,0 +1,266 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <WillShowUI>OnError</WillShowUI>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <ModifyPartition wcm:action="add">
+ <Active>true</Active>
+ <Format>NTFS</Format>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Order>1</Order>
+ <PartitionID>1</PartitionID>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallFrom>
+ <MetaData wcm:action="add">
+ <Value>Windows Vista Enterprise</Value>
+ <Key>/IMAGE/NAME</Key>
+ </MetaData>
+ </InstallFrom>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>1</PartitionID>
+ </InstallTo>
+ <WillShowUI>OnError</WillShowUI>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ <ProductKey>
+ <Key>VKK3X-68KWM-X2YGT-QR4M6-4BWMV</Key>
+ </ProductKey>
+ </UserData>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-Licensing-SLC" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-Licensing-SLC-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <ProductKey>VKK3X-68KWM-X2YGT-QR4M6-4BWMV</ProductKey>
+ <TimeZone>Pacific Standard Time</TimeZone>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ </OEMInformation>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ </settings>
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <Home_Page>about:blank</Home_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>false</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>netsh.exe advfirewall firewall set rule group="@FirewallAPI.dll,-28752" new enable=Yes</CommandLine>
+ <Description>Add RDP in firewall</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Enable RDP</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Windows\Sidebar" /v "TurnOffSidebar" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off sidebar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v "ScreenSaveActive" /t REG_SZ /d 0 /f</CommandLine>
+ <Description>Disable screensaver</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v SCRNSAVE.EXE /t REG_SZ /d C:\Windows\System32\scrnsavex.scr /f</CommandLine>
+ <Description>Disable screensaver</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>22</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>23</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/winvistax86-ultimate.xml b/assets/winvistax86-ultimate.xml
new file mode 100644
index 0000000..97ad23e
--- /dev/null
+++ b/assets/winvistax86-ultimate.xml
@@ -0,0 +1,266 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <WillShowUI>OnError</WillShowUI>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <ModifyPartition wcm:action="add">
+ <Active>true</Active>
+ <Format>NTFS</Format>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Order>1</Order>
+ <PartitionID>1</PartitionID>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallFrom>
+ <MetaData wcm:action="add">
+ <Value>Windows Vista Ultimate</Value>
+ <Key>/IMAGE/NAME</Key>
+ </MetaData>
+ </InstallFrom>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>1</PartitionID>
+ </InstallTo>
+ <WillShowUI>OnError</WillShowUI>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ <ProductKey>
+ <Key>VMCB9-FDRV6-6CDQM-RV23K-RP8F7</Key>
+ </ProductKey>
+ </UserData>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-Licensing-SLC" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-Licensing-SLC-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <ProductKey>VMCB9-FDRV6-6CDQM-RV23K-RP8F7</ProductKey>
+ <TimeZone>Pacific Standard Time</TimeZone>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ </OEMInformation>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ </settings>
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <Home_Page>about:blank</Home_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>false</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>netsh.exe advfirewall firewall set rule group="@FirewallAPI.dll,-28752" new enable=Yes</CommandLine>
+ <Description>Add RDP in firewall</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Enable RDP</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Windows\Sidebar" /v "TurnOffSidebar" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off sidebar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v "ScreenSaveActive" /t REG_SZ /d 0 /f</CommandLine>
+ <Description>Disable screensaver</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v SCRNSAVE.EXE /t REG_SZ /d C:\Windows\System32\scrnsavex.scr /f</CommandLine>
+ <Description>Disable screensaver</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>22</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>23</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/assets/winvistax86.xml b/assets/winvistax86.xml
new file mode 100644
index 0000000..ade1942
--- /dev/null
+++ b/assets/winvistax86.xml
@@ -0,0 +1,266 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+ <settings pass="windowsPE">
+ <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SetupUILanguage>
+ <UILanguage>en-US</UILanguage>
+ </SetupUILanguage>
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DiskConfiguration>
+ <WillShowUI>OnError</WillShowUI>
+ <Disk wcm:action="add">
+ <DiskID>0</DiskID>
+ <WillWipeDisk>true</WillWipeDisk>
+ <CreatePartitions>
+ <CreatePartition wcm:action="add">
+ <Order>1</Order>
+ <Type>Primary</Type>
+ <Extend>true</Extend>
+ </CreatePartition>
+ </CreatePartitions>
+ <ModifyPartitions>
+ <ModifyPartition wcm:action="add">
+ <Active>true</Active>
+ <Format>NTFS</Format>
+ <Label>Windows</Label>
+ <Letter>C</Letter>
+ <Order>1</Order>
+ <PartitionID>1</PartitionID>
+ </ModifyPartition>
+ </ModifyPartitions>
+ </Disk>
+ </DiskConfiguration>
+ <ImageInstall>
+ <OSImage>
+ <InstallFrom>
+ <MetaData wcm:action="add">
+ <Value>Windows Vista BUSINESS</Value>
+ <Key>/IMAGE/NAME</Key>
+ </MetaData>
+ </InstallFrom>
+ <InstallTo>
+ <DiskID>0</DiskID>
+ <PartitionID>1</PartitionID>
+ </InstallTo>
+ <WillShowUI>OnError</WillShowUI>
+ <InstallToAvailablePartition>false</InstallToAvailablePartition>
+ </OSImage>
+ </ImageInstall>
+ <UserData>
+ <AcceptEula>true</AcceptEula>
+ <FullName>Docker</FullName>
+ <Organization>Windows for Docker</Organization>
+ <ProductKey>
+ <Key>4D2XH-PRBMM-8Q22B-K8BM3-MRW4W</Key>
+ </ProductKey>
+ </UserData>
+ </component>
+ </settings>
+ <settings pass="generalize">
+ <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
+ </component>
+ <component name="Microsoft-Windows-Security-Licensing-SLC" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipRearm>1</SkipRearm>
+ </component>
+ </settings>
+ <settings pass="specialize">
+ <component name="Microsoft-Windows-Security-Licensing-SLC-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <SkipAutoActivation>true</SkipAutoActivation>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <ComputerName>*</ComputerName>
+ <ProductKey>4D2XH-PRBMM-8Q22B-K8BM3-MRW4W</ProductKey>
+ <TimeZone>Pacific Standard Time</TimeZone>
+ <OEMInformation>
+ <Manufacturer>Dockur</Manufacturer>
+ <Model>Windows for Docker</Model>
+ </OEMInformation>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ </component>
+ <component name="Microsoft-Windows-SystemRestore-Main" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <DisableSR>1</DisableSR>
+ </component>
+ <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <fDenyTSConnections>false</fDenyTSConnections>
+ </component>
+ </settings>
+ <settings pass="oobeSystem">
+ <component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <InputLocale>0409:00000409</InputLocale>
+ <SystemLocale>en-US</SystemLocale>
+ <UILanguage>en-US</UILanguage>
+ <UserLocale>en-US</UserLocale>
+ </component>
+ <component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <Home_Page>about:blank</Home_Page>
+ </component>
+ <component name="Microsoft-Windows-SQMApi" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <CEIPEnabled>0</CEIPEnabled>
+ </component>
+ <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+ <UserAccounts>
+ <LocalAccounts>
+ <LocalAccount wcm:action="add">
+ <Name>Docker</Name>
+ <Group>Administrators</Group>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </LocalAccount>
+ </LocalAccounts>
+ <AdministratorPassword>
+ <Value>password</Value>
+ <PlainText>true</PlainText>
+ </AdministratorPassword>
+ </UserAccounts>
+ <AutoLogon>
+ <Username>Docker</Username>
+ <Enabled>true</Enabled>
+ <LogonCount>65432</LogonCount>
+ <Password>
+ <Value />
+ <PlainText>true</PlainText>
+ </Password>
+ </AutoLogon>
+ <Display>
+ <ColorDepth>32</ColorDepth>
+ <HorizontalResolution>1920</HorizontalResolution>
+ <VerticalResolution>1080</VerticalResolution>
+ </Display>
+ <OOBE>
+ <HideEULAPage>true</HideEULAPage>
+ <NetworkLocation>Home</NetworkLocation>
+ <ProtectYourPC>3</ProtectYourPC>
+ <SkipUserOOBE>true</SkipUserOOBE>
+ <SkipMachineOOBE>false</SkipMachineOOBE>
+ </OOBE>
+ <RegisteredOrganization>Dockur</RegisteredOrganization>
+ <RegisteredOwner>Windows for Docker</RegisteredOwner>
+ <FirstLogonCommands>
+ <SynchronousCommand wcm:action="add">
+ <Order>1</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" /v "AllowInsecureGuestAuth" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Allow guest access to network shares</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>3</Order>
+ <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
+ <Description>Password Never Expires</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>4</Order>
+ <CommandLine>cmd /C POWERCFG -H OFF</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>5</Order>
+ <CommandLine>cmd /C POWERCFG -X -monitor-timeout-ac 0</CommandLine>
+ <Description>Disable monitor blanking</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>6</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>7</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NetworkLocationWizard" /v "HideWizard" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>8</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" /v NetworkList /t REG_MULTI_SZ /d "" /f</CommandLine>
+ <Description>Disable Network Discovery popup</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>9</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "HideFirstRunExperience" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable first-run experience in Edge</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>10</Order>
+ <CommandLine>reg.exe add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Show file extensions in Explorer</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>11</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateFileSizePercent" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Zero Hibernation File</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>12</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Power" /v "HibernateEnabled" /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Disable Hibernation</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>13</Order>
+ <CommandLine>cmd /C POWERCFG -X -standby-timeout-ac 0</CommandLine>
+ <Description>Disable Sleep</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>14</Order>
+ <CommandLine>netsh.exe advfirewall firewall set rule group="@FirewallAPI.dll,-28752" new enable=Yes</CommandLine>
+ <Description>Add RDP in firewall</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>15</Order>
+ <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f</CommandLine>
+ <Description>Enable RDP</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>16</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Windows\Sidebar" /v "TurnOffSidebar" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Turn off sidebar</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>17</Order>
+ <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v "ScreenSaveActive" /t REG_SZ /d 0 /f</CommandLine>
+ <Description>Disable screensaver</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>18</Order>
+ <CommandLine>reg.exe add "HKCU\Control Panel\Desktop" /v SCRNSAVE.EXE /t REG_SZ /d C:\Windows\System32\scrnsavex.scr /f</CommandLine>
+ <Description>Disable screensaver</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>19</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnlistedRemotePrograms" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Enable RemoteApp to launch unlisted programs</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>20</Order>
+ <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList" /v "fDisabledAllowList" /t REG_DWORD /d 1 /f</CommandLine>
+ <Description>Disable RemoteApp allowlist</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>21</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-32752" new enable=Yes</CommandLine>
+ <Description>Enable Network Discovery</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>22</Order>
+ <CommandLine>netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=Yes</CommandLine>
+ <Description>Enable File Sharing</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>23</Order>
+ <CommandLine>cmd /C mklink /d %userprofile%\Desktop\Shared \\host.lan\Data</CommandLine>
+ <Description>Create desktop shortcut to shared folder</Description>
+ </SynchronousCommand>
+ <SynchronousCommand wcm:action="add">
+ <Order>24</Order>
+ <CommandLine>cmd /C if exist "C:\OEM\install.bat" start "Install" "cmd /C C:\OEM\install.bat"</CommandLine>
+ <Description>Execute custom script from the OEM folder if exists</Description>
+ </SynchronousCommand>
+ </FirstLogonCommands>
+ </component>
+ </settings>
+</unattend>
diff --git a/compose.yml b/compose.yml
index fc2fbf9..e5b6257 100644
--- a/compose.yml
+++ b/compose.yml
@@ -1,17 +1,19 @@
-version: "3"
services:
windows:
image: dockurr/windows
container_name: windows
environment:
- VERSION: "win11"
+ VERSION: "11"
devices:
- /dev/kvm
+ - /dev/net/tun
cap_add:
- NET_ADMIN
ports:
- 8006:8006
- 3389:3389/tcp
- 3389:3389/udp
+ volumes:
+ - ./windows:/storage
+ restart: always
stop_grace_period: 2m
- restart: on-failure
diff --git a/kubernetes.yml b/kubernetes.yml
new file mode 100644
index 0000000..fa8eef0
--- /dev/null
+++ b/kubernetes.yml
@@ -0,0 +1,100 @@
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: windows-pvc
+spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: 64Gi
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: windows
+ labels:
+ name: windows
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: windows
+ template:
+ metadata:
+ labels:
+ app: windows
+ spec:
+ containers:
+ - name: windows
+ image: dockurr/windows
+ env:
+ - name: VERSION
+ value: "11"
+ - name: DISK_SIZE
+ value: "64G"
+ ports:
+ - containerPort: 8006
+ name: http
+ protocol: TCP
+ - containerPort: 3389
+ name: rdp
+ protocol: TCP
+ - containerPort: 3389
+ name: udp
+ protocol: UDP
+ - containerPort: 5900
+ name: vnc
+ protocol: TCP
+ securityContext:
+ capabilities:
+ add:
+ - NET_ADMIN
+ privileged: true
+ volumeMounts:
+ - mountPath: /storage
+ name: storage
+ - mountPath: /dev/kvm
+ name: dev-kvm
+ - mountPath: /dev/net/tun
+ name: dev-tun
+ terminationGracePeriodSeconds: 120
+ volumes:
+ - name: storage
+ persistentVolumeClaim:
+ claimName: windows-pvc
+ - hostPath:
+ path: /dev/kvm
+ name: dev-kvm
+ - hostPath:
+ path: /dev/net/tun
+ type: CharDevice
+ name: dev-tun
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: windows
+spec:
+ internalTrafficPolicy: Cluster
+ ports:
+ - name: http
+ port: 8006
+ protocol: TCP
+ targetPort: 8006
+ - name: rdp
+ port: 3389
+ protocol: TCP
+ targetPort: 3389
+ - name: udp
+ port: 3389
+ protocol: UDP
+ targetPort: 3389
+ - name: vnc
+ port: 5900
+ protocol: TCP
+ targetPort: 5900
+ selector:
+ app: windows
+ type: ClusterIP
diff --git a/readme.md b/readme.md
index 520d897..adbb6bf 100644
--- a/readme.md
+++ b/readme.md
@@ -7,59 +7,76 @@
[![Build]][build_url]
[![Version]][tag_url]
[![Size]][tag_url]
+[![Package]][pkg_url]
[![Pulls]][hub_url]
</div></h1>
-Windows in a Docker container.
+Windows inside a Docker container.
-## Features
+## Features ✨
- ISO downloader
- KVM acceleration
- Web-based viewer
-## Video
+## Video 📺
[](https://www.youtube.com/watch?v=xhGYobuG508)
-## Usage
+## Usage 🐳
-Via Docker Compose:
+##### Via Docker Compose:
```yaml
-version: "3"
services:
windows:
image: dockurr/windows
container_name: windows
environment:
- VERSION: "win11"
+ VERSION: "11"
devices:
- /dev/kvm
+ - /dev/net/tun
cap_add:
- NET_ADMIN
ports:
- 8006:8006
- 3389:3389/tcp
- 3389:3389/udp
+ volumes:
+ - ./windows:/storage
+ restart: always
stop_grace_period: 2m
- restart: on-failure
```
-Via Docker CLI:
+##### Via Docker CLI:
```bash
-docker run -it --rm --name windows -p 8006:8006 --device=/dev/kvm --cap-add NET_ADMIN --stop-timeout 120 dockurr/windows
+docker run -it --rm --name windows -e "VERSION=11" -p 8006:8006 --device=/dev/kvm --device=/dev/net/tun --cap-add NET_ADMIN -v "${PWD:-.}/windows:/storage" --stop-timeout 120 docker.io/dockurr/windows
```
-## FAQ
+##### Via Kubernetes:
-* ### How do I use it?
+```shell
+kubectl apply -f https://raw.githubusercontent.com/dockur/windows/refs/heads/master/kubernetes.yml
+```
+
+##### Via Github Codespaces:
+
+[](https://codespaces.new/dockur/windows)
+
+##### Via a graphical installer:
+
+[](https://winboat.app)
+
+## FAQ 💬
+
+### How do I use it?
Very simple! These are the steps:
- - Start the container and connect to [port 8006](http://localhost:8006) using your web browser.
+ - Start the container and connect to [port 8006](http://127.0.0.1:8006/) using your web browser.
- Sit back and relax while the magic happens, the whole installation will be performed fully automatic.
@@ -67,60 +84,56 @@ docker run -it --rm --name windows -p 8006:8006 --device=/dev/kvm --cap-add NET_
Enjoy your brand new machine, and don't forget to star this repo!
-* ### How do I select the Windows version?
+### How do I select the Windows version?
- By default, Windows 11 will be installed. But you can add the `VERSION` environment variable to your compose file, in order to specify an alternative Windows version to be downloaded:
+ By default, Windows 11 Pro will be installed. But you can add the `VERSION` environment variable to your compose file, in order to specify an alternative Windows version to be downloaded:
```yaml
environment:
- VERSION: "win11"
+ VERSION: "11"
```
Select from the values below:
- | **Value** | **Description** | **Source** | **Transfer** | **Size** |
- |---|---|---|---|---|
- | `win11` | Windows 11 Pro | Microsoft | Fast | 6.4 GB |
- | `win10` | Windows 10 Pro | Microsoft | Fast | 5.8 GB |
- | `ltsc10` | Windows 10 LTSC | Microsoft | Fast | 4.6 GB |
- | `win81` | Windows 8.1 Pro | Microsoft | Fast | 4.2 GB |
- | `win7` | Windows 7 SP1 | Bob Pony | Medium | 3.0 GB |
- | `vista` | Windows Vista SP2 | Bob Pony | Medium | 3.6 GB |
- | `winxp` | Windows XP SP3 | Bob Pony | Medium | 0.6 GB |
- ||||||
- | `2022` | Windows Server 2022 | Microsoft | Fast | 4.7 GB |
- | `2019` | Windows Server 2019 | Microsoft | Fast | 5.3 GB |
- | `2016` | Windows Server 2016 | Microsoft | Fast | 6.5 GB |
- | `2012` | Windows Server 2012 R2 | Microsoft | Fast | 4.3 GB |
- | `2008` | Windows Server 2008 R2 | Microsoft | Fast | 3.0 GB |
- ||||||
- | `core11` | Tiny 11 Core | Archive.org | Slow | 2.1 GB |
- | `tiny11` | Tiny 11 | Archive.org | Slow | 3.8 GB |
- | `tiny10` | Tiny 10 | Archive.org | Slow | 3.6 GB |
+ | **Value** | **Version** | **Size** |
+ |---|---|---|
+ | `11` | Windows 11 Pro | 7.2 GB |
+ | `11l` | Windows 11 LTSC | 4.7 GB |
+ | `11e` | Windows 11 Enterprise | 6.6 GB |
+ ||||
+ | `10` | Windows 10 Pro | 5.7 GB |
+ | `10l` | Windows 10 LTSC | 4.6 GB |
+ | `10e` | Windows 10 Enterprise | 5.2 GB |
+ ||||
+ | `8e` | Windows 8.1 Enterprise | 3.7 GB |
+ | `7u` | Windows 7 Ultimate | 3.1 GB |
+ | `vu` | Windows Vista Ultimate | 3.0 GB |
+ | `xp` | Windows XP Professional | 0.6 GB |
+ | `2k` | Windows 2000 Professional | 0.4 GB |
+ ||||
+ | `2025` | Windows Server 2025 | 6.7 GB |
+ | `2022` | Windows Server 2022 | 6.0 GB |
+ | `2019` | Windows Server 2019 | 5.3 GB |
+ | `2016` | Windows Server 2016 | 6.5 GB |
+ | `2012` | Windows Server 2012 | 4.3 GB |
+ | `2008` | Windows Server 2008 | 3.0 GB |
+ | `2003` | Windows Server 2003 | 0.6 GB |
- To install ARM64 versions of Windows use [dockur/windows-arm](https://github.com/dockur/windows-arm/).
+> [!TIP]
+> To install ARM64 versions of Windows use [dockur/windows-arm](https://github.com/dockur/windows-arm/).
-* ### How do I connect using RDP?
+### How do I change the storage location?
- The web-viewer is mainly meant to be used during installation, as its picture quality is low, and it has no audio or clipboard for example.
-
- So for a better experience you can connect using any Microsoft Remote Desktop client to the IP of the container, using the username `docker` and by leaving the password empty.
-
- There is a good RDP client for [Android](https://play.google.com/store/apps/details?id=com.microsoft.rdc.androidx) available from the Play Store and one for [iOS](https://apps.apple.com/nl/app/microsoft-remote-desktop/id714464092?l=en-GB) in the Apple Store. For Linux you can use [FreeRDP](https://www.freerdp.com/) and on Windows just type `mstsc` in the search box.
-
-* ### How do I increase the amount of CPU or RAM?
-
- By default, 2 CPU cores and 4 GB of RAM are allocated to the container, as those are the minimum requirements of Windows 11.
-
- To increase this, add the following environment variables:
+ To change the storage location, include the following bind mount in your compose file:
```yaml
- environment:
- RAM_SIZE: "8G"
- CPU_CORES: "4"
+ volumes:
+ - ./windows:/storage
```
-* ### How do I change the size of the disk?
+ Replace the example path `./windows` with the desired storage folder or named volume.
+
+### How do I change the size of the disk?
To expand the default size of 64 GB, add the `DISK_SIZE` setting to your compose file and set it to your preferred capacity:
@@ -129,73 +142,120 @@ docker run -it --rm --name windows -p 8006:8006 --device=/dev/kvm --cap-add NET_
DISK_SIZE: "256G"
```
- This can also be used to resize the existing disk to a larger capacity without any data loss.
-
-* ### How do I change the storage location?
+> [!TIP]
+> This can also be used to resize the existing disk to a larger capacity without any data loss. However you will need to [manually extend the disk partition](https://learn.microsoft.com/en-us/windows-server/storage/disk-management/extend-a-basic-volume?tabs=disk-management) since the added disk space will appear as unallocated.
- To change the storage location, include the following bind mount in your compose file:
+### How do I share files with the host?
+
+ After installation there will be a folder called `Shared` on your desktop, which can be used to exchange files with the host machine.
+
+ To select a folder on the host for this purpose, include the following bind mount in your compose file:
```yaml
volumes:
- - /var/win:/storage
+ - ./example:/shared
```
- Replace the example path `/var/win` with the desired storage folder.
+ Replace the example path `./example` with your desired shared folder, which then will become visible as `Shared`.
-* ### How do I share files with the host?
+### How do I change the amount of CPU or RAM?
- Open File Explorer and click on the Network section, you will see a computer called `host.lan`, double-click it and it will show a folder called `Data`.
+ By default, Windows will be allowed to use 2 CPU cores and 4 GB of RAM.
- Inside this folder you can access any files that are placed in `/storage/shared` (see above) on the host.
+ If you want to adjust this, you can specify the desired amount using the following environment variables:
-* ### How do I install a custom image?
+ ```yaml
+ environment:
+ RAM_SIZE: "8G"
+ CPU_CORES: "4"
+ ```
- In order to download a custom ISO image, start a clean container with the URL of the ISO specified in the `VERSION` environment variable:
+### How do I configure the username and password?
+
+ By default, a user called `Docker` is created and its password is `admin`.
+
+ If you want to use different credentials during installation, you can configure them in your compose file:
+
+ ```yaml
+ environment:
+ USERNAME: "bill"
+ PASSWORD: "gates"
+ ```
+
+### How do I select the Windows language?
+
+ By default, the English version of Windows will be downloaded.
+
+ But you can add the `LANGUAGE` environment variable to your compose file, in order to specify an alternative language to be downloaded:
+
+ ```yaml
+ environment:
+ LANGUAGE: "French"
+ ```
+
+ You can choose between: 🇦🇪 Arabic, 🇧🇬 Bulgarian, 🇨🇳 Chinese, 🇭🇷 Croatian, 🇨🇿 Czech, 🇩🇰 Danish, 🇳🇱 Dutch, 🇬🇧 English, 🇪🇪 Estonian, 🇫🇮 Finnish, 🇫🇷 French, 🇩🇪 German, 🇬🇷 Greek, 🇮🇱 Hebrew, 🇭🇺 Hungarian, 🇮🇹 Italian, 🇯🇵 Japanese, 🇰🇷 Korean, 🇱🇻 Latvian, 🇱🇹 Lithuanian, 🇳🇴 Norwegian, 🇵🇱 Polish, 🇵🇹 Portuguese, 🇷🇴 Romanian, 🇷🇺 Russian, 🇷🇸 Serbian, 🇸🇰 Slovak, 🇸🇮 Slovenian, 🇪🇸 Spanish, 🇸🇪 Swedish, 🇹🇭 Thai, 🇹🇷 Turkish and 🇺🇦 Ukrainian.
+
+### How do I select the keyboard layout?
+
+ If you want to use a keyboard layout or locale that is not the default for your selected language, you can add `KEYBOARD` and `REGION` variables like this:
+
+ ```yaml
+ environment:
+ REGION: "en-US"
+ KEYBOARD: "en-US"
+ ```
+
+### How do I install a custom image?
+
+ In order to download an unsupported ISO image, specify its URL in the `VERSION` environment variable:
```yaml
environment:
VERSION: "https://example.com/win.iso"
```
- Alternatively, you can also use a local file directly, and skip the download, by binding it in your compose file in this way:
+ Alternatively, you can also skip the download and use a local file instead, by binding it in your compose file in this way:
```yaml
volumes:
- - /home/user/example.iso:/storage/custom.iso
+ - ./example.iso:/boot.iso
```
- Replace the example path `/home/user/example.iso` with the filename of the desired ISO file.
+ Replace the example path `./example.iso` with the filename of your desired ISO file. The value of `VERSION` will be ignored in this case.
-* ### How do I perform a manual installation?
+### How do I run a script after installation?
- It's best to use the automatic installation, as it optimizes various settings for use with this container.
+ To run your own script after installation, you can create a file called `install.bat` and place it in a folder together with any additional files it needs (software to be installed for example).
+
+ Then bind that folder in your compose file like this:
- However, if you insist on performing the installation manually, start a clean container with the following environment variable:
+ ```yaml
+ volumes:
+ - ./example:/oem
+ ```
+
+ The example folder `./example` will be copied to `C:\OEM` and the containing `install.bat` will be executed during the last step of the automatic installation.
+
+### How do I perform a manual installation?
+
+ It's recommended to stick to the automatic installation, as it adjusts various settings to prevent common issues when running Windows inside a virtual environment.
+
+ However, if you insist on performing the installation manually at your own risk, add the following environment variable to your compose file:
```yaml
environment:
MANUAL: "Y"
```
- Then follow these steps:
+### How do I connect using RDP?
- - Start the container and connect to [port 8006](http://localhost:8006) of the container in your web browser. After the download is finished, you will see the Windows installation screen.
+ The web-viewer is mainly meant to be used during installation, as its picture quality is low, and it has no audio or clipboard for example.
- - Start the installation by clicking `Install now`. On the next screen, press 'OK' when prompted to `Load driver` and select the `VirtIO SCSI` driver from the list that matches your Windows version. So for Windows 11, select `D:\amd64\w11\vioscsi.inf` and click 'Next'.
+ So for a better experience you can connect using any Microsoft Remote Desktop client to the IP of the container, using the username `Docker` and password `admin`.
- - Accept the license agreement and select your preferred Windows edition, like Home or Pro.
+ There is a RDP client for [Android](https://play.google.com/store/apps/details?id=com.microsoft.rdc.androidx) available from the Play Store and one for [iOS](https://apps.apple.com/nl/app/microsoft-remote-desktop/id714464092?l=en-GB) in the Apple Store. For Linux you can use [FreeRDP](https://www.freerdp.com/) and on Windows just type `mstsc` in the search box.
- - Choose `Custom: Install Windows only (advanced)`, and click `Load driver` on the next screen. Select 'Browse' and navigate to the `D:\NetKVM\w11\amd64` folder, and click 'OK'. Select the `VirtIO Ethernet Adapter` from the list and click 'Next'.
-
- - Select `Drive 0` and click 'Next'.
-
- - Wait until Windows finishes copying files and completes the installation.
-
- - Once you see the desktop, open File Explorer and navigate to the CD-ROM drive (E:). Double-click on `virtio-win-gt-x64.msi` and proceed to install the VirtIO drivers.
-
- Enjoy your brand new machine, and don't forget to star this repo!
-
-* ### How do I assign an individual IP address to the container?
+### How do I assign an individual IP address to the container?
By default, the container uses bridge networking, which shares the IP address with the host.
@@ -229,13 +289,14 @@ docker run -it --rm --name windows -p 8006:8006 --device=/dev/kvm --cap-add NET_
An added benefit of this approach is that you won't have to perform any port mapping anymore, since all ports will be exposed by default.
- Please note that this IP address won't be accessible from the Docker host due to the design of macvlan, which doesn't permit communication between the two. If this is a concern, you need to create a [second macvlan](https://blog.oddbit.com/post/2018-03-12-using-docker-macvlan-networks/#host-access) as a workaround.
+> [!IMPORTANT]
+> This IP address won't be accessible from the Docker host due to the design of macvlan, which doesn't permit communication between the two. If this is a concern, you need to create a [second macvlan](https://blog.oddbit.com/post/2018-03-12-using-docker-macvlan-networks/#host-access) as a workaround.
-* ### How can Windows acquire an IP address from my router?
+### How can Windows acquire an IP address from my router?
- After configuring the container for macvlan (see above), it is possible for Windows to become part of your home network by requesting an IP from your router, just like a real PC.
+ After configuring the container for [macvlan](#how-do-i-assign-an-individual-ip-address-to-the-container), it is possible for Windows to become part of your home network by requesting an IP from your router, just like a real PC.
- To enable this mode, add the following lines to your compose file:
+ To enable this mode, in which the container and Windows will have separate IP addresses, add the following lines to your compose file:
```yaml
environment:
@@ -246,24 +307,32 @@ docker run -it --rm --name windows -p 8006:8006 --device=/dev/kvm --cap-add NET_
- 'c *:* rwm'
```
- Please note that in this mode, the container and Windows will each have their own separate IPs. The container will keep the macvlan IP, and Windows will use the DHCP IP.
+### How do I add multiple disks?
+
+ To create additional disks, modify your compose file like this:
-* ### How do I pass-through a disk?
-
- It is possible to pass-through disk devices directly by adding them to your compose file in this way:
-
```yaml
environment:
- DEVICE: "/dev/sda"
- DEVICE2: "/dev/sdb"
- devices:
- - /dev/sda
- - /dev/sdb
+ DISK2_SIZE: "32G"
+ DISK3_SIZE: "64G"
+ volumes:
+ - ./example2:/storage2
+ - ./example3:/storage3
```
- Use `DEVICE` if you want it to become your main drive, and use `DEVICE2` and higher to add them as secondary drives.
+### How do I pass-through a disk?
-* ### How do I pass-through a USB device?
+ It is possible to pass-through disk devices or partitions directly by adding them to your compose file in this way:
+
+ ```yaml
+ devices:
+ - /dev/sdb:/disk1
+ - /dev/sdc1:/disk2
+ ```
+
+ Use `/disk1` if you want it to become your main drive (which will be formatted during installation), and use `/disk2` and higher to add them as secondary drives (which will stay untouched).
+
+### How do I pass-through a USB device?
To pass-through a USB device, first lookup its vendor and product id via the `lsusb` command, then add them to your compose file like this:
@@ -273,34 +342,60 @@ docker run -it --rm --name windows -p 8006:8006 --device=/dev/kvm --cap-add NET_
devices:
- /dev/bus/usb
```
-
-* ### How do I verify if my system supports KVM?
- To verify if your system supports KVM, run the following commands:
+ If the device is a USB disk drive, please wait until after the installation is fully completed before connecting it. Otherwise the installation may fail, as the order of the disks can get rearranged.
+
+### How do I verify if my system supports KVM?
+
+ First check if your software is compatible using this chart:
+
+ | **Product** | **Linux** | **Win11** | **Win10** | **macOS** |
+ |---|---|---|---|---|
+ | Docker CLI | ✅ | ✅ | ❌ | ❌ |
+ | Docker Desktop | ❌ | ✅ | ❌ | ❌ |
+ | Podman CLI | ✅ | ✅ | ❌ | ❌ |
+ | Podman Desktop | ✅ | ✅ | ❌ | ❌ |
+
+ After that you can run the following commands in Linux to check your system:
```bash
sudo apt install cpu-checker
sudo kvm-ok
```
- If you receive an error from `kvm-ok` indicating that KVM acceleration can't be used, check the virtualization settings in the BIOS.
+ If you receive an error from `kvm-ok` indicating that KVM cannot be used, please check whether:
-* ### Is this project legal?
+ - the virtualization extensions (`Intel VT-x` or `AMD SVM`) are enabled in your BIOS.
- Yes, this project contains only open-source code and does not distribute any copyrighted material. Any product keys found in the code are just generic placeholders provided by Microsoft for trial purposes. So under all applicable laws, this project would be considered legal.
+ - you enabled "nested virtualization" if you are running the container inside a virtual machine.
-## Stars
-[](https://starchart.cc/dockur/windows)
+ - you are not using a cloud provider, as most of them do not allow nested virtualization for their VPS's.
-## Disclaimer
+ If you did not receive any error from `kvm-ok` but the container still complains about a missing KVM device, it could help to add `privileged: true` to your compose file (or `sudo` to your `docker` command) to rule out any permission issue.
-The product names, logos, brands, and other trademarks referred to within this project are the property of their respective trademark holders. This project is not affiliated, sponsored, or endorsed by Microsoft Corporation.
+### How do I run macOS in a container?
+
+ You can use [dockur/macos](https://github.com/dockur/macos) for that. It shares many of the same features, except for the automatic installation.
+
+### How do I run a Linux desktop in a container?
+
+ You can use [qemus/qemu](https://github.com/qemus/qemu) in that case.
+
+### Is this project legal?
+
+ Yes, this project contains only open-source code and does not distribute any copyrighted material. Any product keys found in the code are just generic placeholders provided by Microsoft for trial purposes. So under all applicable laws, this project will be considered legal.
+
+## Disclaimer ⚖️
+
+*The product names, logos, brands, and other trademarks referred to within this project are the property of their respective trademark holders. This project is not affiliated, sponsored, or endorsed by Microsoft Corporation.*
[build_url]: https://github.com/dockur/windows/
[hub_url]: https://hub.docker.com/r/dockurr/windows/
[tag_url]: https://hub.docker.com/r/dockurr/windows/tags
+[pkg_url]: https://github.com/dockur/windows/pkgs/container/windows
[Build]: https://github.com/dockur/windows/actions/workflows/build.yml/badge.svg
[Size]: https://img.shields.io/docker/image-size/dockurr/windows/latest?color=066da5&label=size
[Pulls]: https://img.shields.io/docker/pulls/dockurr/windows.svg?style=flat&label=pulls&logo=docker
[Version]: https://img.shields.io/docker/v/dockurr/windows/latest?arch=amd64&sort=semver&color=066da5
+[Package]: https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fipitio.github.io%2Fbackage%2Fdockur%2Fwindows%2Fwindows.json&query=%24.downloads&logo=github&style=flat&color=066da5&label=pulls
diff --git a/src/define.sh b/src/define.sh
new file mode 100644
index 0000000..3db2069
--- /dev/null
+++ b/src/define.sh
@@ -0,0 +1,1944 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+: "${KEY:=""}"
+: "${WIDTH:=""}"
+: "${HEIGHT:=""}"
+: "${VERIFY:=""}"
+: "${REGION:=""}"
+: "${EDITION:=""}"
+: "${MANUAL:=""}"
+: "${REMOVE:=""}"
+: "${VERSION:=""}"
+: "${DETECTED:=""}"
+: "${KEYBOARD:=""}"
+: "${LANGUAGE:=""}"
+: "${USERNAME:=""}"
+: "${PASSWORD:=""}"
+
+MIRRORS=4
+
+parseVersion() {
+
+ if [[ "${VERSION}" == \"*\" || "${VERSION}" == \'*\' ]]; then
+ VERSION="${VERSION:1:-1}"
+ fi
+
+ VERSION=$(expr "$VERSION" : "^\ *\(.*[^ ]\)\ *$")
+ [ -z "$VERSION" ] && VERSION="win11"
+
+ case "${VERSION,,}" in
+ "11" | "11p" | "win11" | "pro11" | "win11p" | "windows11" | "windows 11" )
+ VERSION="win11x64"
+ ;;
+ "11e" | "win11e" | "windows11e" | "windows 11e" )
+ VERSION="win11x64-enterprise-eval"
+ ;;
+ "11i" | "11iot" | "iot11" | "win11i" | "win11-iot" | "win11x64-iot" )
+ VERSION="win11x64-enterprise-iot-eval"
+ [ -z "$DETECTED" ] && DETECTED="win11x64-iot"
+ ;;
+ "11l" | "11ltsc" | "ltsc11" | "win11l" | "win11-ltsc" | "win11x64-ltsc" )
+ VERSION="win11x64-enterprise-ltsc-eval"
+ [ -z "$DETECTED" ] && DETECTED="win11x64-ltsc"
+ ;;
+ "10" | "10p" | "win10" | "pro10" | "win10p" | "windows10" | "windows 10" )
+ VERSION="win10x64"
+ ;;
+ "10e" | "win10e" | "windows10e" | "windows 10e" )
+ VERSION="win10x64-enterprise-eval"
+ ;;
+ "10i" | "10iot" | "iot10" | "win10i" | "win10-iot" | "win10x64-iot" )
+ VERSION="win10x64-enterprise-iot-eval"
+ [ -z "$DETECTED" ] && DETECTED="win10x64-iot"
+ ;;
+ "10l" | "10ltsc" | "ltsc10" | "win10l" | "win10-ltsc" | "win10x64-ltsc" )
+ VERSION="win10x64-enterprise-ltsc-eval"
+ [ -z "$DETECTED" ] && DETECTED="win10x64-ltsc"
+ ;;
+ "8" | "8p" | "81" | "81p" | "pro8" | "8.1" | "win8" | "win8p" | "win81" | "win81p" | "windows 8" )
+ VERSION="win81x64"
+ ;;
+ "8e" | "81e" | "8.1e" | "win8e" | "win81e" | "windows 8e" )
+ VERSION="win81x64-enterprise-eval"
+ ;;
+ "7" | "win7" | "windows7" | "windows 7" )
+ VERSION="win7x64"
+ [ -z "$DETECTED" ] && DETECTED="win7x64-ultimate"
+ ;;
+ "7u" | "win7u" | "windows7u" | "windows 7u" )
+ VERSION="win7x64-ultimate"
+ ;;
+ "7e" | "win7e" | "windows7e" | "windows 7e" )
+ VERSION="win7x64-enterprise"
+ ;;
+ "7x86" | "win7x86" | "win732" | "windows7x86" )
+ VERSION="win7x86"
+ [ -z "$DETECTED" ] && DETECTED="win7x86-ultimate"
+ ;;
+ "7ux86" | "7u32" | "win7x86-ultimate" )
+ VERSION="win7x86-ultimate"
+ ;;
+ "7ex86" | "7e32" | "win7x86-enterprise" )
+ VERSION="win7x86-enterprise"
+ ;;
+ "vista" | "vs" | "6" | "winvista" | "windowsvista" | "windows vista" )
+ VERSION="winvistax64"
+ [ -z "$DETECTED" ] && DETECTED="winvistax64-ultimate"
+ ;;
+ "vistu" | "vu" | "6u" | "winvistu" )
+ VERSION="winvistax64-ultimate"
+ ;;
+ "viste" | "ve" | "6e" | "winviste" )
+ VERSION="winvistax64-enterprise"
+ ;;
+ "vistax86" | "vista32" | "6x86" | "winvistax86" | "windowsvistax86" )
+ VERSION="winvistax86"
+ [ -z "$DETECTED" ] && DETECTED="winvistax86-ultimate"
+ ;;
+ "vux86" | "vu32" | "winvistax86-ultimate" )
+ VERSION="winvistax86-ultimate"
+ ;;
+ "vex86" | "ve32" | "winvistax86-enterprise" )
+ VERSION="winvistax86-enterprise"
+ ;;
+ "xp" | "xp32" | "xpx86" | "5" | "5x86" | "winxp" | "winxp86" | "windowsxp" | "windows xp" )
+ VERSION="winxpx86"
+ ;;
+ "xp64" | "xpx64" | "5x64" | "winxp64" | "winxpx64" | "windowsxp64" | "windowsxpx64" )
+ VERSION="winxpx64"
+ ;;
+ "2k" | "2000" | "win2k" | "win2000" | "windows2k" | "windows2000" )
+ VERSION="win2kx86"
+ ;;
+ "25" | "2025" | "win25" | "win2025" | "windows2025" | "windows 2025" )
+ VERSION="win2025-eval"
+ ;;
+ "22" | "2022" | "win22" | "win2022" | "windows2022" | "windows 2022" )
+ VERSION="win2022-eval"
+ ;;
+ "19" | "2019" | "win19" | "win2019" | "windows2019" | "windows 2019" )
+ VERSION="win2019-eval"
+ ;;
+ "16" | "2016" | "win16" | "win2016" | "windows2016" | "windows 2016" )
+ VERSION="win2016-eval"
+ ;;
+ "hv" | "hyperv" | "hyper v" | "hyper-v" | "19hv" | "2019hv" | "win2019hv" )
+ VERSION="win2019-hv"
+ ;;
+ "2012" | "2012r2" | "win2012" | "win2012r2" | "windows2012" | "windows 2012" )
+ VERSION="win2012r2-eval"
+ ;;
+ "2008" | "2008r2" | "win2008" | "win2008r2" | "windows2008" | "windows 2008" )
+ VERSION="win2008r2"
+ ;;
+ "2003" | "2003r2" | "win2003" | "win2003r2" | "windows2003" | "windows 2003" )
+ VERSION="win2003r2"
+ ;;
+ "nano11" | "nano 11" )
+ VERSION="nano11"
+ [ -z "$DETECTED" ] && DETECTED="win11x64"
+ ;;
+ "core11" | "core 11" )
+ VERSION="core11"
+ [ -z "$DETECTED" ] && DETECTED="win11x64"
+ ;;
+ "tiny11" | "tiny 11" )
+ VERSION="tiny11"
+ [ -z "$DETECTED" ] && DETECTED="win11x64"
+ ;;
+ "tiny10" | "tiny 10" )
+ VERSION="tiny10"
+ [ -z "$DETECTED" ] && DETECTED="win10x64-ltsc"
+ ;;
+ esac
+
+ return 0
+}
+
+getLanguage() {
+
+ local id="$1"
+ local ret="$2"
+ local lang=""
+ local desc=""
+ local short=""
+ local culture=""
+
+ case "${id,,}" in
+ "ar" | "ar-"* )
+ short="ar"
+ lang="Arabic"
+ desc="$lang"
+ culture="ar-SA" ;;
+ "bg" | "bg-"* )
+ short="bg"
+ lang="Bulgarian"
+ desc="$lang"
+ culture="bg-BG" ;;
+ "cs" | "cs-"* | "cz" | "cz-"* )
+ short="cs"
+ lang="Czech"
+ desc="$lang"
+ culture="cs-CZ" ;;
+ "da" | "da-"* | "dk" | "dk-"* )
+ short="da"
+ lang="Danish"
+ desc="$lang"
+ culture="da-DK" ;;
+ "de" | "de-"* )
+ short="de"
+ lang="German"
+ desc="$lang"
+ culture="de-DE" ;;
+ "el" | "el-"* | "gr" | "gr-"* )
+ short="el"
+ lang="Greek"
+ desc="$lang"
+ culture="el-GR" ;;
+ "gb" | "en-gb" )
+ short="en-gb"
+ lang="English International"
+ desc="English"
+ culture="en-GB" ;;
+ "en" | "en-"* )
+ short="en"
+ lang="English"
+ desc="English"
+ culture="en-US" ;;
+ "mx" | "es-mx" )
+ short="mx"
+ lang="Spanish (Mexico)"
+ desc="Spanish"
+ culture="es-MX" ;;
+ "es" | "es-"* )
+ short="es"
+ lang="Spanish"
+ desc="$lang"
+ culture="es-ES" ;;
+ "et" | "et-"* )
+ short="et"
+ lang="Estonian"
+ desc="$lang"
+ culture="et-EE" ;;
+ "fi" | "fi-"* )
+ short="fi"
+ lang="Finnish"
+ desc="$lang"
+ culture="fi-FI" ;;
+ "ca" | "fr-ca" )
+ short="ca"
+ lang="French Canadian"
+ desc="French"
+ culture="fr-CA" ;;
+ "fr" | "fr-"* )
+ short="fr"
+ lang="French"
+ desc="$lang"
+ culture="fr-FR" ;;
+ "he" | "he-"* | "il" | "il-"* )
+ short="he"
+ lang="Hebrew"
+ desc="$lang"
+ culture="he-IL" ;;
+ "hr" | "hr-"* | "cr" | "cr-"* )
+ short="hr"
+ lang="Croatian"
+ desc="$lang"
+ culture="hr-HR" ;;
+ "hu" | "hu-"* )
+ short="hu"
+ lang="Hungarian"
+ desc="$lang"
+ culture="hu-HU" ;;
+ "it" | "it-"* )
+ short="it"
+ lang="Italian"
+ desc="$lang"
+ culture="it-IT" ;;
+ "ja" | "ja-"* | "jp" | "jp-"* )
+ short="ja"
+ lang="Japanese"
+ desc="$lang"
+ culture="ja-JP" ;;
+ "ko" | "ko-"* | "kr" | "kr-"* )
+ short="ko"
+ lang="Korean"
+ desc="$lang"
+ culture="ko-KR" ;;
+ "lt" | "lt-"* )
+ short="lt"
+ lang="Lithuanian"
+ desc="$lang"
+ culture="lt-LT" ;;
+ "lv" | "lv-"* )
+ short="lv"
+ lang="Latvian"
+ desc="$lang"
+ culture="lv-LV" ;;
+ "nb" | "nb-"* |"nn" | "nn-"* | "no" | "no-"* )
+ short="no"
+ lang="Norwegian"
+ desc="$lang"
+ culture="nb-NO" ;;
+ "nl" | "nl-"* )
+ short="nl"
+ lang="Dutch"
+ desc="$lang"
+ culture="nl-NL" ;;
+ "pl" | "pl-"* )
+ short="pl"
+ lang="Polish"
+ desc="$lang"
+ culture="pl-PL" ;;
+ "br" | "pt-br" )
+ short="pt"
+ lang="Brazilian Portuguese"
+ desc="Portuguese"
+ culture="pt-BR" ;;
+ "pt" | "pt-"* )
+ short="pp"
+ lang="Portuguese"
+ desc="$lang"
+ culture="pt-BR" ;;
+ "ro" | "ro-"* )
+ short="ro"
+ lang="Romanian"
+ desc="$lang"
+ culture="ro-RO" ;;
+ "ru" | "ru-"* )
+ short="ru"
+ lang="Russian"
+ desc="$lang"
+ culture="ru-RU" ;;
+ "sk" | "sk-"* )
+ short="sk"
+ lang="Slovak"
+ desc="$lang"
+ culture="sk-SK" ;;
+ "sl" | "sl-"* | "si" | "si-"* )
+ short="sl"
+ lang="Slovenian"
+ desc="$lang"
+ culture="sl-SI" ;;
+ "sr" | "sr-"* )
+ short="sr"
+ lang="Serbian Latin"
+ desc="Serbian"
+ culture="sr-Latn-RS" ;;
+ "sv" | "sv-"* | "se" | "se-"* )
+ short="sv"
+ lang="Swedish"
+ desc="$lang"
+ culture="sv-SE" ;;
+ "th" | "th-"* )
+ short="th"
+ lang="Thai"
+ desc="$lang"
+ culture="th-TH" ;;
+ "tr" | "tr-"* )
+ short="tr"
+ lang="Turkish"
+ desc="$lang"
+ culture="tr-TR" ;;
+ "ua" | "ua-"* | "uk" | "uk-"* )
+ short="uk"
+ lang="Ukrainian"
+ desc="$lang"
+ culture="uk-UA" ;;
+ "hk" | "zh-hk" | "cn-hk" )
+ short="hk"
+ lang="Chinese (Traditional)"
+ desc="Chinese HK"
+ culture="zh-TW" ;;
+ "tw" | "zh-tw" | "cn-tw" )
+ short="tw"
+ lang="Chinese (Traditional)"
+ desc="Chinese TW"
+ culture="zh-TW" ;;
+ "zh" | "zh-"* | "cn" | "cn-"* )
+ short="cn"
+ lang="Chinese (Simplified)"
+ desc="Chinese"
+ culture="zh-CN" ;;
+ esac
+
+ case "${ret,,}" in
+ "desc" ) echo "$desc" ;;
+ "name" ) echo "$lang" ;;
+ "code" ) echo "$short" ;;
+ "culture" ) echo "$culture" ;;
+ *) echo "$desc";;
+ esac
+
+ return 0
+}
+
+parseLanguage() {
+
+ REGION="${REGION//_/-/}"
+ KEYBOARD="${KEYBOARD//_/-/}"
+ LANGUAGE="${LANGUAGE//_/-/}"
+
+ [ -z "$LANGUAGE" ] && LANGUAGE="en"
+
+ case "${LANGUAGE,,}" in
+ "arabic" | "arab" ) LANGUAGE="ar" ;;
+ "bulgarian" | "bu" ) LANGUAGE="bg" ;;
+ "chinese" | "cn" ) LANGUAGE="zh" ;;
+ "croatian" | "cr" | "hrvatski" ) LANGUAGE="hr" ;;
+ "czech" | "cz" | "cesky" ) LANGUAGE="cs" ;;
+ "danish" | "dk" | "danske" ) LANGUAGE="da" ;;
+ "dutch" | "nederlands" ) LANGUAGE="nl" ;;
+ "english" | "gb" | "british" ) LANGUAGE="en" ;;
+ "estonian" | "eesti" ) LANGUAGE="et" ;;
+ "finnish" | "suomi" ) LANGUAGE="fi" ;;
+ "french" | "français" | "francais" ) LANGUAGE="fr" ;;
+ "german" | "deutsch" ) LANGUAGE="de" ;;
+ "greek" | "gr" ) LANGUAGE="el" ;;
+ "hebrew" | "il" ) LANGUAGE="he" ;;
+ "hungarian" | "magyar" ) LANGUAGE="hu" ;;
+ "italian" | "italiano" ) LANGUAGE="it" ;;
+ "japanese" | "jp" ) LANGUAGE="ja" ;;
+ "korean" | "kr" ) LANGUAGE="ko" ;;
+ "latvian" | "latvijas" ) LANGUAGE="lv" ;;
+ "lithuanian" | "lietuvos" ) LANGUAGE="lt" ;;
+ "norwegian" | "no" | "nb" | "norsk" ) LANGUAGE="nn" ;;
+ "polish" | "polski" ) LANGUAGE="pl" ;;
+ "portuguese" | "pt" | "br" ) LANGUAGE="pt-br" ;;
+ "português" | "portugues" ) LANGUAGE="pt-br" ;;
+ "romanian" | "română" | "romana" ) LANGUAGE="ro" ;;
+ "russian" | "ruski" ) LANGUAGE="ru" ;;
+ "serbian" | "serbian latin" ) LANGUAGE="sr" ;;
+ "slovak" | "slovenský" | "slovensky" ) LANGUAGE="sk" ;;
+ "slovenian" | "si" | "slovenski" ) LANGUAGE="sl" ;;
+ "spanish" | "espanol" | "español" ) LANGUAGE="es" ;;
+ "swedish" | "se" | "svenska" ) LANGUAGE="sv" ;;
+ "turkish" | "türk" | "turk" ) LANGUAGE="tr" ;;
+ "thai" ) LANGUAGE="th" ;;
+ "ukrainian" | "ua" ) LANGUAGE="uk" ;;
+ esac
+
+ local culture
+ culture=$(getLanguage "$LANGUAGE" "culture")
+ [ -n "$culture" ] && return 0
+
+ error "Invalid LANGUAGE specified, value \"$LANGUAGE\" is not recognized!"
+ return 1
+}
+
+printVersion() {
+
+ local id="$1"
+ local desc="$2"
+
+ case "${id,,}" in
+ "tiny11"* ) desc="Tiny 11" ;;
+ "tiny10"* ) desc="Tiny 10" ;;
+ "core11"* ) desc="Core 11" ;;
+ "nano11"* ) desc="Nano 11" ;;
+ "win7"* ) desc="Windows 7" ;;
+ "win8"* ) desc="Windows 8" ;;
+ "win10"* ) desc="Windows 10" ;;
+ "win11"* ) desc="Windows 11" ;;
+ "winxp"* ) desc="Windows XP" ;;
+ "win9x"* ) desc="Windows ME" ;;
+ "win98"* ) desc="Windows 98" ;;
+ "win95"* ) desc="Windows 95" ;;
+ "win2k"* ) desc="Windows 2000" ;;
+ "winvista"* ) desc="Windows Vista" ;;
+ "win2019-hv"* ) desc="Hyper-V Server" ;;
+ "win2003"* ) desc="Windows Server 2003" ;;
+ "win2008"* ) desc="Windows Server 2008" ;;
+ "win2012"* ) desc="Windows Server 2012" ;;
+ "win2016"* ) desc="Windows Server 2016" ;;
+ "win2019"* ) desc="Windows Server 2019" ;;
+ "win2022"* ) desc="Windows Server 2022" ;;
+ "win2025"* ) desc="Windows Server 2025" ;;
+ esac
+
+ if [ -z "$desc" ]; then
+ desc="Windows"
+ [[ "${PLATFORM,,}" != "x64" ]] && desc+=" for ${PLATFORM}"
+ fi
+
+ echo "$desc"
+ return 0
+}
+
+printEdition() {
+
+ local id="$1"
+ local desc="$2"
+ local result=""
+ local edition=""
+
+ result=$(printVersion "$id" "x")
+ [[ "$result" == "x" ]] && echo "$desc" && return 0
+
+ case "${id,,}" in
+ *"-home" )
+ edition="Home"
+ ;;
+ *"-starter" )
+ edition="Starter"
+ ;;
+ *"-ultimate" )
+ edition="Ultimate"
+ ;;
+ *"-enterprise" )
+ edition="Enterprise"
+ ;;
+ *"-education" )
+ edition="Education"
+ ;;
+ *"-hv" )
+ edition="2019"
+ ;;
+ *"-iot" | *"-iot-eval" )
+ edition="LTSC"
+ ;;
+ *"-ltsc" | *"-ltsc-eval" )
+ edition="LTSC"
+ ;;
+ *"-enterprise-eval" )
+ edition="Enterprise (Evaluation)"
+ ;;
+ "win7"* )
+ edition="Professional"
+ ;;
+ "win8"* | "win10"* | "win11"* )
+ edition="Pro"
+ ;;
+ "winxp"* )
+ edition="Professional"
+ ;;
+ "winvista"* )
+ edition="Business"
+ ;;
+ "win2025"* | "win2022"* | "win2019"* | "win2016"* | "win2012"* | "win2008"* | "win2003"* )
+ case "${EDITION^^}" in
+ *"DATACENTER"* ) edition="Datacenter" ;;
+ "CORE" | "STANDARDCORE" ) edition="Core" ;;
+ * ) edition="Standard" ;;
+ esac
+ ;;
+ esac
+
+ [ -n "$edition" ] && result+=" $edition"
+
+ echo "$result"
+ return 0
+}
+
+fromFile() {
+
+ local id=""
+ local desc="$1"
+ local file="${1,,}"
+ local arch="${PLATFORM,,}"
+
+ file="${file//-/_}"
+ file="${file// /_}"
+
+ case "$file" in
+ *"_x64_"* | *"_x64."*)
+ arch="x64"
+ ;;
+ *"_x86_"* | *"_x86."*)
+ arch="x86"
+ ;;
+ *"_arm64_"* | *"_arm64."*)
+ arch="arm64"
+ ;;
+ esac
+
+ local add=""
+ [[ "$arch" != "x64" ]] && add="$arch"
+
+ case "$file" in
+ "win7"* | "win_7"* | *"windows7"* | *"windows_7"* )
+ id="win7${arch}"
+ ;;
+ "win8"* | "win_8"* | *"windows8"* | *"windows_8"* )
+ id="win81${arch}"
+ ;;
+ "win10"*| "win_10"* | *"windows10"* | *"windows_10"* )
+ id="win10${arch}"
+ ;;
+ "win11"* | "win_11"* | *"windows11"* | *"windows_11"* )
+ id="win11${arch}"
+ ;;
+ *"winxp"* | *"win_xp"* | *"windowsxp"* | *"windows_xp"* )
+ id="winxpx86"
+ ;;
+ *"winvista"* | *"win_vista"* | *"windowsvista"* | *"windows_vista"* )
+ id="winvista${arch}"
+ ;;
+ "nano11"* | "nano_11"* )
+ id="nano11"
+ ;;
+ "tiny11core"* | "tiny11_core"* | "tiny_11_core"* )
+ id="core11"
+ ;;
+ "tiny11"* | "tiny_11"* )
+ id="tiny11"
+ ;;
+ "tiny10"* | "tiny_10"* )
+ id="tiny10"
+ ;;
+ *"_serverhypercore_"* )
+ id="win2019${add}-hv"
+ ;;
+ *"server2025"* | *"server_2025"* )
+ id="win2025${add}"
+ ;;
+ *"server2022"* | *"server_2022"* )
+ id="win2022${add}"
+ ;;
+ *"server2019"* | *"server_2019"* )
+ id="win2019${add}"
+ ;;
+ *"server2016"* | *"server_2016"* )
+ id="win2016${add}"
+ ;;
+ *"server2012"* | *"server_2012"* )
+ id="win2012r2${add}"
+ ;;
+ *"server2008"* | *"server_2008"* )
+ id="win2008r2${add}"
+ ;;
+ *"server2003"* | *"server_2003"* )
+ id="win2003r2${add}"
+ ;;
+ esac
+
+ if [ -n "$id" ]; then
+ desc=$(printVersion "$id" "$desc")
+ fi
+
+ echo "$desc"
+ return 0
+}
+
+fromName() {
+
+ local id=""
+ local name="$1"
+ local arch="$2"
+
+ local add=""
+ [[ "$arch" != "x64" ]] && add="$arch"
+
+ case "${name,,}" in
+ *"windows 7"* ) id="win7${arch}" ;;
+ *"windows 8"* ) id="win81${arch}" ;;
+ *"windows 10"* ) id="win10${arch}" ;;
+ *"optimum 10"* ) id="win10${arch}" ;;
+ *"windows 11"* ) id="win11${arch}" ;;
+ *"optimum 11"* ) id="win11${arch}" ;;
+ *"windows vista"* ) id="winvista${arch}" ;;
+ *"server 2025"* ) id="win2025${add}" ;;
+ *"server 2022"* ) id="win2022${add}" ;;
+ *"server 2019"* ) id="win2019${add}" ;;
+ *"server 2016"* ) id="win2016${add}" ;;
+ *"server 2012"* ) id="win2012r2${add}" ;;
+ *"server 2008"* ) id="win2008r2${add}" ;;
+ *"server 2003"* ) id="win2003r2${add}" ;;
+ *"hyper-v server"* ) id="win2019${add}" ;;
+ esac
+
+ echo "$id"
+ return 0
+}
+
+getVersion() {
+
+ local id
+ local name="$1"
+ local arch="$2"
+
+ id=$(fromName "$name" "$arch")
+
+ case "${id,,}" in
+ "win7"* | "winvista"* )
+ case "${name,,}" in
+ *" home"* ) id="$id-home" ;;
+ *" starter"* ) id="$id-starter" ;;
+ *" ultimate"* ) id="$id-ultimate" ;;
+ *" enterprise evaluation"* ) id="$id-enterprise-eval" ;;
+ *" enterprise"* ) id="$id-enterprise" ;;
+ esac
+ ;;
+ "win8"* )
+ case "${name,,}" in
+ *" enterprise evaluation"* ) id="$id-enterprise-eval" ;;
+ *" enterprise"* ) id="$id-enterprise" ;;
+ esac
+ ;;
+ "win10"* | "win11"* )
+ case "${name,,}" in
+ *" iot"* ) id="$id-iot" ;;
+ *" ltsc"* ) id="$id-ltsc" ;;
+ *" home"* ) id="$id-home" ;;
+ *" education"* ) id="$id-education" ;;
+ *" enterprise evaluation"* ) id="$id-enterprise-eval" ;;
+ *" enterprise"* ) id="$id-enterprise" ;;
+ esac
+ ;;
+ "win2025"* | "win2022"* | "win2019"* | "win2016"* | "win2012"* | "win2008"* | "win2003"* )
+ case "${name,,}" in
+ *" evaluation"* ) id="$id-eval" ;;
+ *"hyper-v server"* ) id="$id-hv" ;;
+ esac
+ ;;
+ esac
+
+ echo "$id"
+ return 0
+}
+
+switchEdition() {
+
+ local id="$1"
+
+ if [[ "${id,,}" == *"-eval" ]]; then
+ [ -z "$DETECTED" ] && DETECTED="${id::-5}"
+ fi
+
+ return 0
+}
+
+getMido() {
+
+ local id="$1"
+ local lang="$2"
+ local ret="$3"
+ local url=""
+ local sum=""
+ local size=""
+
+ [[ "${lang,,}" != "en" && "${lang,,}" != "en-us" ]] && return 0
+
+ case "${id,,}" in
+ "win11x64" )
+ size=7736125440
+ sum="d141f6030fed50f75e2b03e1eb2e53646c4b21e5386047cb860af5223f102a32"
+ url="https://software-static.download.prss.microsoft.com/dbazure/888969d5-f34g-4e03-ac9d-1f9786c66749/26200.6584.250915-1905.25h2_ge_release_svc_refresh_CLIENT_CONSUMER_x64FRE_en-us.iso"
+ ;;
+ "win11x64-enterprise-eval" )
+ size=7092807680
+ sum="a61adeab895ef5a4db436e0a7011c92a2ff17bb0357f58b13bbc4062e535e7b9"
+ url="https://software-static.download.prss.microsoft.com/dbazure/888969d5-f34g-4e03-ac9d-1f9786c66749/26200.6584.250915-1905.25h2_ge_release_svc_refresh_CLIENTENTERPRISEEVAL_OEMRET_x64FRE_en-us.iso"
+ ;;
+ "win11x64-enterprise-iot-eval" | "win11x64-enterprise-ltsc-eval" )
+ size=5060020224
+ sum="2cee70bd183df42b92a2e0da08cc2bb7a2a9ce3a3841955a012c0f77aeb3cb29"
+ url="https://software-static.download.prss.microsoft.com/dbazure/888969d5-f34g-4e03-ac9d-1f9786c66749/26100.1.240331-1435.ge_release_CLIENT_IOT_LTSC_EVAL_x64FRE_en-us.iso"
+ ;;
+ "win10x64" )
+ size=6140975104
+ sum="a6f470ca6d331eb353b815c043e327a347f594f37ff525f17764738fe812852e"
+ ;;
+ "win10x64-enterprise-eval" )
+ size=5550497792
+ sum="ef7312733a9f5d7d51cfa04ac497671995674ca5e1058d5164d6028f0938d668"
+ url="https://software-static.download.prss.microsoft.com/dbazure/988969d5-f34g-4e03-ac9d-1f9786c66750/19045.2006.220908-0225.22h2_release_svc_refresh_CLIENTENTERPRISEEVAL_OEMRET_x64FRE_en-us.iso"
+ ;;
+ "win10x64-enterprise-ltsc-eval" )
+ size=4898582528
+ sum="e4ab2e3535be5748252a8d5d57539a6e59be8d6726345ee10e7afd2cb89fefb5"
+ url="https://software-download.microsoft.com/download/pr/19044.1288.211006-0501.21h2_release_svc_refresh_CLIENT_LTSC_EVAL_x64FRE_en-us.iso"
+ ;;
+ "win81x64-enterprise-eval" )
+ size=3961473024
+ sum="2dedd44c45646c74efc5a028f65336027e14a56f76686a4631cf94ffe37c72f2"
+ url="https://download.microsoft.com/download/B/9/9/B999286E-0A47-406D-8B3D-5B5AD7373A4A/9600.17050.WINBLUE_REFRESH.140317-1640_X64FRE_ENTERPRISE_EVAL_EN-US-IR3_CENA_X64FREE_EN-US_DV9.ISO"
+ ;;
+ "win2025-eval" )
+ size=6014152704
+ sum="d0ef4502e350e3c6c53c15b1b3020d38a5ded011bf04998e950720ac8579b23d"
+ url="https://software-static.download.prss.microsoft.com/dbazure/888969d5-f34g-4e03-ac9d-1f9786c66749/26100.1742.240906-0331.ge_release_svc_refresh_SERVER_EVAL_x64FRE_en-us.iso"
+ ;;
+ "win2022-eval" )
+ size=5044094976
+ sum="3e4fa6d8507b554856fc9ca6079cc402df11a8b79344871669f0251535255325"
+ url="https://software-static.download.prss.microsoft.com/sg/download/888969d5-f34g-4e03-ac9d-1f9786c66749/SERVER_EVAL_x64FRE_en-us.iso"
+ ;;
+ "win2019-eval" )
+ size=5652088832
+ sum="6dae072e7f78f4ccab74a45341de0d6e2d45c39be25f1f5920a2ab4f51d7bcbb"
+ url="https://software-download.microsoft.com/download/pr/17763.737.190906-2324.rs5_release_svc_refresh_SERVER_EVAL_x64FRE_en-us_1.iso"
+ ;;
+ "win2019-hv" )
+ size=3072712704
+ sum="48e9b944518e5bbc80876a9a7ff99716f386f404f4be48dca47e16a66ae7872c"
+ url="https://software-download.microsoft.com/download/pr/17763.557.190612-0019.rs5_release_svc_refresh_SERVERHYPERCORE_OEM_x64FRE_en-us.ISO"
+ ;;
+ "win2016-eval" )
+ size=6972221440
+ sum="1ce702a578a3cb1ac3d14873980838590f06d5b7101c5daaccbac9d73f1fb50f"
+ url="https://software-download.microsoft.com/download/pr/Windows_Server_2016_Datacenter_EVAL_en-us_14393_refresh.ISO"
+ ;;
+ "win2012r2-eval" )
+ size=4542291968
+ sum="6612b5b1f53e845aacdf96e974bb119a3d9b4dcb5b82e65804ab7e534dc7b4d5"
+ url="https://download.microsoft.com/download/6/2/A/62A76ABB-9990-4EFC-A4FE-C7D698DAEB96/9600.17050.WINBLUE_REFRESH.140317-1640_X64FRE_SERVER_EVAL_EN-US-IR3_SSS_X64FREE_EN-US_DV9.ISO"
+ ;;
+ "win2008r2" )
+ size=3166840832
+ sum="30832ad76ccfa4ce48ccb936edefe02079d42fb1da32201bf9e3a880c8ed6312"
+ url="https://download.microsoft.com/download/4/1/D/41DEA7E0-B30D-4012-A1E3-F24DC03BA1BB/7601.17514.101119-1850_x64fre_server_eval_en-us-GRMSXEVAL_EN_DVD.iso"
+ ;;
+ esac
+
+ case "${ret,,}" in
+ "sum" ) echo "$sum" ;;
+ "size" ) echo "$size" ;;
+ *) echo "$url";;
+ esac
+
+ return 0
+}
+
+getLink1() {
+
+ # Fallbacks for users who cannot connect to the Microsoft servers
+
+ local id="$1"
+ local lang="$2"
+ local ret="$3"
+ local url=""
+ local sum=""
+ local size=""
+ local host="https://dl.bobpony.com/windows"
+
+ [[ "${lang,,}" != "en" && "${lang,,}" != "en-us" ]] && return 0
+
+ case "${id,,}" in
+ "win11x64" | "win11x64-enterprise" | "win11x64-enterprise-eval" )
+ size=5332989952
+ sum="aa1ad990f930d907b7a34ea897abbb0dfbe47552ca8acc146f92e40381839e05"
+ url="11/en-us_windows_11_24h2_x64.iso"
+ ;;
+ "win11x64-iot" | "win11x64-enterprise-iot" | "win11x64-enterprise-iot-eval" )
+ size=5144817664
+ sum="4f59662a96fc1da48c1b415d6c369d08af55ddd64e8f1c84e0166d9e50405d7a"
+ url="11/X23-81951_26100.1742.240906-0331.ge_release_svc_refresh_CLIENT_ENTERPRISES_OEM_x64FRE_en-us.iso"
+ ;;
+ "win11x64-ltsc" | "win11x64-enterprise-ltsc" | "win11x64-enterprise-ltsc-eval" )
+ size=5144817664
+ sum="4f59662a96fc1da48c1b415d6c369d08af55ddd64e8f1c84e0166d9e50405d7a"
+ url="11/X23-81951_26100.1742.240906-0331.ge_release_svc_refresh_CLIENT_ENTERPRISES_OEM_x64FRE_en-us.iso"
+ ;;
+ "win10x64" | "win10x64-enterprise" | "win10x64-enterprise-eval" )
+ size=5535252480
+ sum="557871965263d0fd0a1ea50b5d0d0d7cb04a279148ca905c1c675c9bc0d5486c"
+ url="10/en-us_windows_10_22h2_x64.iso"
+ ;;
+ "win10x64-iot" | "win10x64-enterprise-iot" | "win10x64-enterprise-iot-eval" )
+ size=4851668992
+ sum="a0334f31ea7a3e6932b9ad7206608248f0bd40698bfb8fc65f14fc5e4976c160"
+ url="10/en-us_windows_10_iot_enterprise_ltsc_2021_x64_dvd_257ad90f.iso"
+ ;;
+ "win10x64-ltsc" | "win10x64-enterprise-ltsc" | "win10x64-enterprise-ltsc-eval" )
+ size=4899461120
+ sum="c90a6df8997bf49e56b9673982f3e80745058723a707aef8f22998ae6479597d"
+ url="10/en-us_windows_10_enterprise_ltsc_2021_x64_dvd_d289cf96.iso"
+ ;;
+ "win81x64" )
+ size=4320526336
+ sum="d8333cf427eb3318ff6ab755eb1dd9d433f0e2ae43745312c1cd23e83ca1ce51"
+ url="8.x/8.1/en_windows_8.1_with_update_x64_dvd_6051480.iso"
+ ;;
+ "win81x64-enterprise" | "win81x64-enterprise-eval" )
+ size=4139163648
+ sum="c3c604c03677504e8905090a8ce5bb1dde76b6fd58e10f32e3a25bef21b2abe1"
+ url="8.x/8.1/en_windows_8.1_enterprise_with_update_x64_dvd_6054382.iso"
+ ;;
+ "win2025" | "win2025-eval" )
+ size=6786627584
+ sum="bf3ef0849c7cb5e818e1035b7466d206af5aa227ace1a3f4b0de2bf00d2e2144"
+ url="server/2025/en-us_windows_server_2025_updated_april_2025_x64_dvd_ea86301d.iso"
+ ;;
+ "win2022" | "win2022-eval" )
+ size=6005706752
+ sum="cea2cb2c09de9910c236e64eae3a801c55e9c77ec25e8d81585e3a4581d24bfb"
+ url="server/2022/en-us_windows_server_2022_updated_april_2025_x64_dvd_3f755ec1.iso"
+ ;;
+ "win2019" | "win2019-eval" )
+ size=5575774208
+ sum="0067afe7fdc4e61f677bd8c35a209082aa917df9c117527fc4b2b52a447e89bb"
+ url="server/2019/en-us_windows_server_2019_updated_aug_2021_x64_dvd_a6431a28.iso"
+ ;;
+ "win2016" | "win2016-eval" )
+ size=6006587392
+ sum="af06e5483c786c023123e325cea4775050324d9e1366f46850b515ae43f764be"
+ url="server/2016/en_windows_server_2016_updated_feb_2018_x64_dvd_11636692.iso"
+ ;;
+ "win2012r2" | "win2012r2-eval" )
+ size=5397889024
+ sum="f351e89eb88a96af4626ceb3450248b8573e3ed5924a4e19ea891e6003b62e4e"
+ url="server/2012r2/en_windows_server_2012_r2_with_update_x64_dvd_6052708-004.iso"
+ ;;
+ "win2008r2" | "win2008r2-eval" )
+ size=3166584832
+ sum="dfd9890881b7e832a927c38310fb415b7ea62ac5a896671f2ce2a111998f0df8"
+ url="server/2008r2/en_windows_server_2008_r2_with_sp1_x64_dvd_617601-018.iso"
+ ;;
+ "win7x64" | "win7x64-ultimate" )
+ size=3320836096
+ sum="0b738b55a5ea388ad016535a5c8234daf2e5715a0638488ddd8a228a836055a1"
+ url="7/en_windows_7_with_sp1_x64.iso"
+ ;;
+ "win7x64-enterprise" | "win7x64-enterprise-eval" )
+ size=3182604288
+ sum="ee69f3e9b86ff973f632db8e01700c5724ef78420b175d25bae6ead90f6805a7"
+ url="7/en_windows_7_enterprise_with_sp1_x64_dvd_u_677651.iso"
+ ;;
+ "win7x86" | "win7x86-ultimate" )
+ size=2564411392
+ sum="99f3369c90160816be07093dbb0ac053e0a84e52d6ed1395c92ae208ccdf67e5"
+ url="7/en_windows_7_with_sp1_x86.iso"
+ ;;
+ "win7x86-enterprise" | "win7x86-enterprise-eval" )
+ size=2434502656
+ sum="8bdd46ff8cb8b8de9c4aba02706629c8983c45e87da110e64e13be17c8434dad"
+ url="7/en_windows_7_enterprise_with_sp1_x86_dvd_u_677710.iso"
+ ;;
+ "winvistax64" | "winvistax64-ultimate" )
+ size=3861460992
+ sum="edf9f947c5791469fd7d2d40a5dcce663efa754f91847aa1d28ed7f585675b78"
+ url="vista/en_windows_vista_sp2_x64_dvd_342267.iso"
+ ;;
+ "winvistax86" | "winvistax86-ultimate" )
+ size=3243413504
+ sum="9c36fed4255bd05a8506b2da88f9aad73643395e155e609398aacd2b5276289c"
+ url="vista/en_windows_vista_with_sp2_x86_dvd_342266.iso"
+ ;;
+ "win2003r2" )
+ size=731650535
+ sum="6b64bbae7eb00fd000cc887ffdc9f224d00c557daad7f756cfa373950b880dc8"
+ url="server/2003r2/en_win_srv_2003_r2_standard_x64_with_sp2_cd1_cd2.zip"
+ ;;
+ "winxpx86" )
+ size=617756672
+ sum="62b6c91563bad6cd12a352aa018627c314cfc5162d8e9f8af0756a642e602a46"
+ url="xp/professional/en_windows_xp_professional_with_service_pack_3_x86_cd_x14-80428.iso"
+ ;;
+ "winxpx64" )
+ size=614166528
+ sum="8fac68e1e56c64ad9a2aa0ad464560282e67fa4f4dd51d09a66f4e548eb0f2d6"
+ url="xp/professional/en_win_xp_pro_x64_vl.iso"
+ ;;
+ "win2kx86" )
+ size=331701982
+ sum="a93251b31f92316411bb48458a695d9051b13cdeba714c46f105012fdda45bf3"
+ url="2000/5.00.2195.6717_x86fre_client-professional_retail_en-us.7z"
+ ;;
+ esac
+
+ case "${ret,,}" in
+ "sum" ) echo "$sum" ;;
+ "size" ) echo "$size" ;;
+ *) [ -n "$url" ] && echo "$host/$url";;
+ esac
+
+ return 0
+}
+
+getLink2() {
+
+ local id="$1"
+ local lang="$2"
+ local ret="$3"
+ local url=""
+ local sum=""
+ local size=""
+ local host="https://files.dog/MSDN"
+
+ [[ "${lang,,}" != "en" && "${lang,,}" != "en-us" ]] && return 0
+
+ case "${id,,}" in
+ "win81x64" )
+ size=4320526336
+ sum="d8333cf427eb3318ff6ab755eb1dd9d433f0e2ae43745312c1cd23e83ca1ce51"
+ url="Windows%208.1%20with%20Update/en_windows_8.1_with_update_x64_dvd_6051480.iso"
+ ;;
+ "win81x64-enterprise" | "win81x64-enterprise-eval" )
+ size=4139163648
+ sum="c3c604c03677504e8905090a8ce5bb1dde76b6fd58e10f32e3a25bef21b2abe1"
+ url="Windows%208.1%20with%20Update/en_windows_8.1_enterprise_with_update_x64_dvd_6054382.iso"
+ ;;
+ "win2012r2" | "win2012r2-eval" )
+ size=5397889024
+ sum="f351e89eb88a96af4626ceb3450248b8573e3ed5924a4e19ea891e6003b62e4e"
+ url="Windows%20Server%202012%20R2%20with%20Update/en_windows_server_2012_r2_with_update_x64_dvd_6052708.iso"
+ ;;
+ "win2008r2" | "win2008r2-eval" )
+ size=3166584832
+ sum="dfd9890881b7e832a927c38310fb415b7ea62ac5a896671f2ce2a111998f0df8"
+ url="Windows%20Server%202008%20R2/en_windows_server_2008_r2_with_sp1_x64_dvd_617601.iso"
+ ;;
+ "win7x64" | "win7x64-ultimate" )
+ size=3320903680
+ sum="36f4fa2416d0982697ab106e3a72d2e120dbcdb6cc54fd3906d06120d0653808"
+ url="Windows%207/en_windows_7_ultimate_with_sp1_x64_dvd_u_677332.iso"
+ ;;
+ "win7x64-enterprise" | "win7x64-enterprise-eval" )
+ size=3182604288
+ sum="ee69f3e9b86ff973f632db8e01700c5724ef78420b175d25bae6ead90f6805a7"
+ url="Windows%207/en_windows_7_enterprise_with_sp1_x64_dvd_u_677651.iso"
+ ;;
+ "win7x86" | "win7x86-ultimate" )
+ size=2564476928
+ sum="e2c009a66d63a742941f5087acae1aa438dcbe87010bddd53884b1af6b22c940"
+ url="Windows%207/en_windows_7_ultimate_with_sp1_x86_dvd_u_677460.iso"
+ ;;
+ "win7x86-enterprise" | "win7x86-enterprise-eval" )
+ size=2434502656
+ sum="8bdd46ff8cb8b8de9c4aba02706629c8983c45e87da110e64e13be17c8434dad"
+ url="Windows%207/en_windows_7_enterprise_with_sp1_x86_dvd_u_677710.iso"
+ ;;
+ "winvistax64" | "winvistax64-ultimate" )
+ size=3861460992
+ sum="edf9f947c5791469fd7d2d40a5dcce663efa754f91847aa1d28ed7f585675b78"
+ url="Windows%20Vista/en_windows_vista_sp2_x64_dvd_342267.iso"
+ ;;
+ "winvistax64-enterprise" )
+ size=3205953536
+ sum="0a0cd511b3eac95c6f081419c9c65b12317b9d6a8d9707f89d646c910e788016"
+ url="Windows%20Vista/en_windows_vista_enterprise_sp2_x64_dvd_342332.iso"
+ ;;
+ "winvistax86" | "winvistax86-ultimate" )
+ size=3243413504
+ sum="9c36fed4255bd05a8506b2da88f9aad73643395e155e609398aacd2b5276289c"
+ url="Windows%20Vista/en_windows_vista_with_sp2_x86_dvd_342266.iso"
+ ;;
+ "winvistax86-enterprise" )
+ size=2420981760
+ sum="54e2720004041e7db988a391543ea5228b0affc28efcf9303d2d0ff9402067f5"
+ url="Windows%20Vista/en_windows_vista_enterprise_sp2_x86_dvd_342329.iso"
+ ;;
+ "win2003r2" )
+ size=652367872
+ sum="74245cba888f935b138b106c2744bec7f392925b472358960a0b5643cd6abb32"
+ url="Windows%20Server%202003%20R2/en_win_srv_2003_r2_standard_x64_with_sp2_cd1_x13-05757.iso"
+ ;;
+ "winxpx86" )
+ size=617756672
+ sum="62b6c91563bad6cd12a352aa018627c314cfc5162d8e9f8af0756a642e602a46"
+ url="Windows%20XP/en_windows_xp_professional_with_service_pack_3_x86_cd_x14-80428.iso"
+ ;;
+ "winxpx64" )
+ size=614166528
+ sum="8fac68e1e56c64ad9a2aa0ad464560282e67fa4f4dd51d09a66f4e548eb0f2d6"
+ url="Windows%20XP/en_win_xp_pro_x64_vl.iso"
+ ;;
+ esac
+
+ case "${ret,,}" in
+ "sum" ) echo "$sum" ;;
+ "size" ) echo "$size" ;;
+ *) [ -n "$url" ] && echo "$host/$url";;
+ esac
+
+ return 0
+}
+
+getLink3() {
+
+ local id="$1"
+ local lang="$2"
+ local ret="$3"
+ local url=""
+ local sum=""
+ local size=""
+ local host="https://nixsys.com/drivers"
+
+ [[ "${lang,,}" != "en" && "${lang,,}" != "en-us" ]] && return 0
+
+ case "${id,,}" in
+ "win7x64" | "win7x64-ultimate" )
+ size=3319478272
+ sum="3286963e1476082ba882a5058c205c264772bead9e99e15cd1cb255f04b72900"
+ url="WINDOWS764_EN_DVD.iso"
+ ;;
+ "win7x86" | "win7x86-ultimate" )
+ size=2564784128
+ sum="bd4c03c917d00a40222d92a6fab04981a7bd46140bda1888eb961a322e3c5d89"
+ url="WINDOWS732_EN_DVD.iso"
+ ;;
+ "winxpx86" )
+ size=618065920
+ sum="8177d0137dfe4e8296a85793f140806c9250a5992c8e0e50158c742767ad1182"
+ url="WinXPsp3.iso"
+ ;;
+ "win2kx86" )
+ size=387424256
+ sum="08b11c3897eb38d1e6566a17cec5cdf2b3c620444e160e3db200a7e223aabbd8"
+ url="Windows_2000_SP4.iso"
+ esac
+
+ case "${ret,,}" in
+ "sum" ) echo "$sum" ;;
+ "size" ) echo "$size" ;;
+ *) [ -n "$url" ] && echo "$host/$url";;
+ esac
+
+ return 0
+}
+
+getLink4() {
+
+ local id="$1"
+ local lang="$2"
+ local ret="$3"
+ local url=""
+ local sum=""
+ local size=""
+ local host="https://archive.org/download"
+
+ [[ "${lang,,}" != "en" && "${lang,,}" != "en-us" ]] && return 0
+
+ case "${id,,}" in
+ "nano11" )
+ size=2463565824
+ sum="a1e0614372768cbe2d24de74b78a4a97bc1017ea5080dfed1d2125e4a527eb1a"
+ url="nano11_25h2/nano11%2025h2.iso"
+ ;;
+ "core11" )
+ size=3176654848
+ sum="29c055fcfb7b089abd9e007e7abe4bb82c70a03aac9d65e56a38b87ab32d04d2"
+ url="tiny11_25H2/tiny11core_25H2_Oct25.iso"
+ ;;
+ "tiny11" )
+ size=5514559488
+ sum="92484f2b7f707e42383294402a9eabbadeaa5ede80ac633390ae7f3537e36275"
+ url="tiny11_25H2/tiny11_25H2_Oct25.iso"
+ ;;
+ "tiny10" )
+ size=3839819776
+ sum="a11116c0645d892d6a5a7c585ecc1fa13aa66f8c7cc6b03bf1f27bd16860cc35"
+ url="tiny-10-23-h2/tiny10%20x64%2023h2.iso"
+ ;;
+ "win11x64" )
+ size=7736125440
+ sum="d141f6030fed50f75e2b03e1eb2e53646c4b21e5386047cb860af5223f102a32"
+ url="W11x64_26200.6584/26200.6584.250915-1905.25h2_ge_release_svc_refresh_CLIENT_CONSUMER_x64FRE_en-us.iso"
+ ;;
+ "win11x64-enterprise" | "win11x64-enterprise-eval" )
+ size=6209064960
+ sum="c8dbc96b61d04c8b01faf6ce0794fdf33965c7b350eaa3eb1e6697019902945c"
+ url="Windows11Enterprise23H2x64/22631.2428.231001-0608.23H2_NI_RELEASE_SVC_REFRESH_CLIENTENTERPRISEEVAL_OEMRET_x64FRE_en-us.iso"
+ ;;
+ "win11x64-iot" | "win11x64-enterprise-iot" | "win11x64-enterprise-iot-eval" )
+ size=5144817664
+ sum="4f59662a96fc1da48c1b415d6c369d08af55ddd64e8f1c84e0166d9e50405d7a"
+ url="Windows11LTSC/X23-81951_26100.1742.240906-0331.ge_release_svc_refresh_CLIENT_ENTERPRISES_OEM_x64FRE_en-us.iso"
+ ;;
+ "win11x64-ltsc" | "win11x64-enterprise-ltsc" | "win11x64-enterprise-ltsc-eval" )
+ size=5144817664
+ sum="4f59662a96fc1da48c1b415d6c369d08af55ddd64e8f1c84e0166d9e50405d7a"
+ url="Windows11LTSC/X23-81951_26100.1742.240906-0331.ge_release_svc_refresh_CLIENT_ENTERPRISES_OEM_x64FRE_en-us.iso"
+ ;;
+ "win10x64" | "win10x64-enterprise" | "win10x64-enterprise-eval" )
+ size=6978310144
+ sum="7847abd6f39abd02dc8089c4177d354f9eb66fa0ee2fe8ae20e596e675d1ab67"
+ url="Windows-10-22H2-July-2024-64-bit-DVD-English/en-us_windows_10_business_editions_version_22h2_updated_july_2024_x64_dvd_c004521a.iso"
+ ;;
+ "win10x64-iot" | "win10x64-enterprise-iot" | "win10x64-enterprise-iot-eval" )
+ size=4851668992
+ sum="a0334f31ea7a3e6932b9ad7206608248f0bd40698bfb8fc65f14fc5e4976c160"
+ url="en-us_windows_10_iot_enterprise_ltsc_2021_x64_dvd_257ad90f_202411/en-us_windows_10_iot_enterprise_ltsc_2021_x64_dvd_257ad90f.iso"
+ ;;
+ "win10x64-ltsc" | "win10x64-enterprise-ltsc" | "win10x64-enterprise-ltsc-eval" )
+ size=4899461120
+ sum="c90a6df8997bf49e56b9673982f3e80745058723a707aef8f22998ae6479597d"
+ url="en-us_windows_10_enterprise_ltsc_2021_x64_dvd_d289cf96_202302/en-us_windows_10_enterprise_ltsc_2021_x64_dvd_d289cf96.iso"
+ ;;
+ "win81x64" )
+ size=4320526336
+ sum="d8333cf427eb3318ff6ab755eb1dd9d433f0e2ae43745312c1cd23e83ca1ce51"
+ url="en_windows_8.1_with_update_x64_dvd_6051480/en_windows_8.1_with_update_x64_dvd_6051480.iso"
+ ;;
+ "win81x64-enterprise" | "win81x64-enterprise-eval" )
+ size=4139163648
+ sum="c3c604c03677504e8905090a8ce5bb1dde76b6fd58e10f32e3a25bef21b2abe1"
+ url="en_windows_8.1_enterprise_with_update_x64_dvd/en_windows_8.1_enterprise_with_update_x64_dvd_6054382.iso"
+ ;;
+ "win2022" | "win2022-eval" )
+ size=5365624832
+ sum="c3c57bb2cf723973a7dcfb1a21e97dfa035753a7f111e348ad918bb64b3114db"
+ url="win-server-2022/2227-January_2024/en-us_windows_server_2022_updated_jan_2024_x64_dvd_2b7a0c9f.iso"
+ ;;
+ "win2019" | "win2019-eval" )
+ size=5575774208
+ sum="0067afe7fdc4e61f677bd8c35a209082aa917df9c117527fc4b2b52a447e89bb"
+ url="sw-dvd-9-win-server-std-core-2019-1809.18-64-bit-english-dc-std-mlf-x-22-74330/SW_DVD9_Win_Server_STD_CORE_2019_1809.18_64Bit_English_DC_STD_MLF_X22-74330.ISO"
+ ;;
+ "win2016" | "win2016-eval" )
+ size=6006587392
+ sum="af06e5483c786c023123e325cea4775050324d9e1366f46850b515ae43f764be"
+ url="en_windows_server_2016_updated_feb_2018_x64_dvd_11636692/en_windows_server_2016_updated_feb_2018_x64_dvd_11636692.iso"
+ ;;
+ "win2012r2" | "win2012r2-eval" )
+ size=5397889024
+ sum="f351e89eb88a96af4626ceb3450248b8573e3ed5924a4e19ea891e6003b62e4e"
+ url="en_windows_server_2012_r2_with_update_x64_dvd_6052708_202006/en_windows_server_2012_r2_with_update_x64_dvd_6052708.iso"
+ ;;
+ "win2008r2" | "win2008r2-eval" )
+ size=3166584832
+ sum="dfd9890881b7e832a927c38310fb415b7ea62ac5a896671f2ce2a111998f0df8"
+ url="en_windows_server_2008_r2_with_sp1_x64_dvd_617601_202006/en_windows_server_2008_r2_with_sp1_x64_dvd_617601.iso"
+ ;;
+ "win7x64" | "win7x64-ultimate" )
+ size=3320903680
+ sum="36f4fa2416d0982697ab106e3a72d2e120dbcdb6cc54fd3906d06120d0653808"
+ url="win7-ult-sp1-english/Win7_Ult_SP1_English_x64.iso"
+ ;;
+ "win7x64-enterprise" | "win7x64-enterprise-eval" )
+ size=3182604288
+ sum="ee69f3e9b86ff973f632db8e01700c5724ef78420b175d25bae6ead90f6805a7"
+ url="en_windows_7_enterprise_with_sp1_x64_dvd_u_677651_202006/en_windows_7_enterprise_with_sp1_x64_dvd_u_677651.iso"
+ ;;
+ "win7x86" | "win7x86-ultimate" )
+ size=2564476928
+ sum="e2c009a66d63a742941f5087acae1aa438dcbe87010bddd53884b1af6b22c940"
+ url="win7-ult-sp1-english/Win7_Ult_SP1_English_x32.iso"
+ ;;
+ "win7x86-enterprise" | "win7x86-enterprise-eval" )
+ size=2434502656
+ sum="8bdd46ff8cb8b8de9c4aba02706629c8983c45e87da110e64e13be17c8434dad"
+ url="en_windows_7_enterprise_with_sp1_x86_dvd_u_677710_202006/en_windows_7_enterprise_with_sp1_x86_dvd_u_677710.iso"
+ ;;
+ "winvistax64" | "winvistax64-ultimate" )
+ size=3861460992
+ sum="edf9f947c5791469fd7d2d40a5dcce663efa754f91847aa1d28ed7f585675b78"
+ url="en_windows_vista_sp2_x64_dvd_342267_202010/en_windows_vista_sp2_x64_dvd_342267.iso"
+ ;;
+ "winvistax64-enterprise" )
+ size=3205953536
+ sum="0a0cd511b3eac95c6f081419c9c65b12317b9d6a8d9707f89d646c910e788016"
+ url="en_windows_vista_enterprise_sp2_x64_dvd_342332_202007/en_windows_vista_enterprise_sp2_x64_dvd_342332.iso"
+ ;;
+ "winvistax86" | "winvistax86-ultimate" )
+ size=3243413504
+ sum="9c36fed4255bd05a8506b2da88f9aad73643395e155e609398aacd2b5276289c"
+ url="en_windows_vista_sp2_x86_dvd_342266/en_windows_vista_sp2_x86_dvd_342266.iso"
+ ;;
+ "winvistax86-enterprise" )
+ size=2420981760
+ sum="54e2720004041e7db988a391543ea5228b0affc28efcf9303d2d0ff9402067f5"
+ url="en_windows_vista_enterprise_sp2_x86_dvd_342329_202007/en_windows_vista_enterprise_sp2_x86_dvd_342329.iso"
+ ;;
+ "win2003r2" )
+ size=652367872
+ sum="74245cba888f935b138b106c2744bec7f392925b472358960a0b5643cd6abb32"
+ url="en_win_srv_2003_r2_standard_x64_with_sp2_cd1_x13-05757/en_win_srv_2003_r2_standard_x64_with_sp2_cd1_x13-05757.iso"
+ ;;
+ "winxpx86" )
+ size=617756672
+ sum="62b6c91563bad6cd12a352aa018627c314cfc5162d8e9f8af0756a642e602a46"
+ url="XPPRO_SP3_ENU/en_windows_xp_professional_with_service_pack_3_x86_cd_x14-80428.iso"
+ ;;
+ "winxpx64" )
+ size=614166528
+ sum="8fac68e1e56c64ad9a2aa0ad464560282e67fa4f4dd51d09a66f4e548eb0f2d6"
+ url="windows-xp-all-sp-msdn-iso-files-en-de-ru-tr-x86-x64/en_win_xp_sp1_pro_x64_vl.iso"
+ ;;
+ "win2kx86" )
+ size=386859008
+ sum="e3816f6e80b66ff686ead03eeafffe9daf020a5e4717b8bd4736b7c51733ba22"
+ url="MicrosoftWindows2000BuildCollection/5.00.2195.6717_x86fre_client-professional_retail_en-us-ZRMPFPP_EN.iso"
+ esac
+
+ case "${ret,,}" in
+ "sum" ) echo "$sum" ;;
+ "size" ) echo "$size" ;;
+ *) [ -n "$url" ] && echo "$host/$url";;
+ esac
+
+ return 0
+}
+
+getValue() {
+
+ local val=""
+ local id="$2"
+ local lang="$3"
+ local type="$4"
+ local func="getLink$1"
+
+ if [ "$1" -gt 0 ] && [ "$1" -le "$MIRRORS" ]; then
+ val=$($func "$id" "$lang" "$type")
+ fi
+
+ echo "$val"
+ return 0
+}
+
+getLink() {
+
+ local url
+ url=$(getValue "$1" "$2" "$3" "")
+
+ echo "$url"
+ return 0
+}
+
+getHash() {
+
+ local sum
+ sum=$(getValue "$1" "$2" "$3" "sum")
+
+ echo "$sum"
+ return 0
+}
+
+getSize() {
+
+ local size
+ size=$(getValue "$1" "$2" "$3" "size")
+
+ echo "$size"
+ return 0
+}
+
+isMido() {
+
+ local id="$1"
+ local lang="$2"
+ local sum
+
+ [[ "${MIDO:-}" == [Nn]* ]] && return 1
+
+ sum=$(getMido "$id" "en" "sum")
+ [ -n "$sum" ] && return 0
+
+ return 1
+}
+
+isESD() {
+
+ local id="$1"
+ local lang="$2"
+
+ [[ "${ESD:-}" == [Nn]* ]] && return 1
+
+ case "${id,,}" in
+ "win11${PLATFORM,,}" | "win10${PLATFORM,,}" )
+ return 0
+ ;;
+ "win11${PLATFORM,,}-enterprise" | "win11${PLATFORM,,}-enterprise-eval")
+ return 0
+ ;;
+ "win10${PLATFORM,,}-enterprise" | "win10${PLATFORM,,}-enterprise-eval" )
+ return 0
+ ;;
+ esac
+
+ return 1
+}
+
+validVersion() {
+
+ local id="$1"
+ local lang="$2"
+ local url
+
+ isESD "$id" "$lang" && return 0
+ isMido "$id" "$lang" && return 0
+
+ for ((i=1;i<=MIRRORS;i++)); do
+
+ url=$(getLink "$i" "$id" "$lang")
+ [ -n "$url" ] && return 0
+
+ done
+
+ return 1
+}
+
+addFolder() {
+
+ local src="$1"
+ local folder="/oem"
+
+ [ ! -d "$folder" ] && folder="/OEM"
+ [ ! -d "$folder" ] && folder="$STORAGE/oem"
+ [ ! -d "$folder" ] && folder="$STORAGE/OEM"
+ [ ! -d "$folder" ] && return 0
+
+ local msg="Adding OEM folder to image..."
+ info "$msg" && html "$msg"
+
+ local dest="$src/\$OEM\$/\$1/OEM"
+ mkdir -p "$dest" || return 1
+ cp -Lr "$folder/." "$dest" || return 1
+
+ local file
+ file=$(find "$dest" -maxdepth 1 -type f -iname install.bat -print -quit)
+ [ -f "$file" ] && unix2dos -q "$file"
+
+ return 0
+}
+
+prepareInstall() {
+
+ local pid=""
+ local file=""
+ local dir="$2"
+ local desc="$3"
+ local driver="$4"
+ local drivers="/tmp/drivers"
+
+ ETFS="[BOOT]/Boot-NoEmul.img"
+
+ if [ ! -f "$dir/$ETFS" ] || [ ! -s "$dir/$ETFS" ]; then
+ error "Failed to locate file \"$ETFS\" in $desc ISO image!" && return 1
+ fi
+
+ local arch target
+ [ -d "$dir/AMD64" ] && arch="amd64" || arch="x86"
+ [[ "${arch,,}" == "x86" ]] && target="$dir/I386" || target="$dir/AMD64"
+
+ if [ ! -d "$target" ]; then
+ error "Failed to locate directory \"$target\" in $desc ISO image!" && return 1
+ fi
+
+ if [[ "${driver,,}" == "xp" || "${driver,,}" == "2k3" ]]; then
+
+ local msg="Adding drivers to image..."
+ info "$msg" && html "$msg"
+
+ rm -rf "$drivers"
+ mkdir -p "$drivers"
+
+ if ! bsdtar -xf /var/drivers.txz -C "$drivers"; then
+ error "Failed to extract drivers!" && return 1
+ fi
+
+ if [ ! -f "$drivers/viostor/$driver/$arch/viostor.sys" ]; then
+ error "Failed to locate required storage drivers!" && return 1
+ fi
+
+ cp -L "$drivers/viostor/$driver/$arch/viostor.sys" "$target" || return 1
+
+ mkdir -p "$dir/\$OEM\$/\$1/Drivers/viostor" || return 1
+ cp -L "$drivers/viostor/$driver/$arch/viostor.cat" "$dir/\$OEM\$/\$1/Drivers/viostor" || return 1
+ cp -L "$drivers/viostor/$driver/$arch/viostor.inf" "$dir/\$OEM\$/\$1/Drivers/viostor" || return 1
+ cp -L "$drivers/viostor/$driver/$arch/viostor.sys" "$dir/\$OEM\$/\$1/Drivers/viostor" || return 1
+
+ if [ ! -f "$drivers/NetKVM/$driver/$arch/netkvm.sys" ]; then
+ error "Failed to locate required network drivers!" && return 1
+ fi
+
+ mkdir -p "$dir/\$OEM\$/\$1/Drivers/NetKVM" || return 1
+ cp -L "$drivers/NetKVM/$driver/$arch/netkvm.cat" "$dir/\$OEM\$/\$1/Drivers/NetKVM" || return 1
+ cp -L "$drivers/NetKVM/$driver/$arch/netkvm.inf" "$dir/\$OEM\$/\$1/Drivers/NetKVM" || return 1
+ cp -L "$drivers/NetKVM/$driver/$arch/netkvm.sys" "$dir/\$OEM\$/\$1/Drivers/NetKVM" || return 1
+
+ file=$(find "$target" -maxdepth 1 -type f -iname TXTSETUP.SIF -print -quit)
+
+ if [ -z "$file" ]; then
+ error "The file TXTSETUP.SIF could not be found!" && return 1
+ fi
+
+ sed -i '/^\[SCSI.Load\]/s/$/\nviostor=viostor.sys,4/' "$file"
+ sed -i '/^\[SourceDisksFiles.'"$arch"'\]/s/$/\nviostor.sys=1,,,,,,4_,4,1,,,1,4/' "$file"
+ sed -i '/^\[SCSI\]/s/$/\nviostor=\"Red Hat VirtIO SCSI Disk Device\"/' "$file"
+ sed -i '/^\[HardwareIdsDatabase\]/s/$/\nPCI\\VEN_1AF4\&DEV_1001\&SUBSYS_00000000=\"viostor\"/' "$file"
+ sed -i '/^\[HardwareIdsDatabase\]/s/$/\nPCI\\VEN_1AF4\&DEV_1001\&SUBSYS_00020000=\"viostor\"/' "$file"
+ sed -i '/^\[HardwareIdsDatabase\]/s/$/\nPCI\\VEN_1AF4\&DEV_1001\&SUBSYS_00021AF4=\"viostor\"/' "$file"
+ sed -i '/^\[HardwareIdsDatabase\]/s/$/\nPCI\\VEN_1AF4\&DEV_1001\&SUBSYS_00000000=\"viostor\"/' "$file"
+
+ if [ ! -d "$drivers/sata/xp/$arch" ]; then
+ error "Failed to locate required SATA drivers!" && return 1
+ fi
+
+ mkdir -p "$dir/\$OEM\$/\$1/Drivers/sata" || return 1
+ cp -Lr "$drivers/sata/xp/$arch/." "$dir/\$OEM\$/\$1/Drivers/sata" || return 1
+ cp -Lr "$drivers/sata/xp/$arch/." "$target" || return 1
+
+ sed -i '/^\[SCSI.Load\]/s/$/\niaStor=iaStor.sys,4/' "$file"
+ sed -i '/^\[FileFlags\]/s/$/\niaStor.sys = 16/' "$file"
+ sed -i '/^\[SourceDisksFiles.'"$arch"'\]/s/$/\niaStor.cat = 1,,,,,,,1,0,0/' "$file"
+ sed -i '/^\[SourceDisksFiles.'"$arch"'\]/s/$/\niaStor.inf = 1,,,,,,,1,0,0/' "$file"
+ sed -i '/^\[SourceDisksFiles.'"$arch"'\]/s/$/\niaStor.sys = 1,,,,,,4_,4,1,,,1,4/' "$file"
+ sed -i '/^\[SourceDisksFiles.'"$arch"'\]/s/$/\niaStor.sys = 1,,,,,,,1,0,0/' "$file"
+ sed -i '/^\[SourceDisksFiles.'"$arch"'\]/s/$/\niaahci.cat = 1,,,,,,,1,0,0/' "$file"
+ sed -i '/^\[SourceDisksFiles.'"$arch"'\]/s/$/\niaAHCI.inf = 1,,,,,,,1,0,0/' "$file"
+ sed -i '/^\[SCSI\]/s/$/\niaStor=\"Intel\(R\) SATA RAID\/AHCI Controller\"/' "$file"
+ sed -i '/^\[HardwareIdsDatabase\]/s/$/\nPCI\\VEN_8086\&DEV_2922\&CC_0106=\"iaStor\"/' "$file"
+
+ rm -rf "$drivers"
+
+ fi
+
+ local key setup
+ setup=$(find "$target" -maxdepth 1 -type f -iname setupp.ini -print -quit)
+
+ if [ -n "$setup" ] && [ -z "$KEY" ]; then
+
+ pid=$(<"$setup")
+ pid="${pid%$'\r'}"
+
+ if [[ "$driver" == "2k" ]]; then
+
+ echo "${pid:0:$((${#pid})) - 3}270" > "$setup"
+
+ else
+
+ if [[ "$pid" == *"270" ]]; then
+
+ warn "this version of $desc requires a volume license key (VLK), it will ask for one during installation."
+
+ else
+
+ file=$(find "$target" -maxdepth 1 -type f -iname PID.INF -print -quit)
+
+ if [ -n "$file" ]; then
+
+ if [[ "$driver" == "2k3" ]]; then
+
+ key=$(grep -i -A 2 "StagingKey" "$file" | tail -n 2 | head -n 1)
+
+ else
+
+ key="${pid:$((${#pid})) - 8:5}"
+ if [[ "${pid^^}" == *"OEM" ]]; then
+ key=$(grep -i -A 2 "$key" "$file" | tail -n 2 | head -n 1)
+ else
+ key=$(grep -i -m 1 -A 2 "$key" "$file" | tail -n 2 | head -n 1)
+ fi
+ key="${key#*= }"
+
+ fi
+
+ key="${key%$'\r'}"
+ [[ "${#key}" == "29" ]] && KEY="$key"
+
+ fi
+
+ if [ -z "$KEY" ]; then
+
+ # These are NOT pirated keys, they come from official MS documentation.
+
+ case "${driver,,}" in
+ "xp" )
+
+ if [[ "${arch,,}" == "x86" ]]; then
+ # Windows XP Professional x86 generic trial key (no activation)
+ KEY="DR8GV-C8V6J-BYXHG-7PYJR-DB66Y"
+ else
+ # Windows XP Professional x64 generic trial key (no activation)
+ KEY="B2RBK-7KPT9-4JP6X-QQFWM-PJD6G"
+ fi ;;
+
+ "2k3" )
+
+ if [[ "${arch,,}" == "x86" ]]; then
+ # Windows Server 2003 Standard x86 generic trial key (no activation)
+ KEY="QKDCQ-TP2JM-G4MDG-VR6F2-P9C48"
+ else
+ # Windows Server 2003 Standard x64 generic trial key (no activation)
+ KEY="P4WJG-WK3W7-3HM8W-RWHCK-8JTRY"
+ fi ;;
+
+ esac
+
+ echo "${pid:0:$((${#pid})) - 3}000" > "$setup"
+
+ fi
+
+ fi
+ fi
+
+ fi
+
+ [ -n "$KEY" ] && KEY="ProductID=$KEY"
+
+ mkdir -p "$dir/\$OEM\$"
+
+ if ! addFolder "$dir"; then
+ error "Failed to add OEM folder to image!" && return 1
+ fi
+
+ local oem=""
+ local install="$dir/\$OEM\$/\$1/OEM/install.bat"
+ [ -f "$install" ] && oem="\"Script\"=\"cmd /C start \\\"Install\\\" \\\"cmd /C C:\\\\OEM\\\\install.bat\\\"\""
+
+ [ -z "$WIDTH" ] && WIDTH="1280"
+ [ -z "$HEIGHT" ] && HEIGHT="720"
+
+ XHEX=$(printf '%x\n' "$WIDTH")
+ YHEX=$(printf '%x\n' "$HEIGHT")
+
+ local username=""
+ local password=""
+
+ [ -n "$USERNAME" ] && username=$(echo "$USERNAME" | sed 's/[^[:alnum:]@!._-]//g')
+ [ -z "$username" ] && username="Docker"
+
+ [ -n "$PASSWORD" ] && password=$(echo "$PASSWORD" | sed 's/"//g')
+ [ -z "$password" ] && password="admin"
+
+ find "$target" -maxdepth 1 -type f -iname winnt.sif -exec rm {} \;
+
+ { echo "[Data]"
+ echo " AutoPartition=1"
+ echo " MsDosInitiated=\"0\""
+ echo " UnattendedInstall=\"Yes\""
+ echo " AutomaticUpdates=\"Yes\""
+ echo ""
+ echo "[Unattended]"
+ echo " UnattendSwitch=Yes"
+ echo " UnattendMode=FullUnattended"
+ echo " FileSystem=NTFS"
+ echo " OemSkipEula=Yes"
+ echo " OemPreinstall=Yes"
+ echo " Repartition=Yes"
+ echo " WaitForReboot=\"No\""
+ echo " DriverSigningPolicy=\"Ignore\""
+ echo " NonDriverSigningPolicy=\"Ignore\""
+ echo " OemPnPDriversPath=\"Drivers\viostor;Drivers\NetKVM;Drivers\sata\""
+ echo " NoWaitAfterTextMode=1"
+ echo " NoWaitAfterGUIMode=1"
+ echo " FileSystem-ConvertNTFS"
+ echo " ExtendOemPartition=0"
+ echo " Hibernation=\"No\""
+ echo ""
+ echo "[GuiUnattended]"
+ echo " OEMSkipRegional=1"
+ echo " OemSkipWelcome=1"
+ echo " AdminPassword=$password"
+ echo " TimeZone=0"
+ echo " AutoLogon=Yes"
+ echo " AutoLogonCount=65432"
+ echo ""
+ echo "[UserData]"
+ echo " FullName=\"$username\""
+ echo " ComputerName=\"*\""
+ echo " OrgName=\"$APP for $ENGINE\""
+ echo " $KEY"
+ echo ""
+ echo "[Identification]"
+ echo " JoinWorkgroup = WORKGROUP"
+ echo ""
+ echo "[Display]"
+ echo " BitsPerPel=32"
+ echo " XResolution=$WIDTH"
+ echo " YResolution=$HEIGHT"
+ echo ""
+ echo "[Networking]"
+ echo " InstallDefaultComponents=Yes"
+ echo ""
+ echo "[Branding]"
+ echo " BrandIEUsingUnattended=Yes"
+ echo ""
+ echo "[URL]"
+ echo " Home_Page = http://www.google.com"
+ echo " Search_Page = http://www.google.com"
+ echo ""
+ echo "[TerminalServices]"
+ echo " AllowConnections=1"
+ echo ""
+ } | unix2dos > "$target/WINNT.SIF"
+
+ if [[ "$driver" == "2k3" ]]; then
+ { echo "[Components]"
+ echo " TerminalServer=On"
+ echo ""
+ echo "[LicenseFilePrintData]"
+ echo " AutoMode=PerServer"
+ echo " AutoUsers=5"
+ echo ""
+ } | unix2dos >> "$target/WINNT.SIF"
+ fi
+
+ { echo "Windows Registry Editor Version 5.00"
+ echo ""
+ echo "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security]"
+ echo "\"FirstRunDisabled\"=dword:00000001"
+ echo "\"UpdatesDisableNotify\"=dword:00000001"
+ echo "\"FirewallDisableNotify\"=dword:00000001"
+ echo "\"AntiVirusDisableNotify\"=dword:00000001"
+ echo ""
+ echo "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc]"
+ echo "\"Start\"=dword:00000004"
+ echo ""
+ echo "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]"
+ echo "\"3389:TCP\"=\"3389:TCP:*:Enabled:@xpsp2res.dll,-22009\""
+ echo ""
+ echo "[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Tour]"
+ echo "\"RunCount\"=dword:00000000"
+ echo ""
+ echo "[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]"
+ echo "\"HideFileExt\"=dword:00000000"
+ echo ""
+ echo "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]"
+ echo "\"NoWelcomeScreen\"=\"1\""
+ echo ""
+ echo "[HKEY_CURRENT_USER\Software\Microsoft\Internet Connection Wizard]"
+ echo "\"Completed\"=\"1\""
+ echo "\"Desktopchanged\"=\"1\""
+ echo ""
+ echo "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]"
+ echo "\"AutoAdminLogon\"=\"1\""
+ echo "\"DefaultUserName\"=\"$username\""
+ echo "\"DefaultPassword\"=\"$password\""
+ echo "\"DefaultDomainName\"=\"Dockur\""
+ echo ""
+ echo "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Video\{23A77BF7-ED96-40EC-AF06-9B1F4867732A}\0000]"
+ echo "\"DefaultSettings.BitsPerPel\"=dword:00000020"
+ echo "\"DefaultSettings.XResolution\"=dword:00000$XHEX"
+ echo "\"DefaultSettings.YResolution\"=dword:00000$YHEX"
+ echo ""
+ echo "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\System\CurrentControlSet\Control\VIDEO\{23A77BF7-ED96-40EC-AF06-9B1F4867732A}\0000]"
+ echo "\"DefaultSettings.BitsPerPel\"=dword:00000020"
+ echo "\"DefaultSettings.XResolution\"=dword:00000$XHEX"
+ echo "\"DefaultSettings.YResolution\"=dword:00000$YHEX"
+ echo ""
+ echo "[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]"
+ echo "\"ScreenSaver\"=\"reg add \\\"HKCU\\\\Control Panel\\\\Desktop\\\" /f /v \\\"SCRNSAVE.EXE\\\" /t REG_SZ /d \\\"off\\\"\""
+ echo "\"ScreenSaverOff\"=\"reg add \\\"HKCU\\\\Control Panel\\\\Desktop\\\" /f /v \\\"ScreenSaveActive\\\" /t REG_SZ /d \\\"0\\\"\""
+ echo "$oem"
+ echo ""
+ } | unix2dos > "$dir/\$OEM\$/install.reg"
+
+ if [[ "$driver" == "2k" ]]; then
+ { echo "[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Runonce]"
+ echo "\"^SetupICWDesktop\"=-"
+ echo ""
+ } | unix2dos >> "$dir/\$OEM\$/install.reg"
+ fi
+
+ if [[ "$driver" == "2k3" ]]; then
+ { echo "[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\srvWiz]"
+ echo "@=dword:00000000"
+ echo ""
+ echo "[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ServerOOBE\SecurityOOBE]"
+ echo "\"DontLaunchSecurityOOBE\"=dword:00000000"
+ echo ""
+ } | unix2dos >> "$dir/\$OEM\$/install.reg"
+ fi
+
+ { echo "Set WshShell = WScript.CreateObject(\"WScript.Shell\")"
+ echo "Set WshNetwork = WScript.CreateObject(\"WScript.Network\")"
+ echo "Set Domain = GetObject(\"WinNT://\" & WshNetwork.ComputerName)"
+ echo ""
+ echo "Function DecodeSID(binSID)"
+ echo " ReDim o(LenB(binSID))"
+ echo ""
+ echo " For i = 1 To LenB(binSID)"
+ echo " o(i-1) = AscB(MidB(binSID, i, 1))"
+ echo " Next"
+ echo ""
+ echo " sid = \"S-\" & CStr(o(0)) & \"-\" & OctetArrayToString _"
+ echo " (Array(o(2), o(3), o(4), o(5), o(6), o(7)))"
+ echo " For i = 8 To (4 * o(1) + 4) Step 4"
+ echo " sid = sid & \"-\" & OctetArrayToString _"
+ echo " (Array(o(i+3), o(i+2), o(i+1), o(i)))"
+ echo " Next"
+ echo ""
+ echo " DecodeSID = sid"
+ echo "End Function"
+ echo ""
+ echo "Function OctetArrayToString(arr)"
+ echo " v = 0"
+ echo " For i = 0 To UBound(arr)"
+ echo " v = v * 256 + arr(i)"
+ echo " Next"
+ echo ""
+ echo " OctetArrayToString = CStr(v)"
+ echo "End Function"
+ echo ""
+ echo "For Each DomainItem in Domain"
+ echo " If DomainItem.Class = \"User\" Then"
+ echo " sid = DecodeSID(DomainItem.Get(\"objectSID\"))"
+ echo " If Left(sid, 9) = \"S-1-5-21-\" And Right(sid, 4) = \"-500\" Then"
+ echo " LocalAdminADsPath = DomainItem.ADsPath"
+ echo " Exit For"
+ echo " End If"
+ echo " End If"
+ echo "Next"
+ echo ""
+ echo "Call Domain.MoveHere(LocalAdminADsPath, \"$username\")"
+ echo ""
+ echo "Set oLink = WshShell.CreateShortcut(WshShell.ExpandEnvironmentStrings(\"%userprofile%\\Desktop\\Shared.lnk\"))"
+ echo "With oLink"
+ echo " .TargetPath = \"\\\\host.lan\\Data\""
+ echo " .Save"
+ echo "End With"
+ echo "Set oLink = Nothing"
+ echo ""
+ } | unix2dos > "$dir/\$OEM\$/install.vbs"
+
+ { echo "[COMMANDS]"
+ echo "\"REGEDIT /s install.reg\""
+ echo "\"Wscript install.vbs\""
+ echo ""
+ } | unix2dos > "$dir/\$OEM\$/cmdlines.txt"
+
+ return 0
+}
+
+prepareLegacy() {
+
+ local iso="$1"
+ local dir="$2"
+ local desc="$3"
+
+ ETFS="boot.img"
+
+ [ -f "$dir/$ETFS" ] && [ -s "$dir/$ETFS" ] && return 0
+ rm -f "$dir/$ETFS"
+
+ local len offset
+ len=$(isoinfo -d -i "$iso" | grep "Nsect " | grep -o "[^ ]*$")
+ offset=$(isoinfo -d -i "$iso" | grep "Bootoff " | grep -o "[^ ]*$")
+
+ if ! dd "if=$iso" "of=$dir/$ETFS" bs=2048 "count=$len" "skip=$offset" status=none; then
+ error "Failed to extract boot image from $desc ISO!" && return 1
+ fi
+
+ [ -f "$dir/$ETFS" ] && [ -s "$dir/$ETFS" ] && return 0
+
+ error "Failed to locate file \"$ETFS\" in $desc ISO image!"
+ return 1
+}
+
+detectLegacy() {
+
+ local dir="$1"
+ local find
+
+ find=$(find "$dir" -maxdepth 1 -type d -iname WIN95 -print -quit)
+ [ -n "$find" ] && DETECTED="win95" && return 0
+
+ find=$(find "$dir" -maxdepth 1 -type d -iname WIN98 -print -quit)
+ [ -n "$find" ] && DETECTED="win98" && return 0
+
+ find=$(find "$dir" -maxdepth 1 -type d -iname WIN9X -print -quit)
+ [ -n "$find" ] && DETECTED="win9x" && return 0
+
+ find=$(find "$dir" -maxdepth 1 -type f -iname CDROM_W.40 -print -quit)
+ [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname CDROM_S.40 -print -quit)
+ [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname CDROM_TS.40 -print -quit)
+ [ -n "$find" ] && DETECTED="winnt4" && return 0
+
+ find=$(find "$dir" -maxdepth 1 -type f -iname CDROM_NT.5 -print -quit)
+
+ if [ -n "$find" ]; then
+
+ find=$(find "$dir" -maxdepth 1 -type f -iname CDROM_IA.5 -print -quit)
+ [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname CDROM_ID.5 -print -quit)
+ [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname CDROM_IP.5 -print -quit)
+ [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname CDROM_IS.5 -print -quit)
+ [ -n "$find" ] && DETECTED="win2k" && return 0
+
+ fi
+
+ find=$(find "$dir" -maxdepth 1 -iname WIN51 -print -quit)
+
+ if [ -n "$find" ]; then
+
+ find=$(find "$dir" -maxdepth 1 -type f -iname WIN51AP -print -quit)
+ [ -n "$find" ] && DETECTED="winxpx64" && return 0
+
+ find=$(find "$dir" -maxdepth 1 -type f -iname WIN51IC -print -quit)
+ [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51IP -print -quit)
+ [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname setupxp.htm -print -quit)
+ [ -n "$find" ] && DETECTED="winxpx86" && return 0
+
+ find=$(find "$dir" -maxdepth 1 -type f -iname WIN51IS -print -quit)
+ [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51IA -print -quit)
+ [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51IB -print -quit)
+ [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51ID -print -quit)
+ [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51IL -print -quit)
+ [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51IS -print -quit)
+ [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51AA -print -quit)
+ [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51AD -print -quit)
+ [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51AS -print -quit)
+ [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51MA -print -quit)
+ [ -z "$find" ] && find=$(find "$dir" -maxdepth 1 -type f -iname WIN51MD -print -quit)
+ [ -n "$find" ] && DETECTED="win2003r2" && return 0
+
+ fi
+
+ return 1
+}
+
+skipVersion() {
+
+ local id="$1"
+
+ case "${id,,}" in
+ "win9"* | "winxp"* | "win2k"* | "win2003"* )
+ return 0 ;;
+ esac
+
+ return 1
+}
+
+isCompatible() {
+ return 0
+}
+
+setMachine() {
+
+ local id="$1"
+ local iso="$2"
+ local dir="$3"
+ local desc="$4"
+
+ case "${id,,}" in
+ "win9"* )
+ ETFS="[BOOT]/Boot-1.44M.img" ;;
+ "win2k"* )
+ if ! prepareInstall "$iso" "$dir" "$desc" "2k"; then
+ error "Failed to prepare $desc ISO!" && return 1
+ fi ;;
+ "winxp"* )
+ if ! prepareInstall "$iso" "$dir" "$desc" "xp"; then
+ error "Failed to prepare $desc ISO!" && return 1
+ fi ;;
+ "win2003"* )
+ if ! prepareInstall "$iso" "$dir" "$desc" "2k3"; then
+ error "Failed to prepare $desc ISO!" && return 1
+ fi ;;
+ esac
+
+ case "${id,,}" in
+ "win9"* )
+ USB="no"
+ VGA="cirrus"
+ DISK_TYPE="auto"
+ ADAPTER="rtl8139"
+ MACHINE="pc-i440fx-2.4"
+ BOOT_MODE="windows_legacy" ;;
+ "win2k"* )
+ VGA="cirrus"
+ MACHINE="pc"
+ USB="pci-ohci"
+ DISK_TYPE="auto"
+ ADAPTER="rtl8139"
+ BOOT_MODE="windows_legacy" ;;
+ "winxp"* | "win2003"* )
+ DISK_TYPE="blk"
+ BOOT_MODE="windows_legacy" ;;
+ "winvista"* | "win7"* | "win2008"* )
+ BOOT_MODE="windows_legacy" ;;
+ esac
+
+ case "${id,,}" in
+ "winxp"* | "win2003"* | "winvistax86"* | "win7x86"* | "win2008r2x86"* )
+ # Prevent bluescreen if 64 bit PCI hole size is >2G.
+ ARGS="-global q35-pcihost.x-pci-hole64-fix=false" ;;
+ esac
+
+ return 0
+}
+
+return 0
diff --git a/src/entry.sh b/src/entry.sh
index 200c591..71e939e 100644
--- a/src/entry.sh
+++ b/src/entry.sh
@@ -1,14 +1,19 @@
#!/usr/bin/env bash
set -Eeuo pipefail
+: "${APP:="Windows"}"
+: "${PLATFORM:="x64"}"
: "${BOOT_MODE:="windows"}"
-
-APP="Windows"
-SUPPORT="https://github.com/dockur/windows"
+: "${SUPPORT:="https://github.com/dockur/windows"}"
cd /run
+. start.sh # Startup hook
+. utils.sh # Load functions
. reset.sh # Initialize system
+. server.sh # Start webserver
+. define.sh # Define versions
+. mido.sh # Download Windows
. install.sh # Run installation
. disk.sh # Initialize disks
. display.sh # Initialize graphics
@@ -17,21 +22,27 @@ cd /run
. boot.sh # Configure boot
. proc.sh # Initialize processor
. power.sh # Configure shutdown
+. memory.sh # Check available memory
. config.sh # Configure arguments
+. finish.sh # Finish initialization
trap - ERR
-info "Booting ${APP}${BOOT_DESC}..."
-[[ "$DEBUG" == [Yy1]* ]] && echo "Arguments: $ARGS" && echo
+version=$(qemu-system-x86_64 --version | head -n 1 | cut -d '(' -f 1 | awk '{ print $NF }')
+info "Booting ${APP}${BOOT_DESC} using QEMU v$version..."
{ qemu-system-x86_64 ${ARGS:+ $ARGS} >"$QEMU_OUT" 2>"$QEMU_LOG"; rc=$?; } || :
(( rc != 0 )) && error "$(<"$QEMU_LOG")" && exit 15
terminal
-tail -fn +0 "$QEMU_LOG" 2>/dev/null &
-( sleep 10; [ ! -f "$QEMU_END" ] && info "Windows started succesfully, visit http://localhost:8006/ to view the screen..." ) &
-cat "$QEMU_TERM" 2> /dev/null | tee "$QEMU_PTY" &
-wait $! || :
+( sleep 30; boot ) &
+tail -fn +0 "$QEMU_LOG" --pid=$$ 2>/dev/null &
+cat "$QEMU_TERM" 2> /dev/null | tee "$QEMU_PTY" | \
+sed -u -e 's/\x1B\[[=0-9;]*[a-z]//gi' \
+-e 's/\x1B\x63//g' -e 's/\x1B\[[=?]7l//g' \
+-e '/^$/d' -e 's/\x44\x53\x73//g' \
+-e 's/failed to load Boot/skipped Boot/g' \
+-e 's/0): Not Found/0)/g' & wait $! || :
sleep 1 & wait $!
-finish 0
+[ ! -f "$QEMU_END" ] && finish 0
diff --git a/src/install.sh b/src/install.sh
index 7ecbb86..7be2996 100644
--- a/src/install.sh
+++ b/src/install.sh
@@ -1,998 +1,815 @@
#!/usr/bin/env bash
set -Eeuo pipefail
-: "${MANUAL:=""}"
-: "${VERSION:=""}"
-: "${DETECTED:=""}"
-
-[ -z "$VERSION" ] && VERSION="win11x64"
-
-if [[ "${VERSION}" == \"*\" || "${VERSION}" == \'*\' ]]; then
- VERSION="${VERSION:1:-1}"
-fi
-
-[[ "${VERSION,,}" == "11" ]] && VERSION="win11x64"
-[[ "${VERSION,,}" == "win11" ]] && VERSION="win11x64"
-
-[[ "${VERSION,,}" == "10" ]] && VERSION="win10x64"
-[[ "${VERSION,,}" == "win10" ]] && VERSION="win10x64"
-
-[[ "${VERSION,,}" == "8" ]] && VERSION="win81x64"
-[[ "${VERSION,,}" == "81" ]] && VERSION="win81x64"
-[[ "${VERSION,,}" == "8.1" ]] && VERSION="win81x64"
-[[ "${VERSION,,}" == "win8" ]] && VERSION="win81x64"
-[[ "${VERSION,,}" == "win81" ]] && VERSION="win81x64"
-
-[[ "${VERSION,,}" == "7" ]] && VERSION="win7x64"
-[[ "${VERSION,,}" == "win7" ]] && VERSION="win7x64"
-
-[[ "${VERSION,,}" == "vista" ]] && VERSION="winvistax64"
-[[ "${VERSION,,}" == "winvista" ]] && VERSION="winvistax64"
-
-[[ "${VERSION,,}" == "xp" ]] && VERSION="winxpx86"
-[[ "${VERSION,,}" == "winxp" ]] && VERSION="winxpx86"
-
-[[ "${VERSION,,}" == "22" ]] && VERSION="win2022-eval"
-[[ "${VERSION,,}" == "2022" ]] && VERSION="win2022-eval"
-[[ "${VERSION,,}" == "win22" ]] && VERSION="win2022-eval"
-[[ "${VERSION,,}" == "win2022" ]] && VERSION="win2022-eval"
-
-[[ "${VERSION,,}" == "19" ]] && VERSION="win2019-eval"
-[[ "${VERSION,,}" == "2019" ]] && VERSION="win2019-eval"
-[[ "${VERSION,,}" == "win19" ]] && VERSION="win2019-eval"
-[[ "${VERSION,,}" == "win2019" ]] && VERSION="win2019-eval"
-
-[[ "${VERSION,,}" == "16" ]] && VERSION="win2016-eval"
-[[ "${VERSION,,}" == "2016" ]] && VERSION="win2016-eval"
-[[ "${VERSION,,}" == "win16" ]] && VERSION="win2016-eval"
-[[ "${VERSION,,}" == "win2016" ]] && VERSION="win2016-eval"
-
-[[ "${VERSION,,}" == "2012" ]] && VERSION="win2012r2-eval"
-[[ "${VERSION,,}" == "win2012" ]] && VERSION="win2012r2-eval"
-
-[[ "${VERSION,,}" == "2008" ]] && VERSION="win2008r2"
-[[ "${VERSION,,}" == "win2008" ]] && VERSION="win2008r2"
-
-[[ "${VERSION,,}" == "ltsc10" ]] && VERSION="win10x64-enterprise-ltsc-eval"
-[[ "${VERSION,,}" == "10ltsc" ]] && VERSION="win10x64-enterprise-ltsc-eval"
-[[ "${VERSION,,}" == "win10-ltsc" ]] && VERSION="win10x64-enterprise-ltsc-eval"
-[[ "${VERSION,,}" == "win10x64-ltsc" ]] && VERSION="win10x64-enterprise-ltsc-eval"
-
-if [[ "${VERSION,,}" == "win10x64-enterprise-ltsc-eval" ]]; then
- DETECTED="win10x64-ltsc"
-fi
-
-if [[ "${VERSION,,}" == "win7x64" ]]; then
- DETECTED="win7x64"
- VERSION="https://dl.bobpony.com/windows/7/en_windows_7_enterprise_with_sp1_x64_dvd_u_677651.iso"
-fi
-
-if [[ "${VERSION,,}" == "winvistax64" ]]; then
- DETECTED="winvistax64"
- VERSION="https://dl.bobpony.com/windows/vista/en_windows_vista_sp2_x64_dvd_342267.iso"
-fi
-
-if [[ "${VERSION,,}" == "winxpx86" ]]; then
- DETECTED="winxpx86"
- VERSION="https://dl.bobpony.com/windows/xp/professional/en_windows_xp_professional_with_service_pack_3_x86_cd_x14-80428.iso"
-fi
-
-if [[ "${VERSION,,}" == "core11" ]]; then
- DETECTED="win11x64"
- VERSION="https://archive.org/download/tiny-11-core-x-64-beta-1/tiny11%20core%20x64%20beta%201.iso"
-fi
-
-if [[ "${VERSION,,}" == "tiny11" ]]; then
- DETECTED="win11x64"
- VERSION="https://archive.org/download/tiny11-2311/tiny11%202311%20x64.iso"
-fi
-
-if [[ "${VERSION,,}" == "tiny10" ]]; then
- DETECTED="win10x64-ltsc"
- VERSION="https://archive.org/download/tiny-10-23-h2/tiny10%20x64%2023h2.iso"
-fi
-
-CUSTOM=$(find "$STORAGE" -maxdepth 1 -type f -iname windows.iso -printf "%f\n" | head -n 1)
-[ -z "$CUSTOM" ] && CUSTOM=$(find "$STORAGE" -maxdepth 1 -type f -iname custom.iso -printf "%f\n" | head -n 1)
-[ -z "$CUSTOM" ] && CUSTOM=$(find "$STORAGE" -maxdepth 1 -type f -iname boot.iso -printf "%f\n" | head -n 1)
-[ -z "$CUSTOM" ] && CUSTOM=$(find "$STORAGE" -maxdepth 1 -type f -iname custom.img -printf "%f\n" | head -n 1)
-
-if [ -z "$CUSTOM" ] && [[ "${VERSION,,}" != "http"* ]]; then
- FN="${VERSION/\/storage\//}"
- [[ "$FN" == "."* ]] && FN="${FN:1}"
- CUSTOM=$(find "$STORAGE" -maxdepth 1 -type f -iname "$FN" -printf "%f\n" | head -n 1)
-fi
-
-ESD_URL=""
-MACHINE="q35"
-PLATFORM="x64"
-TMP="$STORAGE/tmp"
-DIR="$TMP/unpack"
-FB="falling back to manual installation!"
ETFS="boot/etfsboot.com"
+FB="falling back to manual installation!"
EFISYS="efi/microsoft/boot/efisys_noprompt.bin"
-printVersion() {
+backup () {
- local id="$1"
- local desc="$2"
+ local count=1
+ local iso="$1"
+ local name="unknown"
+ local root="$STORAGE/backups"
+ local previous="$STORAGE/windows.base"
- [[ "$id" == "win7"* ]] && desc="Windows 7"
- [[ "$id" == "win8"* ]] && desc="Windows 8"
- [[ "$id" == "win10"* ]] && desc="Windows 10"
- [[ "$id" == "win11"* ]] && desc="Windows 11"
- [[ "$id" == "winxp"* ]] && desc="Windows XP"
- [[ "$id" == "winvista"* ]] && desc="Windows Vista"
- [[ "$id" == "win2025"* ]] && desc="Windows Server 2025"
- [[ "$id" == "win2022"* ]] && desc="Windows Server 2022"
- [[ "$id" == "win2019"* ]] && desc="Windows Server 2019"
- [[ "$id" == "win2016"* ]] && desc="Windows Server 2016"
- [[ "$id" == "win2012"* ]] && desc="Windows Server 2012"
- [[ "$id" == "win2008"* ]] && desc="Windows Server 2008"
- [[ "$id" == "win10x64-iot" ]] && desc="Windows 10 IoT"
- [[ "$id" == "win11x64-iot" ]] && desc="Windows 11 IoT"
- [[ "$id" == "win10x64-ltsc" ]] && desc="Windows 10 LTSC"
- [[ "$id" == "win11x64-ltsc" ]] && desc="Windows 11 LTSC"
- [[ "$id" == "win81x64-enterprise-eval" ]] && desc="Windows 8 Enterprise"
- [[ "$id" == "win10x64-enterprise-eval" ]] && desc="Windows 10 Enterprise"
- [[ "$id" == "win11x64-enterprise-eval" ]] && desc="Windows 11 Enterprise"
+ if [ -f "$previous" ]; then
- [ -z "$desc" ] && desc="Windows"
+ previous=$(<"$previous")
+ previous="${previous//[![:print:]]/}"
+
+ [ -n "$previous" ] && name="${previous%.*}"
+
+ fi
+
+ if ! makeDir "$root"; then
+ error "Failed to create directory \"$root\" !"
+ return 1
+ fi
+
+ local folder="$name"
+ local dir="$root/$folder"
+
+ while [ -d "$dir" ]
+ do
+ count=$((count+1))
+ folder="${name}.${count}"
+ dir="$root/$folder"
+ done
+
+ rm -rf "$dir"
+
+ if ! makeDir "$dir"; then
+ error "Failed to create directory \"$dir\" !"
+ return 1
+ fi
+
+ [ -f "$iso" ] && mv -f "$iso" "$dir/"
+ find "$STORAGE" -maxdepth 1 -type f -iname 'data.*' -not -iname '*.iso' -exec mv -n {} "$dir/" \;
+ find "$STORAGE" -maxdepth 1 -type f -iname 'windows.*' -not -iname '*.iso' -exec mv -n {} "$dir/" \;
+ find "$STORAGE" -maxdepth 1 -type f \( -iname '*.rom' -or -iname '*.vars' \) -exec mv -n {} "$dir/" \;
+
+ [ -z "$(ls -A "$dir")" ] && rm -rf "$dir"
+ [ -z "$(ls -A "$root")" ] && rm -rf "$root"
- echo "$desc"
return 0
}
-getName() {
-
- local file="$1"
- local desc="$2"
-
- [[ "${file,,}" == "win11"* ]] && desc="Windows 11"
- [[ "${file,,}" == "win10"* ]] && desc="Windows 10"
- [[ "${file,,}" == "win8"* ]] && desc="Windows 8"
- [[ "${file,,}" == "win7"* ]] && desc="Windows 7"
- [[ "${file,,}" == "winxp"* ]] && desc="Windows XP"
- [[ "${file,,}" == "winvista"* ]] && desc="Windows Vista"
- [[ "${file,,}" == "tiny10"* ]] && desc="Tiny 10"
- [[ "${file,,}" == "tiny11"* ]] && desc="Tiny 11"
- [[ "${file,,}" == "tiny11_core"* ]] && desc="Tiny 11 Core"
- [[ "${file,,}" == *"windows11"* ]] && desc="Windows 11"
- [[ "${file,,}" == *"windows10"* ]] && desc="Windows 10"
- [[ "${file,,}" == *"windows8"* ]] && desc="Windows 8"
- [[ "${file,,}" == *"windows7"* ]] && desc="Windows 7"
- [[ "${file,,}" == *"windowsxp"* ]] && desc="Windows XP"
- [[ "${file,,}" == *"windowsvista"* ]] && desc="Windows Vista"
- [[ "${file,,}" == *"windows_11"* ]] && desc="Windows 11"
- [[ "${file,,}" == *"windows_10"* ]] && desc="Windows 10"
- [[ "${file,,}" == *"windows_8"* ]] && desc="Windows 8"
- [[ "${file,,}" == *"windows_7"* ]] && desc="Windows 7"
- [[ "${file,,}" == *"windows_xp"* ]] && desc="Windows XP"
- [[ "${file,,}" == *"windows_vista"* ]] && desc="Windows Vista"
- [[ "${file,,}" == *"server2008"* ]] && desc="Windows Server 2008"
- [[ "${file,,}" == *"server2012"* ]] && desc="Windows Server 2012"
- [[ "${file,,}" == *"server2016"* ]] && desc="Windows Server 2016"
- [[ "${file,,}" == *"server2019"* ]] && desc="Windows Server 2019"
- [[ "${file,,}" == *"server2022"* ]] && desc="Windows Server 2022"
- [[ "${file,,}" == *"server2025"* ]] && desc="Windows Server 2025"
- [[ "${file,,}" == *"server_2008"* ]] && desc="Windows Server 2008"
- [[ "${file,,}" == *"server_2012"* ]] && desc="Windows Server 2012"
- [[ "${file,,}" == *"server_2016"* ]] && desc="Windows Server 2016"
- [[ "${file,,}" == *"server_2019"* ]] && desc="Windows Server 2019"
- [[ "${file,,}" == *"server_2022"* ]] && desc="Windows Server 2022"
- [[ "${file,,}" == *"server_2025"* ]] && desc="Windows Server 2025"
-
- [ -z "$desc" ] && desc="Windows"
-
- echo "$desc"
- return 0
-}
-
-getVersion() {
-
- local name="$1"
- local detected=""
-
- [[ "${name,,}" == *"windows 7"* ]] && detected="win7x64"
- [[ "${name,,}" == *"windows vista"* ]] && detected="winvistax64"
-
- [[ "${name,,}" == *"server 2008"* ]] && detected="win2008r2"
- [[ "${name,,}" == *"server 2025"* ]] && detected="win2025-eval"
- [[ "${name,,}" == *"server 2022"* ]] && detected="win2022-eval"
- [[ "${name,,}" == *"server 2019"* ]] && detected="win2019-eval"
- [[ "${name,,}" == *"server 2016"* ]] && detected="win2016-eval"
- [[ "${name,,}" == *"server 2012"* ]] && detected="win2012r2-eval"
-
- if [[ "${name,,}" == *"windows 8"* ]]; then
- if [[ "${name,,}" == *"enterprise evaluation"* ]]; then
- detected="win81x64-enterprise-eval"
- else
- detected="win81x64"
- fi
- fi
-
- if [[ "${name,,}" == *"windows 11"* ]]; then
- if [[ "${name,,}" == *"enterprise evaluation"* ]]; then
- detected="win11x64-enterprise-eval"
- else
- detected="win11x64"
- fi
- fi
-
- if [[ "${name,,}" == *"windows 10"* ]]; then
- if [[ "${name,,}" == *" iot "* ]]; then
- detected="win10x64-iot"
- else
- if [[ "${name,,}" == *"ltsc"* ]]; then
- detected="win10x64-ltsc"
- else
- if [[ "${name,,}" == *"enterprise evaluation"* ]]; then
- detected="win10x64-enterprise-eval"
- else
- detected="win10x64"
- fi
- fi
- fi
- fi
-
- echo "$detected"
- return 0
-}
-
-hasDisk() {
-
- [ -b "${DEVICE:-}" ] && return 0
-
- if [ -s "$STORAGE/data.img" ] || [ -s "$STORAGE/data.qcow2" ]; then
- return 0
- fi
-
- return 1
-}
-
skipInstall() {
- if hasDisk && [ -f "$STORAGE/windows.boot" ]; then
- return 0
+ local iso="$1"
+ local method=""
+ local magic byte
+ local boot="$STORAGE/windows.boot"
+ local previous="$STORAGE/windows.base"
+
+ if [ -f "$previous" ]; then
+
+ previous=$(<"$previous")
+ previous="${previous//[![:print:]]/}"
+
+ if [ -n "$previous" ]; then
+ if [[ "${STORAGE,,}/${previous,,}" != "${iso,,}" ]]; then
+
+ if ! hasDisk; then
+
+ rm -f "$STORAGE/$previous"
+ return 1
+
+ fi
+
+ if [[ "${iso,,}" == "${STORAGE,,}/windows."* ]]; then
+ method="your custom .iso file was changed"
+ else
+ if [[ "${previous,,}" != "windows."* ]]; then
+ method="the VERSION variable was changed"
+ else
+ method="your custom .iso file was removed"
+
+ if [ -f "$boot" ]; then
+ info "Detected that $method, will be ignored."
+ return 0
+ fi
+
+ fi
+ fi
+
+ info "Detected that $method, a backup of your previous installation will be saved..."
+ ! backup "$STORAGE/$previous" && error "Backup failed!"
+
+ return 1
+
+ fi
+ fi
+
fi
- return 1
+ [ -f "$boot" ] && hasDisk && return 0
+
+ [ ! -f "$iso" ] && return 1
+ [ ! -s "$iso" ] && return 1
+
+ # Check if the ISO was already processed by our script
+ magic=$(dd if="$iso" seek=0 bs=1 count=1 status=none | tr -d '\000')
+ magic="$(printf '%s' "$magic" | od -A n -t x1 -v | tr -d ' \n')"
+ byte="16" && [[ "$MANUAL" == [Yy1]* ]] && byte="17"
+
+ if [[ "$magic" != "$byte" ]]; then
+
+ info "The ISO will be processed again because the configuration was changed..."
+ return 1
+
+ fi
+
+ return 0
+}
+
+startInstall() {
+
+ html "Starting $APP..."
+
+ if [ -z "$CUSTOM" ]; then
+
+ local file="${VERSION//\//}.iso"
+
+ if [[ "${VERSION,,}" == "http"* ]]; then
+
+ file=$(basename "${VERSION%%\?*}")
+ printf -v file '%b' "${file//%/\\x}"
+ file="${file//[!A-Za-z0-9._-]/_}"
+
+ else
+
+ local language
+ language=$(getLanguage "$LANGUAGE" "culture")
+ language="${language%%-*}"
+
+ if [ -n "$language" ] && [[ "${language,,}" != "en" ]]; then
+ file="${VERSION//\//}_${language,,}.iso"
+ fi
+
+ fi
+
+ BOOT="$STORAGE/$file"
+
+ fi
+
+ TMP="$STORAGE/tmp"
+ rm -rf "$TMP"
+
+ skipInstall "$BOOT" && return 1
+
+ if hasDisk; then
+ ! backup "" && error "Backup failed!"
+ fi
+
+ if ! makeDir "$TMP"; then
+ error "Failed to create directory \"$TMP\" !"
+ fi
+
+ if [ -z "$CUSTOM" ]; then
+
+ ISO=$(basename "$BOOT")
+ ISO="$TMP/$ISO"
+
+ if [ -f "$BOOT" ] && [ -s "$BOOT" ]; then
+ mv -f "$BOOT" "$ISO"
+ fi
+
+ fi
+
+ rm -f "$BOOT"
+
+ find "$STORAGE" -maxdepth 1 -type f -iname 'data.*' -not -iname '*.iso' -delete
+ find "$STORAGE" -maxdepth 1 -type f -iname 'windows.*' -not -iname '*.iso' -delete
+ find "$STORAGE" -maxdepth 1 -type f \( -iname '*.rom' -or -iname '*.vars' \) -delete
+
+ return 0
+}
+
+writeFile() {
+
+ local txt="$1"
+ local path="$2"
+
+ echo "$txt" >"$path"
+
+ if ! setOwner "$path"; then
+ error "Failed to set the owner for \"$path\" !"
+ fi
+
+ return 0
}
finishInstall() {
local iso="$1"
local aborted="$2"
+ local base byte
if [ ! -s "$iso" ] || [ ! -f "$iso" ]; then
- error "Failed to find ISO: $iso" && return 1
+ error "Failed to find ISO file: $iso" && return 1
fi
- if [ -w "$iso" ] && [[ "$aborted" != [Yy1]* ]]; then
+ if [[ "$iso" == "$STORAGE/"* ]]; then
+ ! setOwner "$iso" && error "Failed to set the owner for \"$iso\" !"
+ fi
+
+ if [[ "$aborted" != [Yy1]* ]]; then
# Mark ISO as prepared via magic byte
- if ! printf '\x16' | dd of="$iso" bs=1 seek=0 count=1 conv=notrunc status=none; then
- error "Failed to set magic byte!" && return 1
+ byte="16" && [[ "$MANUAL" == [Yy1]* ]] && byte="17"
+ if ! printf '%b' "\x$byte" | dd of="$iso" bs=1 seek=0 count=1 conv=notrunc status=none; then
+ warn "failed to set magic byte in ISO file: $iso"
fi
fi
- rm -f "$STORAGE/windows.boot"
- cp /run/version "$STORAGE/windows.ver"
+ local file="$STORAGE/windows.ver"
+ cp -f /run/version "$file"
+ ! setOwner "$file" && error "Failed to set the owner for \"$file\" !"
- if [[ "${BOOT_MODE,,}" == "windows_legacy" ]]; then
- echo "$MACHINE" > "$STORAGE/windows.old"
- else
- rm -f "$STORAGE/windows.old"
+ if [[ "$iso" == "$STORAGE/"* ]]; then
+ if [[ "$aborted" != [Yy1]* ]] || [ -z "$CUSTOM" ]; then
+ base=$(basename "$iso")
+ file="$STORAGE/windows.base"
+ writeFile "$base" "$file"
+ fi
fi
- # Enable secure boot + TPM on manual installs as Win11 requires
- if [[ "$MANUAL" == [Yy1]* ]] || [[ "$aborted" == [Yy1]* ]]; then
- if [[ "${DETECTED,,}" == "win11"* ]]; then
- BOOT_MODE="windows_secure"
- echo "$BOOT_MODE" > "$STORAGE/windows.mode"
+ if [[ "${PLATFORM,,}" == "x64" ]]; then
+ if [[ "${BOOT_MODE,,}" == "windows_legacy" ]]; then
+ file="$STORAGE/windows.mode"
+ writeFile "$BOOT_MODE" "$file"
+ if [[ "${MACHINE,,}" != "q35" ]]; then
+ file="$STORAGE/windows.old"
+ writeFile "$MACHINE" "$file"
+ fi
+ else
+ # Enable secure boot + TPM on manual installs as Win11 requires
+ if [[ "$MANUAL" == [Yy1]* || "$aborted" == [Yy1]* ]]; then
+ if [[ "${DETECTED,,}" == "win11"* ]]; then
+ BOOT_MODE="windows_secure"
+ file="$STORAGE/windows.mode"
+ writeFile "$BOOT_MODE" "$file"
+ fi
+ fi
+ # Enable secure boot on multi-socket systems to workaround freeze
+ if [ -n "$SOCKETS" ] && [[ "$SOCKETS" != "1" ]]; then
+ BOOT_MODE="windows_secure"
+ file="$STORAGE/windows.mode"
+ writeFile "$BOOT_MODE" "$file"
+ fi
fi
fi
+ if [ -n "${ARGS:-}" ]; then
+ ARGUMENTS="$ARGS ${ARGUMENTS:-}"
+ file="$STORAGE/windows.args"
+ writeFile "$ARGS" "$file"
+ fi
+
+ if [ -n "${VGA:-}" ] && [[ "${VGA:-}" != "virtio"* ]]; then
+ file="$STORAGE/windows.vga"
+ writeFile "$VGA" "$file"
+ fi
+
+ if [ -n "${USB:-}" ] && [[ "${USB:-}" != "qemu-xhci"* ]]; then
+ file="$STORAGE/windows.usb"
+ writeFile "$USB" "$file"
+ fi
+
+ if [ -n "${DISK_TYPE:-}" ] && [[ "${DISK_TYPE:-}" != "scsi" ]]; then
+ file="$STORAGE/windows.type"
+ writeFile "$DISK_TYPE" "$file"
+ fi
+
+ if [ -n "${ADAPTER:-}" ] && [[ "${ADAPTER:-}" != "virtio-net-pci" ]]; then
+ file="$STORAGE/windows.net"
+ writeFile "$ADAPTER" "$file"
+ fi
+
rm -rf "$TMP"
return 0
}
abortInstall() {
- local iso="$1"
-
- if [[ "$iso" != "$STORAGE/$BASE" ]]; then
- if ! mv -f "$iso" "$STORAGE/$BASE"; then
- error "Failed to move ISO: $iso" && return 1
- fi
- fi
-
- finishInstall "$STORAGE/$BASE" "Y" && return 0
-
- return 1
-}
-
-startInstall() {
-
- html "Starting Windows..."
-
- [ -z "$MANUAL" ] && MANUAL="N"
-
- if [ -f "$STORAGE/$CUSTOM" ]; then
-
- EXTERNAL="Y"
- BASE="$CUSTOM"
-
- else
-
- CUSTOM=""
-
- if [[ "${VERSION,,}" == "http"* ]]; then
- EXTERNAL="Y"
- else
- EXTERNAL="N"
- fi
-
- if [[ "$EXTERNAL" != [Yy1]* ]]; then
-
- BASE="$VERSION.iso"
-
- else
-
- BASE=$(basename "${VERSION%%\?*}")
- : "${BASE//+/ }"; printf -v BASE '%b' "${_//%/\\x}"
- BASE=$(echo "$BASE" | sed -e 's/[^A-Za-z0-9._-]/_/g')
-
- fi
- fi
-
- if skipInstall; then
- [ ! -f "$STORAGE/$BASE" ] && BASE=""
- return 1
- fi
-
- if [ -f "$STORAGE/$BASE" ]; then
-
- # Check if the ISO was already processed by our script
- local magic=""
- magic=$(dd if="$STORAGE/$BASE" seek=0 bs=1 count=1 status=none | tr -d '\000')
- magic="$(printf '%s' "$magic" | od -A n -t x1 -v | tr -d ' \n')"
-
- if [[ "$magic" == "16" ]]; then
-
- if hasDisk || [[ "$MANUAL" == [Yy1]* ]]; then
- return 1
- fi
-
- fi
-
- EXTERNAL="Y"
- CUSTOM="$BASE"
-
- fi
-
- rm -rf "$TMP"
- mkdir -p "$TMP"
-
- if [ ! -f "$STORAGE/$CUSTOM" ]; then
- CUSTOM=""
- ISO="$TMP/$BASE"
- else
- ISO="$STORAGE/$CUSTOM"
- fi
-
- return 0
-}
-
-getESD() {
-
local dir="$1"
- local winCatalog size
+ local iso="$2"
+ local efi
- case "${VERSION,,}" in
- "win11${PLATFORM,,}")
- winCatalog="https://go.microsoft.com/fwlink?linkid=2156292"
- ;;
- "win10${PLATFORM,,}")
- winCatalog="https://go.microsoft.com/fwlink/?LinkId=841361"
- ;;
- *)
- error "Invalid ESD version specified: $VERSION" && return 1
- ;;
- esac
+ [[ "${iso,,}" == *".esd" ]] && exit 60
+ [[ "${UNPACK:-}" == [Yy1]* ]] && exit 60
- local msg="Downloading product information from Microsoft..."
- info "$msg" && html "$msg"
+ efi=$(find "$dir" -maxdepth 1 -type d -iname efi -print -quit)
- rm -rf "$dir"
- mkdir -p "$dir"
-
- local wFile="catalog.cab"
-
- { wget "$winCatalog" -O "$dir/$wFile" -q --no-check-certificate; rc=$?; } || :
- (( rc != 0 )) && error "Failed to download $winCatalog , reason: $rc" && return 1
-
- cd "$dir"
-
- if ! cabextract "$wFile" > /dev/null; then
- cd /run
- error "Failed to extract CAB file!" && return 1
+ if [ -z "$efi" ]; then
+ [[ "${PLATFORM,,}" == "x64" ]] && BOOT_MODE="windows_legacy"
fi
- cd /run
-
- if [ ! -s "$dir/products.xml" ]; then
- error "Failed to find products.xml!" && return 1
+ if [ -n "$CUSTOM" ]; then
+ BOOT="$iso"
+ REMOVE="N"
+ else
+ if [[ "$iso" != "$BOOT" ]]; then
+ if ! mv -f "$iso" "$BOOT"; then
+ error "Failed to move ISO file: $iso" && return 1
+ fi
+ fi
fi
- local esdLang="en-us"
- local editionName="Professional"
- local edQuery='//File[Architecture="'${PLATFORM}'"][Edition="'${editionName}'"]'
+ finishInstall "$BOOT" "Y" && return 0
+ return 1
+}
- echo -e '<Catalog>' > "${dir}/products_filter.xml"
- xmllint --nonet --xpath "${edQuery}" "${dir}/products.xml" >> "${dir}/products_filter.xml" 2>/dev/null
- echo -e '</Catalog>'>> "${dir}/products_filter.xml"
- xmllint --nonet --xpath '//File[LanguageCode="'${esdLang}'"]' "${dir}/products_filter.xml" >"${dir}/esd_edition.xml"
+findFile() {
- size=$(stat -c%s "${dir}/esd_edition.xml")
- if ((size<20)); then
- error "Failed to find Windows product!" && return 1
+ local dir file base
+ local fname="$1"
+ local boot="$STORAGE/windows.boot"
+
+ dir=$(find / -maxdepth 1 -type d -iname "$fname" -print -quit)
+ [ ! -d "$dir" ] && dir=$(find "$STORAGE" -maxdepth 1 -type d -iname "$fname" -print -quit)
+
+ if [ -d "$dir" ]; then
+ if ! hasDisk || [ ! -f "$boot" ]; then
+ error "The bind $dir maps to a file that does not exist!" && return 1
+ fi
fi
- ESD_URL=$(xmllint --nonet --xpath '//FilePath' "${dir}/esd_edition.xml" | sed -E -e 's/<[\/]?FilePath>//g')
+ file=$(find / -maxdepth 1 -type f -iname "$fname" -print -quit)
+ [ ! -s "$file" ] && file=$(find "$STORAGE" -maxdepth 1 -type f -iname "$fname" -print -quit)
- if [ -z "$ESD_URL" ]; then
- error "Failed to find ESD URL!" && return 1
+ if [ ! -s "$file" ] && [[ "${VERSION,,}" != "http"* ]]; then
+ base=$(basename "$VERSION")
+ file="$STORAGE/$base"
fi
- rm -rf "$dir"
+ if [ ! -f "$file" ] || [ ! -s "$file" ]; then
+ return 0
+ fi
+
+ local size
+ size="$(stat -c%s "$file")"
+ [ -z "$size" ] || [[ "$size" == "0" ]] && return 0
+
+ ISO="$file"
+ CUSTOM="$file"
+ BOOT="$STORAGE/windows.$size.iso"
+
return 0
}
-doMido() {
+detectCustom() {
- local iso="$1"
- local url="$2"
- local desc="$3"
- local rc
+ CUSTOM=""
- rm -f "$iso"
- rm -f "$iso.PART"
+ ! findFile "custom.iso" && return 1
+ [ -n "$CUSTOM" ] && return 0
- local msg="Downloading $desc..."
- info "$msg" && html "$msg"
- /run/progress.sh "$iso.PART" "Downloading $desc ([P])..." &
+ ! findFile "boot.iso" && return 1
+ [ -n "$CUSTOM" ] && return 0
- cd "$TMP"
- { /run/mido.sh "$url"; rc=$?; } || :
- cd /run
-
- fKill "progress.sh"
-
- if (( rc == 0 )) && [ -f "$iso" ]; then
- if [ "$(stat -c%s "$iso")" -gt 100000000 ]; then
- html "Download finished successfully..." && return 0
- fi
- fi
-
- rm -f "$iso"
- rm -f "$iso.PART"
-
- return 1
-}
-
-downloadFile() {
-
- local iso="$1"
- local url="$2"
- local desc="$3"
- local rc progress
-
- rm -f "$iso"
-
- # Check if running with interactive TTY or redirected to docker log
- if [ -t 1 ]; then
- progress="--progress=bar:noscroll"
- else
- progress="--progress=dot:giga"
- fi
-
- local msg="Downloading $desc..."
- info "$msg" && html "$msg"
- /run/progress.sh "$iso" "Downloading $desc ([P])..." &
-
- { wget "$url" -O "$iso" -q --no-check-certificate --show-progress "$progress"; rc=$?; } || :
-
- fKill "progress.sh"
-
- if (( rc == 0 )) && [ -f "$iso" ]; then
- if [ "$(stat -c%s "$iso")" -gt 100000000 ]; then
- html "Download finished successfully..." && return 0
- fi
- fi
-
- rm -f "$iso"
- error "Failed to download $url , reason: $rc"
-
- return 1
-}
-
-downloadImage() {
-
- local iso="$1"
- local url="$2"
- local rc desc
-
- if [[ "$EXTERNAL" != [Yy1]* ]]; then
-
- desc=$(printVersion "$VERSION" "Windows")
-
- else
-
- desc=$(getName "$BASE" "$BASE")
-
- fi
-
- if [[ "$EXTERNAL" != [Yy1]* ]]; then
-
- doMido "$iso" "$url" "$desc" && return 0
-
- if [[ "$VERSION" != "win10${PLATFORM,,}" ]] && [[ "$VERSION" != "win11${PLATFORM,,}" ]]; then
- return 1
- fi
-
- info "Failed to download $desc using Mido, will try a different method now..."
-
- rm -rf "$TMP"
- mkdir -p "$TMP"
-
- ISO="$TMP/$VERSION.esd"
- iso="$ISO"
-
- if ! getESD "$TMP/esd"; then
- url=""
- else
- url="$ESD_URL"
- fi
-
- fi
-
- if [ -n "$url" ]; then
- downloadFile "$iso" "$url" "$desc" && return 0
- fi
-
- [[ "$EXTERNAL" == [Yy1]* ]] && return 1
-
- case "${VERSION,,}" in
- "win11${PLATFORM,,}")
- url="https://dl.bobpony.com/windows/11/en-us_windows_11_23h2_${PLATFORM,,}.iso"
- ;;
- "win10${PLATFORM,,}")
- url="https://dl.bobpony.com/windows/10/en-us_windows_10_22h2_${PLATFORM,,}.iso"
- ;;
- *)
- return 1
- ;;
- esac
-
- info "Failed to download $desc from Microsoft, will try another mirror now..."
-
- rm -rf "$TMP"
- mkdir -p "$TMP"
-
- ISO="$TMP/$BASE"
- iso="$ISO"
-
- downloadFile "$iso" "$url" "$desc" && return 0
-
- return 1
+ return 0
}
extractESD() {
local iso="$1"
local dir="$2"
- local size size_gb space space_gb desc
+ local version="$3"
+ local desc="$4"
+ local size size_gb sizes space space_gb
+ local desc total total1 total2 total3 total4
+ local imageIndex links links1 links2 links3 links4
- desc=$(printVersion "$VERSION" "Windows")
- local msg="Extracting $desc bootdisk..."
- info "$msg" && html "$msg"
+ local msg="Extracting $desc bootdisk"
+ info "$msg..." && html "$msg..."
if [ "$(stat -c%s "$iso")" -lt 100000000 ]; then
error "Invalid ESD file: Size is smaller than 100 MB" && return 1
fi
rm -rf "$dir"
- mkdir -p "$dir"
- size=16106127360
- size_gb=$(( (size + 1073741823)/1073741824 ))
+ if ! makeDir "$dir"; then
+ error "Failed to create directory \"$dir\" !" && return 1
+ fi
+
+ size=9606127360
+ size_gb=$(formatBytes "$size")
space=$(df --output=avail -B 1 "$dir" | tail -n 1)
- space_gb=$(( (space + 1073741823)/1073741824 ))
+ space_gb=$(formatBytes "$space")
if (( size > space )); then
- error "Not enough free space in $STORAGE, have $space_gb GB available but need at least $size_gb GB." && return 1
+ error "Not enough free space in $STORAGE, have $space_gb available but need at least $size_gb." && return 1
fi
local esdImageCount
- esdImageCount=$(wimlib-imagex info "${iso}" | awk '/Image Count:/ {print $3}')
+ esdImageCount=$(wimlib-imagex info "$iso" | awk '/Image Count:/ {print $3}')
- wimlib-imagex apply "$iso" 1 "${dir}" --quiet 2>/dev/null || {
+ if [ -z "$esdImageCount" ]; then
+ error "Cannot read the image count in ESD file!" && return 1
+ fi
+
+ sizes=$(wimlib-imagex info "$iso" | grep "Total Bytes:")
+ links=$(wimlib-imagex info "$iso" | grep "Hard Link Bytes:")
+
+ total1=$(awk "NR==1{ print; }" <<< "$sizes" | cut -d':' -f2 | sed 's/^ *//')
+ links1=$(awk "NR==1{ print; }" <<< "$links" | cut -d':' -f2 | sed 's/^ *//')
+ total=$(( total1 - links1 ))
+
+ total3=$(awk "NR==3{ print; }" <<< "$sizes" | cut -d':' -f2 | sed 's/^ *//')
+ links3=$(awk "NR==3{ print; }" <<< "$links" | cut -d':' -f2 | sed 's/^ *//')
+ total3=$(( total3 - links3 ))
+ total3=$(( total3 + 60000000 ))
+
+ /run/progress.sh "$dir" "$total" "$msg ([P])..." &
+
+ imageIndex="1"
+ wimlib-imagex apply "$iso" "$imageIndex" "$dir" --quiet 2>/dev/null || {
retVal=$?
- error "Extracting bootdisk failed" && return $retVal
+ fKill "progress.sh"
+ error "Extracting $desc bootdisk failed ($retVal)" && return 1
}
- local bootWimFile="${dir}/sources/boot.wim"
- local installWimFile="${dir}/sources/install.wim"
+ fKill "progress.sh"
- local msg="Extracting $desc environment..."
- info "$msg" && html "$msg"
+ local bootWimFile="$dir/sources/boot.wim"
+ local installWimFile="$dir/sources/install.wim"
- wimlib-imagex export "${iso}" 2 "${bootWimFile}" --compress=LZX --chunk-size 32K --quiet || {
+ local msg="Extracting $desc environment"
+ info "$msg..." && html "$msg..."
+
+ imageIndex="2"
+ /run/progress.sh "$bootWimFile" "$total3" "$msg ([P])..." &
+
+ wimlib-imagex export "$iso" "$imageIndex" "$bootWimFile" --compress=none --quiet || {
retVal=$?
- error "Adding WinPE failed" && return ${retVal}
+ fKill "progress.sh"
+ error "Adding WinPE failed ($retVal)" && return 1
}
- local msg="Extracting $desc setup..."
- info "$msg" && html "$msg"
+ fKill "progress.sh"
- wimlib-imagex export "${iso}" 3 "$bootWimFile" --compress=LZX --chunk-size 32K --boot --quiet || {
+ local msg="Extracting $desc setup"
+ info "$msg..."
+
+ imageIndex="3"
+ /run/progress.sh "$bootWimFile" "$total3" "$msg ([P])..." &
+
+ wimlib-imagex export "$iso" "$imageIndex" "$bootWimFile" --compress=none --boot --quiet || {
retVal=$?
- error "Adding Windows Setup failed" && return ${retVal}
+ fKill "progress.sh"
+ error "Adding Windows Setup failed ($retVal)" && return 1
}
- local msg="Extracting $desc image..."
- info "$msg" && html "$msg"
+ fKill "progress.sh"
- local edition imageIndex imageEdition
+ if [[ "${PLATFORM,,}" == "x64" ]]; then
+ LABEL="CCCOMA_X64FRE_EN-US_DV9"
+ else
+ LABEL="CPBA_A64FRE_EN-US_DV9"
+ fi
- case "${VERSION,,}" in
- "win11${PLATFORM,,}")
- edition="11 pro"
- ;;
- "win10${PLATFORM,,}")
- edition="10 pro"
- ;;
- *)
- error "Invalid version specified: $VERSION" && return 1
- ;;
- esac
+ local msg="Extracting $desc image"
+ info "$msg..." && html "$msg..."
+
+ local edition imageEdition
+ edition=$(getCatalog "$version" "name")
+
+ if [ -z "$edition" ]; then
+ error "Invalid VERSION specified, value \"$version\" is not recognized!" && return 1
+ fi
for (( imageIndex=4; imageIndex<=esdImageCount; imageIndex++ )); do
- imageEdition=$(wimlib-imagex info "${iso}" ${imageIndex} | grep '^Description:' | sed 's/Description:[ \t]*//')
- [[ "${imageEdition,,}" != *"$edition"* ]] && continue
- wimlib-imagex export "${iso}" ${imageIndex} "${installWimFile}" --compress=LZMS --chunk-size 128K --quiet || {
+
+ imageEdition=$(wimlib-imagex info "$iso" "$imageIndex" | grep '^Description:' | sed 's/Description:[ \t]*//')
+ [[ "${imageEdition,,}" != "${edition,,}" ]] && continue
+
+ total4=$(du -sb "$iso" | cut -f1)
+ total4=$(( total4 + 3000000 ))
+
+ /run/progress.sh "$installWimFile" "$total4" "$msg ([P])..." &
+
+ wimlib-imagex export "$iso" "$imageIndex" "$installWimFile" --compress=LZMS --chunk-size 128K --quiet || {
retVal=$?
- error "Addition of ${imageIndex} to the image failed" && return $retVal
+ fKill "progress.sh"
+ error "Addition of $imageIndex to the $desc image failed ($retVal)" && return 1
}
+
+ fKill "progress.sh"
return 0
+
done
- error "Failed to find product in install.wim!" && return 1
+ fKill "progress.sh"
+ error "Failed to find product '$edition' in install.wim!" && return 1
}
extractImage() {
local iso="$1"
local dir="$2"
- local desc="downloaded ISO"
- local size size_gb space space_gb
+ local version="$3"
+ local desc="local ISO"
+ local file size size_gb space space_gb
+
+ if [ -z "$CUSTOM" ]; then
+ desc="downloaded ISO"
+ if [[ "$version" != "http"* ]]; then
+ desc=$(printVersion "$version" "$desc")
+ fi
+ fi
if [[ "${iso,,}" == *".esd" ]]; then
- extractESD "$iso" "$dir" && return 0
+ extractESD "$iso" "$dir" "$version" "$desc" && return 0
return 1
fi
- if [[ "$EXTERNAL" != [Yy1]* ]] && [ -z "$CUSTOM" ]; then
- desc=$(printVersion "$VERSION" "downloaded ISO")
- fi
-
- local msg="Extracting $desc image..."
- [ -n "$CUSTOM" ] && msg="Extracting local ISO image..."
- info "$msg" && html "$msg"
+ local msg="Extracting $desc image"
+ info "$msg..." && html "$msg..."
rm -rf "$dir"
- mkdir -p "$dir"
+
+ if ! makeDir "$dir"; then
+ error "Failed to create directory \"$dir\" !" && return 1
+ fi
size=$(stat -c%s "$iso")
- size_gb=$(( (size + 1073741823)/1073741824 ))
+ size_gb=$(formatBytes "$size")
space=$(df --output=avail -B 1 "$dir" | tail -n 1)
- space_gb=$(( (space + 1073741823)/1073741824 ))
+ space_gb=$(formatBytes "$space")
- if ((size<100000000)); then
+ if (( size < 100000000 )); then
error "Invalid ISO file: Size is smaller than 100 MB" && return 1
fi
if (( size > space )); then
- error "Not enough free space in $STORAGE, have $space_gb GB available but need at least $size_gb GB." && return 1
+ error "Not enough free space in $STORAGE, have $space_gb available but need at least $size_gb." && return 1
fi
rm -rf "$dir"
+ /run/progress.sh "$dir" "$size" "$msg ([P])..." &
if ! 7z x "$iso" -o"$dir" > /dev/null; then
+ fKill "progress.sh"
error "Failed to extract ISO file: $iso" && return 1
fi
+ fKill "progress.sh"
+
+ if [[ "${UNPACK:-}" != [Yy1]* ]]; then
+
+ LABEL=$(isoinfo -d -i "$iso" | sed -n 's/Volume id: //p')
+
+ else
+
+ file=$(find "$dir" -maxdepth 1 -type f -iname "*.iso" -print -quit)
+
+ if [ -z "$file" ]; then
+ error "Failed to find any .iso file in archive!" && return 1
+ fi
+
+ if ! 7z x "$file" -o"$dir" > /dev/null; then
+ error "Failed to extract archive!" && return 1
+ fi
+
+ LABEL=$(isoinfo -d -i "$file" | sed -n 's/Volume id: //p')
+ rm -f "$file"
+
+ fi
+
+ return 0
+}
+
+getPlatform() {
+
+ local xml="$1"
+ local tag="ARCH"
+ local platform="x64"
+ local arch
+
+ arch=$(sed -n "/$tag/{s/.*<$tag>\(.*\)<\/$tag>.*/\1/;p}" <<< "$xml")
+
+ case "${arch,,}" in
+ "0" ) platform="x86" ;;
+ "9" ) platform="x64" ;;
+ "12" )platform="arm64" ;;
+ esac
+
+ echo "$platform"
+ return 0
+}
+
+checkPlatform() {
+
+ local xml="$1"
+ local platform compat
+
+ platform=$(getPlatform "$xml")
+
+ case "${platform,,}" in
+ "x86" ) compat="x64" ;;
+ "x64" ) compat="$platform" ;;
+ "arm64" ) compat="$platform" ;;
+ * ) compat="${PLATFORM,,}" ;;
+ esac
+
+ [[ "${compat,,}" == "${PLATFORM,,}" ]] && return 0
+
+ error "You cannot boot ${platform^^} images on a $PLATFORM CPU!"
+ return 1
+}
+
+hasVersion() {
+
+ local id="$1"
+ local tag="$2"
+ local xml="$3"
+ local edition
+
+ [ ! -f "/run/assets/$id.xml" ] && return 1
+
+ edition=$(printEdition "$id" "")
+ [ -z "$edition" ] && return 1
+ [[ "${xml,,}" != *"<${tag,,}>${edition,,}</${tag,,}>"* ]] && return 1
+
+ return 0
+}
+
+selectVersion() {
+
+ local tag="$1"
+ local xml="$2"
+ local platform="$3"
+ local id name prefer
+
+ name=$(sed -n "/$tag/{s/.*<$tag>\(.*\)<\/$tag>.*/\1/;p}" <<< "$xml")
+ [[ "$name" == *"Operating System"* ]] && name=""
+ [ -z "$name" ] && return 0
+
+ id=$(fromName "$name" "$platform")
+ [ -z "$id" ] && warn "Unknown ${tag,,}: '$name'" && return 0
+
+ prefer="$id-enterprise"
+ hasVersion "$prefer" "$tag" "$xml" && echo "$prefer" && return 0
+
+ prefer="$id-ultimate"
+ hasVersion "$prefer" "$tag" "$xml" && echo "$prefer" && return 0
+
+ prefer="$id"
+ hasVersion "$prefer" "$tag" "$xml" && echo "$prefer" && return 0
+
+ prefer=$(getVersion "$name" "$platform")
+
+ echo "$prefer"
+ return 0
+}
+
+detectVersion() {
+
+ local xml="$1"
+ local id platform
+
+ platform=$(getPlatform "$xml")
+ id=$(selectVersion "DISPLAYNAME" "$xml" "$platform")
+ [ -z "$id" ] && id=$(selectVersion "PRODUCTNAME" "$xml" "$platform")
+ [ -z "$id" ] && id=$(selectVersion "NAME" "$xml" "$platform")
+
+ echo "$id"
+ return 0
+}
+
+detectLanguage() {
+
+ local xml="$1"
+ local lang=""
+
+ if [[ "$xml" == *"LANGUAGE><DEFAULT>"* ]]; then
+ lang="${xml#*LANGUAGE><DEFAULT>}"
+ lang="${lang%%<*}"
+ else
+ if [[ "$xml" == *"FALLBACK><DEFAULT>"* ]]; then
+ lang="${xml#*FALLBACK><DEFAULT>}"
+ lang="${lang%%<*}"
+ fi
+ fi
+
+ if [ -z "$lang" ]; then
+ warn "Language could not be detected from ISO!" && return 0
+ fi
+
+ local culture
+ culture=$(getLanguage "$lang" "culture")
+ [ -n "$culture" ] && LANGUAGE="$lang" && return 0
+
+ warn "Invalid language detected: \"$lang\""
+ return 0
+}
+
+setXML() {
+
+ local file="/custom.xml"
+
+ if [ -d "$file" ]; then
+ error "The bind $file maps to a file that does not exist!" && exit 67
+ fi
+
+ [ ! -f "$file" ] || [ ! -s "$file" ] && file="$STORAGE/custom.xml"
+ [ ! -f "$file" ] || [ ! -s "$file" ] && file="/run/assets/custom.xml"
+ [ ! -f "$file" ] || [ ! -s "$file" ] && file="$1"
+ [ ! -f "$file" ] || [ ! -s "$file" ] && file="/run/assets/$DETECTED.xml"
+ [ ! -f "$file" ] || [ ! -s "$file" ] && return 1
+
+ XML="$file"
return 0
}
detectImage() {
- XML=""
local dir="$1"
+ local version="$2"
+ local desc msg find language
- if [ -n "$CUSTOM" ]; then
- DETECTED=""
- else
- if [ -z "$DETECTED" ] && [[ "$EXTERNAL" != [Yy1]* ]]; then
- DETECTED="$VERSION"
- fi
+ XML=""
+
+ if [ -z "$DETECTED" ] && [ -z "$CUSTOM" ]; then
+ [[ "${version,,}" != "http"* ]] && DETECTED="$version"
fi
if [ -n "$DETECTED" ]; then
- if [ -f "/run/assets/$DETECTED.xml" ]; then
- [[ "$MANUAL" != [Yy1]* ]] && XML="$DETECTED.xml"
- return 0
- fi
+ skipVersion "${DETECTED,,}" && return 0
- if [[ "${DETECTED,,}" != "winxp"* ]]; then
-
- local dsc
- dsc=$(printVersion "$DETECTED" "$DETECTED")
-
- warn "got $dsc, but no matching XML file exists, $FB."
+ if ! setXML "" && [[ "$MANUAL" != [Yy1]* ]]; then
+ MANUAL="Y"
+ desc=$(printEdition "$DETECTED" "this version")
+ warn "the answer file for $desc was not found ($DETECTED.xml), $FB."
fi
return 0
fi
- info "Detecting Windows version from ISO image..."
+ info "Detecting version from ISO image..."
- if [ -f "$dir/WIN51" ] || [ -f "$dir/SETUPXP.HTM" ]; then
- DETECTED="winxpx86"
- info "Detected: Windows XP" && return 0
+ if detectLegacy "$dir"; then
+ desc=$(printEdition "$DETECTED" "$DETECTED")
+ info "Detected: $desc"
+ return 0
fi
- local src loc tag result name name2 desc
- src=$(find "$dir" -maxdepth 1 -type d -iname sources | head -n 1)
+ local src wim info
+ src=$(find "$dir" -maxdepth 1 -type d -iname sources -print -quit)
if [ ! -d "$src" ]; then
- BOOT_MODE="windows_legacy"
warn "failed to locate 'sources' folder in ISO image, $FB" && return 1
fi
- loc=$(find "$src" -maxdepth 1 -type f -iname install.wim | head -n 1)
- [ ! -f "$loc" ] && loc=$(find "$src" -maxdepth 1 -type f -iname install.esd | head -n 1)
+ wim=$(find "$src" -maxdepth 1 -type f \( -iname install.wim -or -iname install.esd \) -print -quit)
- if [ ! -f "$loc" ]; then
- BOOT_MODE="windows_legacy"
+ if [ ! -f "$wim" ]; then
warn "failed to locate 'install.wim' or 'install.esd' in ISO image, $FB" && return 1
fi
- tag="DISPLAYNAME"
- result=$(wimlib-imagex info -xml "$loc" | tr -d '\000')
- name=$(sed -n "/$tag/{s/.*<$tag>\(.*\)<\/$tag>.*/\1/;p}" <<< "$result")
- DETECTED=$(getVersion "$name")
+ info=$(wimlib-imagex info -xml "$wim" | iconv -f UTF-16LE -t UTF-8)
+ checkPlatform "$info" || exit 67
+
+ DETECTED=$(detectVersion "$info")
if [ -z "$DETECTED" ]; then
-
- tag="PRODUCTNAME"
- name2=$(sed -n "/$tag/{s/.*<$tag>\(.*\)<\/$tag>.*/\1/;p}" <<< "$result")
- [ -z "$name" ] && name="$name2"
- DETECTED=$(getVersion "$name2")
-
+ msg="Failed to determine Windows version from image"
+ if setXML "" || [[ "$MANUAL" == [Yy1]* ]]; then
+ info "${msg}!"
+ else
+ MANUAL="Y"
+ warn "${msg}, $FB."
+ fi
+ return 0
fi
- if [ -z "$DETECTED" ]; then
- warn "failed to determine Windows version from string '$name', $FB" && return 0
+ desc=$(printEdition "$DETECTED" "$DETECTED")
+ detectLanguage "$info"
+
+ if [[ "${LANGUAGE,,}" != "en" && "${LANGUAGE,,}" != "en-"* ]]; then
+ language=$(getLanguage "$LANGUAGE" "desc")
+ desc+=" ($language)"
fi
- desc=$(printVersion "$DETECTED" "$DETECTED")
+ info "Detected: $desc"
+ setXML "" && return 0
- if [ -f "/run/assets/$DETECTED.xml" ]; then
- [[ "$MANUAL" != [Yy1]* ]] && XML="$DETECTED.xml"
- info "Detected: $desc"
+ if [[ "$DETECTED" == "win81x86"* || "$DETECTED" == "win10x86"* ]]; then
+ error "The 32-bit version of $desc is not supported!" && return 1
+ fi
+
+ msg="the answer file for $desc was not found ($DETECTED.xml)"
+ local fallback="/run/assets/${DETECTED%%-*}.xml"
+
+ if setXML "$fallback" || [[ "$MANUAL" == [Yy1]* ]]; then
+ [[ "$MANUAL" != [Yy1]* ]] && warn "${msg}."
else
- warn "detected $desc, but no matching XML file exists, $FB."
- fi
-
- return 0
-}
-
-prepareXP() {
-
- local iso="$1"
- local dir="$2"
- local arch="x86"
- local target="$dir/I386"
-
- if [ -d "$dir/AMD64" ]; then
- arch="amd64"
- target="$dir/AMD64"
- fi
-
- MACHINE="pc-q35-2.10"
- BOOT_MODE="windows_legacy"
- ETFS="[BOOT]/Boot-NoEmul.img"
-
- [[ "$MANUAL" == [Yy1]* ]] && return 0
-
- local drivers="$TMP/drivers"
- rm -rf "$drivers"
-
- if ! 7z x /run/drivers.iso -o"$drivers" > /dev/null; then
- error "Failed to extract driver ISO file!" && exit 66
- fi
-
- cp "$drivers/viostor/xp/$arch/viostor.sys" "$target"
-
- mkdir -p "$dir/\$OEM\$/\$1/Drivers/viostor"
- cp "$drivers/viostor/xp/$arch/viostor.cat" "$dir/\$OEM\$/\$1/Drivers/viostor"
- cp "$drivers/viostor/xp/$arch/viostor.inf" "$dir/\$OEM\$/\$1/Drivers/viostor"
- cp "$drivers/viostor/xp/$arch/viostor.sys" "$dir/\$OEM\$/\$1/Drivers/viostor"
-
- mkdir -p "$dir/\$OEM\$/\$1/Drivers/NetKVM"
- cp "$drivers/NetKVM/xp/$arch/netkvm.cat" "$dir/\$OEM\$/\$1/Drivers/NetKVM"
- cp "$drivers/NetKVM/xp/$arch/netkvm.inf" "$dir/\$OEM\$/\$1/Drivers/NetKVM"
- cp "$drivers/NetKVM/xp/$arch/netkvm.sys" "$dir/\$OEM\$/\$1/Drivers/NetKVM"
-
- sed -i '/^\[SCSI.Load\]/s/$/\nviostor=viostor.sys,4/' "$target/TXTSETUP.SIF"
- sed -i '/^\[SourceDisksFiles.'"$arch"'\]/s/$/\nviostor.sys=1,,,,,,4_,4,1,,,1,4/' "$target/TXTSETUP.SIF"
- sed -i '/^\[SCSI\]/s/$/\nviostor=\"Red Hat VirtIO SCSI Disk Device\"/' "$target/TXTSETUP.SIF"
- sed -i '/^\[HardwareIdsDatabase\]/s/$/\nPCI\\VEN_1AF4\&DEV_1001\&SUBSYS_00000000=\"viostor\"/' "$target/TXTSETUP.SIF"
- sed -i '/^\[HardwareIdsDatabase\]/s/$/\nPCI\\VEN_1AF4\&DEV_1001\&SUBSYS_00020000=\"viostor\"/' "$target/TXTSETUP.SIF"
- sed -i '/^\[HardwareIdsDatabase\]/s/$/\nPCI\\VEN_1AF4\&DEV_1001\&SUBSYS_00021AF4=\"viostor\"/' "$target/TXTSETUP.SIF"
- sed -i '/^\[HardwareIdsDatabase\]/s/$/\nPCI\\VEN_1AF4\&DEV_1001\&SUBSYS_00000000=\"viostor\"/' "$target/TXTSETUP.SIF"
-
- mkdir -p "$dir/\$OEM\$/\$1/Drivers/sata"
-
- cp -a "$drivers/sata/xp/$arch/." "$dir/\$OEM\$/\$1/Drivers/sata"
- cp -a "$drivers/sata/xp/$arch/." "$target"
-
- sed -i '/^\[SCSI.Load\]/s/$/\niaStor=iaStor.sys,4/' "$target/TXTSETUP.SIF"
- sed -i '/^\[FileFlags\]/s/$/\niaStor.sys = 16/' "$target/TXTSETUP.SIF"
- sed -i '/^\[SourceDisksFiles.'"$arch"'\]/s/$/\niaStor.cat = 1,,,,,,,1,0,0/' "$target/TXTSETUP.SIF"
- sed -i '/^\[SourceDisksFiles.'"$arch"'\]/s/$/\niaStor.inf = 1,,,,,,,1,0,0/' "$target/TXTSETUP.SIF"
- sed -i '/^\[SourceDisksFiles.'"$arch"'\]/s/$/\niaStor.sys = 1,,,,,,4_,4,1,,,1,4/' "$target/TXTSETUP.SIF"
- sed -i '/^\[SourceDisksFiles.'"$arch"'\]/s/$/\niaStor.sys = 1,,,,,,,1,0,0/' "$target/TXTSETUP.SIF"
- sed -i '/^\[SourceDisksFiles.'"$arch"'\]/s/$/\niaahci.cat = 1,,,,,,,1,0,0/' "$target/TXTSETUP.SIF"
- sed -i '/^\[SourceDisksFiles.'"$arch"'\]/s/$/\niaAHCI.inf = 1,,,,,,,1,0,0/' "$target/TXTSETUP.SIF"
- sed -i '/^\[SCSI\]/s/$/\niaStor=\"Intel\(R\) SATA RAID\/AHCI Controller\"/' "$target/TXTSETUP.SIF"
- sed -i '/^\[HardwareIdsDatabase\]/s/$/\nPCI\\VEN_8086\&DEV_2922\&CC_0106=\"iaStor\"/' "$target/TXTSETUP.SIF"
-
- # Windows XP Pro generic key (no activation)
- local key="DR8GV-C8V6J-BYXHG-7PYJR-DB66Y"
-
- find "$target" -maxdepth 1 -type f -iname winnt.sif -exec rm {} \;
-
- { echo "[Data]"
- echo "AutoPartition=1"
- echo "MsDosInitiated=\"0\""
- echo "UnattendedInstall=\"Yes\""
- echo "AutomaticUpdates=\"Yes\""
- echo ""
- echo "[Unattended]"
- echo "UnattendSwitch=Yes"
- echo "UnattendMode=FullUnattended"
- echo "FileSystem=NTFS"
- echo "OemSkipEula=Yes"
- echo "OemPreinstall=Yes"
- echo "Repartition=Yes"
- echo "WaitForReboot=\"No\""
- echo "DriverSigningPolicy=\"Ignore\""
- echo "NonDriverSigningPolicy=\"Ignore\""
- echo "OemPnPDriversPath=\"Drivers\viostor;Drivers\NetKVM;Drivers\sata\""
- echo "NoWaitAfterTextMode=1"
- echo "NoWaitAfterGUIMode=1"
- echo "FileSystem-ConvertNTFS"
- echo "ExtendOemPartition=0"
- echo "Hibernation=\"No\""
- echo ""
- echo "[GuiUnattended]"
- echo "OEMSkipRegional=1"
- echo "OemSkipWelcome=1"
- echo "AdminPassword=*"
- echo "TimeZone=0"
- echo "AutoLogon=Yes"
- echo "AutoLogonCount=65432"
- echo ""
- echo "[UserData]"
- echo "FullName=\"Docker\""
- echo "ComputerName=\"*\""
- echo "OrgName=\"Windows for Docker\""
- echo "ProductKey=$key"
- echo ""
- echo "[Identification]"
- echo "JoinWorkgroup = WORKGROUP"
- echo ""
- echo "[Networking]"
- echo "InstallDefaultComponents=Yes"
- echo ""
- echo "[Branding]"
- echo "BrandIEUsingUnattended=Yes"
- echo ""
- echo "[URL]"
- echo "Home_Page = http://www.google.com"
- echo "Search_Page = http://www.google.com"
- echo ""
- echo "[RegionalSettings]"
- echo "Language=00000409"
- echo ""
- echo "[TerminalServices]"
- echo "AllowConnections=1"
- } | unix2dos > "$target/WINNT.SIF"
-
- { echo "Windows Registry Editor Version 5.00"
- echo ""
- echo "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security]"
- echo "\"FirstRunDisabled\"=dword:00000001"
- echo "\"AntiVirusOverride\"=dword:00000001"
- echo "\"FirewallOverride\"=dword:00000001"
- echo "\"FirewallDisableNotify\"=dword:00000001"
- echo "\"UpdatesDisableNotify\"=dword:00000001"
- echo "\"AntiVirusDisableNotify\"=dword:00000001"
- echo ""
- echo "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc]"
- echo "\"Start\"=dword:00000004"
- echo ""
- echo "[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\WindowsFirewall\StandardProfile]"
- echo "\"EnableFirewall\"=dword:00000000"
- echo ""
- echo "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess]"
- echo "\"Start\"=dword:00000004"
- echo
- echo "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]"
- echo "\"3389:TCP\"=\"3389:TCP:*:Enabled:@xpsp2res.dll,-22009\""
- echo ""
- echo "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]"
- echo "\"LimitBlankPasswordUse\"=dword:00000000"
- echo ""
- echo "[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Tour]"
- echo "\"RunCount\"=dword:00000000"
- echo ""
- echo "[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]"
- echo "\"HideFileExt\"=dword:00000000"
- echo ""
- echo "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]"
- echo "\"DefaultUserName\"=\"Docker\""
- echo "\"DefaultDomainName\"=\"Dockur\""
- echo "\"AltDefaultUserName\"=\"Docker\""
- echo "\"AltDefaultDomainName\"=\"Dockur\""
- echo "\"AutoAdminLogon\"=\"1\""
- } | unix2dos > "$dir/\$OEM\$/install.reg"
-
- { echo "Set WshShell = WScript.CreateObject(\"WScript.Shell\")"
- echo "Set WshNetwork = WScript.CreateObject(\"WScript.Network\")"
- echo "Set oMachine = GetObject(\"WinNT://\" & WshNetwork.ComputerName)"
- echo "Set oInfoUser = GetObject(\"WinNT://\" & WshNetwork.ComputerName & \"/Administrator,user\")"
- echo "Set oUser = oMachine.MoveHere(oInfoUser.ADsPath,\"Docker\")"
- } | unix2dos > "$dir/\$OEM\$/admin.vbs"
-
- { echo "[COMMANDS]"
- echo "\"REGEDIT /s install.reg\""
- echo "\"Wscript admin.vbs\""
- } | unix2dos > "$dir/\$OEM\$/cmdlines.txt"
-
- rm -rf "$drivers"
- return 0
-}
-
-prepareLegacy() {
-
- local iso="$1"
- local dir="$2"
-
- ETFS="boot.img"
- BOOT_MODE="windows_legacy"
-
- rm -f "$dir/$ETFS"
-
- local len offset
- len=$(isoinfo -d -i "$iso" | grep "Nsect " | grep -o "[^ ]*$")
- offset=$(isoinfo -d -i "$iso" | grep "Bootoff " | grep -o "[^ ]*$")
-
- if ! dd "if=$iso" "of=$dir/$ETFS" bs=2048 "count=$len" "skip=$offset" status=none; then
- error "Failed to extract boot image from ISO!" && exit 67
+ MANUAL="Y"
+ warn "${msg}, $FB."
fi
return 0
@@ -1002,135 +819,400 @@ prepareImage() {
local iso="$1"
local dir="$2"
+ local desc missing
+
+ desc=$(printVersion "$DETECTED" "$DETECTED")
+
+ setMachine "$DETECTED" "$iso" "$dir" "$desc" || return 1
+ skipVersion "$DETECTED" && return 0
if [[ "${BOOT_MODE,,}" != "windows_legacy" ]]; then
- if [[ "${DETECTED,,}" != "winxp"* ]] && [[ "${DETECTED,,}" != "win2008"* ]]; then
- if [[ "${DETECTED,,}" != "winvista"* ]] && [[ "${DETECTED,,}" != "win7"* ]]; then
- if [ -f "$dir/$ETFS" ] && [ -f "$dir/$EFISYS" ]; then
- return 0
- fi
+ [ -f "$dir/$ETFS" ] && [ -f "$dir/$EFISYS" ] && return 0
- if [ ! -f "$dir/$ETFS" ]; then
- warn "failed to locate file 'etfsboot.com' in ISO image, falling back to legacy boot!"
- else
- warn "failed to locate file 'efisys_noprompt.bin' in ISO image, falling back to legacy boot!"
- fi
+ missing=$(basename "$dir/$EFISYS")
+ [ ! -f "$dir/$ETFS" ] && missing=$(basename "$dir/$ETFS")
- fi
- fi
+ error "Failed to locate file \"${missing,,}\" in ISO image!"
+ return 1
fi
- if [[ "${DETECTED,,}" == "winxp"* ]]; then
- if ! prepareXP "$iso" "$dir"; then
- error "Failed to prepare Windows XP ISO!" && return 1
- fi
- else
- if ! prepareLegacy "$iso" "$dir"; then
- error "Failed to prepare Windows ISO!" && return 1
- fi
+ prepareLegacy "$iso" "$dir" "$desc" && return 0
+
+ error "Failed to extract boot image from ISO image!"
+ return 1
+}
+
+updateXML() {
+
+ local asset="$1"
+ local language="$2"
+ local culture region user admin pass keyboard
+
+ [ -z "$HEIGHT" ] && HEIGHT="720"
+ [ -z "$WIDTH" ] && WIDTH="1280"
+
+ sed -i "s/>Windows for Docker</>$APP for $ENGINE</g" "$asset"
+ sed -i "s/<VerticalResolution>1080<\/VerticalResolution>/<VerticalResolution>$HEIGHT<\/VerticalResolution>/g" "$asset"
+ sed -i "s/<HorizontalResolution>1920<\/HorizontalResolution>/<HorizontalResolution>$WIDTH<\/HorizontalResolution>/g" "$asset"
+
+ culture=$(getLanguage "$language" "culture")
+
+ if [ -n "$culture" ] && [[ "${culture,,}" != "en-us" ]]; then
+ sed -i "s/<UILanguage>en-US<\/UILanguage>/<UILanguage>$culture<\/UILanguage>/g" "$asset"
+ fi
+
+ region="$REGION"
+ [ -z "$region" ] && region="$culture"
+
+ if [ -n "$region" ] && [[ "${region,,}" != "en-us" ]]; then
+ sed -i "s/<UserLocale>en-US<\/UserLocale>/<UserLocale>$region<\/UserLocale>/g" "$asset"
+ sed -i "s/<SystemLocale>en-US<\/SystemLocale>/<SystemLocale>$region<\/SystemLocale>/g" "$asset"
+ fi
+
+ keyboard="$KEYBOARD"
+ [ -z "$keyboard" ] && keyboard="$culture"
+
+ if [ -n "$keyboard" ] && [[ "${keyboard,,}" != "en-us" ]]; then
+ sed -i "s/<InputLocale>en-US<\/InputLocale>/<InputLocale>$keyboard<\/InputLocale>/g" "$asset"
+ sed -i "s/<InputLocale>0409:00000409<\/InputLocale>/<InputLocale>$keyboard<\/InputLocale>/g" "$asset"
+ fi
+
+ user=$(echo "$USERNAME" | sed 's/[^[:alnum:]@!._-]//g')
+
+ if [ -n "$user" ]; then
+ sed -i "s/-name \"Docker\"/-name \"$user\"/g" "$asset"
+ sed -i "s/<Name>Docker<\/Name>/<Name>$user<\/Name>/g" "$asset"
+ sed -i "s/where name=\"Docker\"/where name=\"$user\"/g" "$asset"
+ sed -i "s/<FullName>Docker<\/FullName>/<FullName>$user<\/FullName>/g" "$asset"
+ sed -i "s/<Username>Docker<\/Username>/<Username>$user<\/Username>/g" "$asset"
+ fi
+
+ [ -n "$PASSWORD" ] && pass="$PASSWORD" || pass="admin"
+
+ pw=$(printf '%s' "${pass}Password" | iconv -f utf-8 -t utf-16le | base64 -w 0)
+ admin=$(printf '%s' "${pass}AdministratorPassword" | iconv -f utf-8 -t utf-16le | base64 -w 0)
+
+ sed -i "s/<Value>password<\/Value>/<Value>$admin<\/Value>/g" "$asset"
+ sed -i "s/<PlainText>true<\/PlainText>/<PlainText>false<\/PlainText>/g" "$asset"
+ sed -z "s/<Password>...........<Value \/>/<Password>\n <Value>$pw<\/Value>/g" -i "$asset"
+ sed -z "s/<Password>...............<Value \/>/<Password>\n <Value>$pw<\/Value>/g" -i "$asset"
+ sed -z "s/<AdministratorPassword>...........<Value \/>/<AdministratorPassword>\n <Value>$admin<\/Value>/g" -i "$asset"
+ sed -z "s/<AdministratorPassword>...............<Value \/>/<AdministratorPassword>\n <Value>$admin<\/Value>/g" -i "$asset"
+
+ if [ -n "$EDITION" ]; then
+ [[ "${EDITION^^}" == "CORE" ]] && EDITION="STANDARDCORE"
+ sed -i "s/SERVERSTANDARD<\/Value>/SERVER${EDITION^^}<\/Value>/g" "$asset"
+ fi
+
+ if [ -n "$KEY" ]; then
+ sed -i '/<ProductKey>/,/<\/ProductKey>/d' "$asset"
+ sed -i "s/<\/UserData>/ <ProductKey>\n <Key>${KEY}<\/Key>\n <WillShowUI>OnError<\/WillShowUI>\n <\/ProductKey>\n <\/UserData>/g" "$asset"
fi
return 0
}
+addDriver() {
+
+ local id="$1"
+ local path="$2"
+ local target="$3"
+ local driver="$4"
+ local desc=""
+ local folder=""
+
+ if [ -z "$id" ]; then
+ warn "no Windows version specified for \"$driver\" driver!" && return 0
+ fi
+
+ case "${id,,}" in
+ "win7x86"* ) folder="w7/x86" ;;
+ "win7x64"* ) folder="w7/amd64" ;;
+ "win81x64"* ) folder="w8.1/amd64" ;;
+ "win10x64"* ) folder="w10/amd64" ;;
+ "win11x64"* ) folder="w11/amd64" ;;
+ "win2025"* ) folder="2k25/amd64" ;;
+ "win2022"* ) folder="2k22/amd64" ;;
+ "win2019"* ) folder="2k19/amd64" ;;
+ "win2016"* ) folder="2k16/amd64" ;;
+ "win2012"* ) folder="2k12R2/amd64" ;;
+ "win2008"* ) folder="2k8R2/amd64" ;;
+ "win10arm64"* ) folder="w10/ARM64" ;;
+ "win11arm64"* ) folder="w11/ARM64" ;;
+ "winvistax86"* ) folder="2k8/x86" ;;
+ "winvistax64"* ) folder="2k8/amd64" ;;
+ esac
+
+ if [ -z "$folder" ]; then
+ desc=$(printVersion "$id" "$id")
+ if [[ "${id,,}" != *"x86"* ]]; then
+ warn "no \"$driver\" driver available for \"$desc\" !" && return 0
+ else
+ warn "no \"$driver\" driver available for the 32-bit version of \"$desc\" !" && return 0
+ fi
+ fi
+
+ [ ! -d "$path/$driver/$folder" ] && return 0
+
+ case "${id,,}" in
+ "winvista"* )
+ [[ "${driver,,}" == "viorng" ]] && return 0
+ ;;
+ esac
+
+ local dest="$path/$target/$driver"
+ mkdir -p "$dest" || return 1
+ cp -Lr "$path/$driver/$folder/." "$dest" || return 1
+
+ return 0
+}
+
+addDrivers() {
+
+ local src="$1"
+ local tmp="$2"
+ local file="$3"
+ local index="$4"
+ local version="$5"
+ local drivers="$tmp/drivers"
+
+ rm -rf "$drivers"
+ mkdir -p "$drivers"
+
+ local msg="Adding drivers to image..."
+ info "$msg" && html "$msg"
+
+ if [ -z "$version" ]; then
+ version="win11x64"
+ warn "Windows version unknown, falling back to Windows 11 drivers..."
+ fi
+
+ if ! bsdtar -xf /var/drivers.txz -C "$drivers"; then
+ error "Failed to extract drivers from archive!" && return 1
+ fi
+
+ local target="\$WinPEDriver\$"
+ local dest="$drivers/$target"
+ mkdir -p "$dest" || return 1
+
+ wimlib-imagex update "$file" "$index" --command "delete --force --recursive /$target" >/dev/null || true
+
+ addDriver "$version" "$drivers" "$target" "qxl" || return 1
+ addDriver "$version" "$drivers" "$target" "viofs" || return 1
+ addDriver "$version" "$drivers" "$target" "sriov" || return 1
+ addDriver "$version" "$drivers" "$target" "smbus" || return 1
+ addDriver "$version" "$drivers" "$target" "qxldod" || return 1
+ addDriver "$version" "$drivers" "$target" "viorng" || return 1
+ addDriver "$version" "$drivers" "$target" "viostor" || return 1
+ addDriver "$version" "$drivers" "$target" "viomem" || return 1
+ addDriver "$version" "$drivers" "$target" "NetKVM" || return 1
+ addDriver "$version" "$drivers" "$target" "Balloon" || return 1
+ addDriver "$version" "$drivers" "$target" "vioscsi" || return 1
+ addDriver "$version" "$drivers" "$target" "pvpanic" || return 1
+ addDriver "$version" "$drivers" "$target" "vioinput" || return 1
+ addDriver "$version" "$drivers" "$target" "viogpudo" || return 1
+ addDriver "$version" "$drivers" "$target" "vioserial" || return 1
+ addDriver "$version" "$drivers" "$target" "qemupciserial" || return 1
+
+ case "${version,,}" in
+ "win11x64"* | "win2025"* )
+ # Workaround Virtio GPU driver bug
+ local dst="$src/\$OEM\$/\$\$/Drivers"
+ mkdir -p "$dst" || return 1
+ cp -Lr "$dest/." "$dst" || return 1
+ rm -rf "$dest/viogpudo"
+ ;;
+ esac
+
+ if ! wimlib-imagex update "$file" "$index" --command "add $dest /$target" >/dev/null; then
+ return 1
+ fi
+
+ rm -rf "$drivers"
+ return 0
+}
+
updateImage() {
- local iso="$1"
- local dir="$2"
- local asset="/run/assets/$3"
- local path src loc index result
+ local dir="$1"
+ local asset="$2"
+ local language="$3"
+ local tmp="/tmp/install"
+ local file="autounattend.xml"
+ local org="${file//.xml/.org}"
+ local dat="${file//.xml/.dat}"
+ local desc path src wim xml index result
- [ ! -s "$asset" ] || [ ! -f "$asset" ] && return 0
+ skipVersion "${DETECTED,,}" && return 0
- path=$(find "$dir" -maxdepth 1 -type f -iname autounattend.xml | head -n 1)
- [ -n "$path" ] && cp "$asset" "$path"
+ if [ ! -s "$asset" ] || [ ! -f "$asset" ]; then
+ asset=""
+ if [[ "$MANUAL" != [Yy1]* ]]; then
+ MANUAL="Y"
+ warn "no answer file provided, $FB."
+ fi
+ fi
- src=$(find "$dir" -maxdepth 1 -type d -iname sources | head -n 1)
+ rm -rf "$tmp"
+ mkdir -p "$tmp"
+
+ src=$(find "$dir" -maxdepth 1 -type d -iname sources -print -quit)
if [ ! -d "$src" ]; then
- BOOT_MODE="windows_legacy"
- warn "failed to locate 'sources' folder in ISO image, $FB" && return 1
+ error "failed to locate 'sources' folder in ISO image, $FB" && return 1
fi
- loc=$(find "$src" -maxdepth 1 -type f -iname boot.wim | head -n 1)
- [ ! -f "$loc" ] && loc=$(find "$src" -maxdepth 1 -type f -iname boot.esd | head -n 1)
+ wim=$(find "$src" -maxdepth 1 -type f \( -iname boot.wim -or -iname boot.esd \) -print -quit)
- if [ ! -f "$loc" ]; then
- BOOT_MODE="windows_legacy"
- warn "failed to locate 'boot.wim' or 'boot.esd' in ISO image, $FB" && return 1
+ if [ ! -f "$wim" ]; then
+ error "failed to locate 'boot.wim' or 'boot.esd' in ISO image, $FB" && return 1
fi
- info "Adding XML file for automatic installation..."
-
index="1"
- result=$(wimlib-imagex info -xml "$loc" | tr -d '\000')
+ result=$(wimlib-imagex info -xml "$wim" | iconv -f UTF-16LE -t UTF-8)
if [[ "${result^^}" == *"<IMAGE INDEX=\"2\">"* ]]; then
index="2"
fi
- if ! wimlib-imagex update "$loc" "$index" --command "add $asset /autounattend.xml" > /dev/null; then
- warn "failed to add XML to ISO image, $FB" && return 1
+ if ! addDrivers "$src" "$tmp" "$wim" "$index" "$DETECTED"; then
+ error "Failed to add drivers to image!"
fi
+ if ! addFolder "$src"; then
+ error "Failed to add OEM folder to image!"
+ fi
+
+ if wimlib-imagex extract "$wim" "$index" "/$file" "--dest-dir=$tmp" >/dev/null 2>&1; then
+ if ! wimlib-imagex extract "$wim" "$index" "/$dat" "--dest-dir=$tmp" >/dev/null 2>&1; then
+ if ! wimlib-imagex extract "$wim" "$index" "/$org" "--dest-dir=$tmp" >/dev/null 2>&1; then
+ if ! wimlib-imagex update "$wim" "$index" --command "rename /$file /$org" > /dev/null; then
+ warn "failed to backup original answer file ($file)."
+ fi
+ fi
+ fi
+ fi
+
+ if [[ "$MANUAL" != [Yy1]* ]]; then
+
+ xml=$(basename "$asset")
+ info "Adding $xml for automatic installation..."
+
+ local answer="$tmp/$xml"
+ cp "$asset" "$answer"
+ updateXML "$answer" "$language"
+
+ if ! wimlib-imagex update "$wim" "$index" --command "add $answer /$file" > /dev/null; then
+ MANUAL="Y"
+ warn "failed to add answer file ($xml) to ISO image, $FB"
+ else
+ wimlib-imagex update "$wim" "$index" --command "add $answer /$dat" > /dev/null || true
+ fi
+
+ fi
+
+ if [[ "$MANUAL" == [Yy1]* ]]; then
+
+ wimlib-imagex update "$wim" "$index" --command "delete --force /$file" > /dev/null || true
+
+ if wimlib-imagex extract "$wim" "$index" "/$org" "--dest-dir=$tmp" >/dev/null 2>&1; then
+ if ! wimlib-imagex update "$wim" "$index" --command "add $tmp/$org /$file" > /dev/null; then
+ warn "failed to restore original answer file ($org)."
+ fi
+ fi
+
+ fi
+
+ local find="$file"
+ [[ "$MANUAL" == [Yy1]* ]] && find="$org"
+ path=$(find "$dir" -maxdepth 1 -type f -iname "$find" -print -quit)
+
+ if [ -f "$path" ]; then
+ if [[ "$MANUAL" != [Yy1]* ]]; then
+ mv -f "$path" "${path%.*}.org"
+ else
+ mv -f "$path" "${path%.*}.xml"
+ fi
+ fi
+
+ rm -rf "$tmp"
+ return 0
+}
+
+removeImage() {
+
+ local iso="$1"
+
+ [ ! -f "$iso" ] && return 0
+ [ -n "$CUSTOM" ] && return 0
+
+ rm -f "$iso" 2> /dev/null || warn "failed to remove $iso !"
+
return 0
}
buildImage() {
local dir="$1"
- local failed="N"
+ local failed=""
local cat="BOOT.CAT"
- local label="${BASE%.*}"
local log="/run/shm/iso.log"
- local size size_gb space space_gb desc
+ local base size size_gb space space_gb desc
- label="${label::30}"
- local out="$TMP/$label.tmp"
+ if [ -f "$BOOT" ]; then
+ error "File $BOOT does already exist?!" && return 1
+ fi
+
+ base=$(basename "$BOOT")
+ local out="$TMP/${base%.*}.tmp"
rm -f "$out"
desc=$(printVersion "$DETECTED" "ISO")
- local msg="Building $desc image..."
- info "$msg" && html "$msg"
+ local msg="Building $desc image"
+ info "$msg..." && html "$msg..."
+
+ [ -z "$LABEL" ] && LABEL="Windows"
+
+ if [ ! -f "$dir/$ETFS" ]; then
+ error "Failed to locate file \"$ETFS\" in ISO image!" && return 1
+ fi
size=$(du -h -b --max-depth=0 "$dir" | cut -f1)
- size_gb=$(( (size + 1073741823)/1073741824 ))
+ size_gb=$(formatBytes "$size")
space=$(df --output=avail -B 1 "$TMP" | tail -n 1)
- space_gb=$(( (space + 1073741823)/1073741824 ))
+ space_gb=$(formatBytes "$space")
if (( size > space )); then
- error "Not enough free space in $STORAGE, have $space_gb GB available but need at least $size_gb GB." && return 1
+ error "Not enough free space in $STORAGE, have $space_gb available but need at least $size_gb." && return 1
fi
+ /run/progress.sh "$out" "$size" "$msg ([P])..." &
+
if [[ "${BOOT_MODE,,}" != "windows_legacy" ]]; then
- if ! genisoimage -o "$out" -b "$ETFS" -no-emul-boot -c "$cat" -iso-level 4 -J -l -D -N -joliet-long -relaxed-filenames -V "$label" \
- -udf -boot-info-table -eltorito-alt-boot -eltorito-boot "$EFISYS" -no-emul-boot -allow-limited-size -quiet "$dir" 2> "$log"; then
- failed="Y"
- fi
+ genisoimage -o "$out" -b "$ETFS" -no-emul-boot -c "$cat" -iso-level 4 -J -l -D -N -joliet-long -relaxed-filenames -V "${LABEL::30}" \
+ -udf -boot-info-table -eltorito-alt-boot -eltorito-boot "$EFISYS" -no-emul-boot -allow-limited-size -quiet "$dir" 2> "$log" || failed="y"
else
- if [[ "${DETECTED,,}" != "winxp"* ]]; then
+ case "${DETECTED,,}" in
+ "win2k"* | "winxp"* | "win2003"* )
+ genisoimage -o "$out" -b "$ETFS" -no-emul-boot -boot-load-seg 1984 -boot-load-size 4 -c "$cat" -iso-level 2 -J -l -D -N -joliet-long \
+ -relaxed-filenames -V "${LABEL::30}" -quiet "$dir" 2> "$log" || failed="y" ;;
+ "win9"* )
+ genisoimage -o "$out" -b "$ETFS" -J -r -V "${LABEL::30}" -quiet "$dir" 2> "$log" || failed="y" ;;
+ * )
+ genisoimage -o "$out" -b "$ETFS" -no-emul-boot -c "$cat" -iso-level 2 -J -l -D -N -joliet-long -relaxed-filenames -V "${LABEL::30}" \
+ -udf -allow-limited-size -quiet "$dir" 2> "$log" || failed="y" ;;
+ esac
- if ! genisoimage -o "$out" -b "$ETFS" -no-emul-boot -c "$cat" -iso-level 2 -J -l -D -N -joliet-long -relaxed-filenames -V "$label" \
- -udf -allow-limited-size -quiet "$dir" 2> "$log"; then
- failed="Y"
- fi
-
- else
-
- if ! genisoimage -o "$out" -b "$ETFS" -no-emul-boot -boot-load-seg 1984 -boot-load-size 4 -c "$cat" -iso-level 2 -J -l -D -N -joliet-long \
- -relaxed-filenames -V "$label" -quiet "$dir" 2> "$log"; then
- failed="Y"
- fi
-
- fi
fi
- if [[ "$failed" != "N" ]]; then
+ fKill "progress.sh"
+
+ if [ -n "$failed" ]; then
[ -s "$log" ] && echo "$(<"$log")"
error "Failed to build image!" && return 1
fi
@@ -1141,101 +1223,112 @@ buildImage() {
[ -s "$log" ] && error="$(<"$log")"
[[ "$error" != "$hide" ]] && echo "$error"
- if [ -f "$STORAGE/$BASE" ]; then
- error "File $STORAGE/$BASE does already exist?!" && return 1
- fi
+ mv -f "$out" "$BOOT" || return 1
+ ! setOwner "$BOOT" && error "Failed to set the owner for \"$BOOT\" !"
- mv "$out" "$STORAGE/$BASE"
return 0
}
bootWindows() {
- if [ -f "$STORAGE/windows.old" ]; then
- MACHINE=$(<"$STORAGE/windows.old")
- [ -z "$MACHINE" ] && MACHINE="q35"
- BOOT_MODE="windows_legacy"
- rm -rf "$TMP"
- return 0
+ if [ -f "$STORAGE/windows.args" ]; then
+ ARGS=$(<"$STORAGE/windows.args")
+ ARGS="${ARGS//[![:print:]]/}"
+ ARGUMENTS="$ARGS ${ARGUMENTS:-}"
+ fi
+
+ if [ -s "$STORAGE/windows.vga" ] && [ -f "$STORAGE/windows.vga" ]; then
+ if [ -z "${VGA:-}" ]; then
+ VGA=$(<"$STORAGE/windows.vga")
+ VGA="${VGA//[![:print:]]/}"
+ fi
+ fi
+
+ if [ -s "$STORAGE/windows.usb" ] && [ -f "$STORAGE/windows.usb" ]; then
+ if [ -z "${USB:-}" ]; then
+ USB=$(<"$STORAGE/windows.usb")
+ USB="${USB//[![:print:]]/}"
+ fi
+ fi
+
+ if [ -s "$STORAGE/windows.net" ] && [ -f "$STORAGE/windows.net" ]; then
+ if [ -z "${ADAPTER:-}" ]; then
+ ADAPTER=$(<"$STORAGE/windows.net")
+ ADAPTER="${ADAPTER//[![:print:]]/}"
+ fi
+ fi
+
+ if [ -s "$STORAGE/windows.type" ] && [ -f "$STORAGE/windows.type" ]; then
+ if [ -z "${DISK_TYPE:-}" ]; then
+ DISK_TYPE=$(<"$STORAGE/windows.type")
+ DISK_TYPE="${DISK_TYPE//[![:print:]]/}"
+ fi
fi
if [ -s "$STORAGE/windows.mode" ] && [ -f "$STORAGE/windows.mode" ]; then
BOOT_MODE=$(<"$STORAGE/windows.mode")
- rm -rf "$TMP"
- return 0
+ BOOT_MODE="${BOOT_MODE//[![:print:]]/}"
fi
- local creation="1.10"
- local minimal="2.14"
-
- if [ -f "$STORAGE/windows.ver" ]; then
- creation=$(<"$STORAGE/windows.ver")
- [[ "${creation}" != *"."* ]] && creation="$minimal"
- fi
-
- # Force secure boot on installs created prior to v2.14
- if (( $(echo "$creation < $minimal" | bc -l) )); then
- if [[ "${BOOT_MODE,,}" == "windows" ]]; then
- BOOT_MODE="windows_secure"
- echo "$BOOT_MODE" > "$STORAGE/windows.mode"
- if [ -f "$STORAGE/windows.rom" ] && [ ! -f "$STORAGE/$BOOT_MODE.rom" ]; then
- mv "$STORAGE/windows.rom" "$STORAGE/$BOOT_MODE.rom"
- fi
- if [ -f "$STORAGE/windows.vars" ] && [ ! -f "$STORAGE/$BOOT_MODE.vars" ]; then
- mv "$STORAGE/windows.vars" "$STORAGE/$BOOT_MODE.vars"
- fi
+ if [ -s "$STORAGE/windows.old" ] && [ -f "$STORAGE/windows.old" ]; then
+ if [[ "${PLATFORM,,}" == "x64" ]]; then
+ MACHINE=$(<"$STORAGE/windows.old")
+ MACHINE="${MACHINE//[![:print:]]/}"
fi
fi
- rm -rf "$TMP"
return 0
}
######################################
+! parseVersion && exit 58
+! parseLanguage && exit 56
+! detectCustom && exit 59
+
if ! startInstall; then
bootWindows && return 0
exit 68
fi
if [ ! -s "$ISO" ] || [ ! -f "$ISO" ]; then
- if ! downloadImage "$ISO" "$VERSION"; then
- rm -f "$ISO"
+ if ! downloadImage "$ISO" "$VERSION" "$LANGUAGE"; then
+ rm -f "$ISO" 2> /dev/null || true
exit 61
fi
fi
-if ! extractImage "$ISO" "$DIR"; then
- rm -f "$ISO"
+DIR="$TMP/unpack"
+
+if ! extractImage "$ISO" "$DIR" "$VERSION"; then
+ rm -f "$ISO" 2> /dev/null || true
exit 62
fi
-if ! detectImage "$DIR"; then
- abortInstall "$ISO" && return 0
+if ! detectImage "$DIR" "$VERSION"; then
+ abortInstall "$DIR" "$ISO" && return 0
exit 60
fi
if ! prepareImage "$ISO" "$DIR"; then
- abortInstall "$ISO" && return 0
- exit 60
+ abortInstall "$DIR" "$ISO" && return 0
+ exit 66
fi
-if ! updateImage "$ISO" "$DIR" "$XML"; then
- abortInstall "$ISO" && return 0
- exit 60
+if ! updateImage "$DIR" "$XML" "$LANGUAGE"; then
+ abortInstall "$DIR" "$ISO" && return 0
+ exit 63
fi
-if ! rm -f "$ISO" 2> /dev/null; then
- BASE="windows.iso"
- ISO="$STORAGE/$BASE"
- rm -f "$ISO"
+if ! removeImage "$ISO"; then
+ exit 64
fi
if ! buildImage "$DIR"; then
exit 65
fi
-if ! finishInstall "$STORAGE/$BASE" "N"; then
+if ! finishInstall "$BOOT" "N"; then
exit 69
fi
diff --git a/src/mido.sh b/src/mido.sh
index 642c7e9..369fc17 100644
--- a/src/mido.sh
+++ b/src/mido.sh
@@ -1,766 +1,834 @@
-#!/bin/sh
-
-# Copyright (C) 2024 Elliot Killick <contact@elliotkillick.com>
-# Licensed under the MIT License. See LICENSE file for details.
-
-[ "$DEBUG" ] && set -x
-
-# Prefer Dash shell for greater security if available
-if [ "$BASH" ] && command -v dash > /dev/null; then
- exec dash "$0" "$@"
-fi
-
-# Test for 4-bit color (16 colors)
-# Operand "colors" is undefined by POSIX
-# If the operand doesn't exist, the terminal probably doesn't support color and the program will continue normally without it
-if [ "0$(tput colors 2> /dev/null)" -ge 16 ]; then
- RED='\033[0;31m'
- BLUE='\033[0;34m'
- GREEN='\033[0;32m'
- NC='\033[0m'
-fi
-
-# Avoid printing messages as potential terminal escape sequences
-echo_ok() { printf "%b%s%b" "${GREEN}[+]${NC} " "$1" "\n" >&2; }
-echo_info() { printf "%b%s%b" "${BLUE}[i]${NC} " "$1" "\n" >&2; }
-echo_err() { printf "%b%s%b" "${RED}[!]${NC} " "$1" "\n" >&2; }
-
-# https://pubs.opengroup.org/onlinepubs/9699919799/utilities/fold.html
-format() { fold -s; }
-
-word_count() { echo $#; }
-
-usage() {
- echo "Mido - The Secure Microsoft Windows Downloader"
- echo ""
- echo "Usage: $0 <windows_media>..."
- echo ""
- echo "Download specified list of Windows media."
- echo ""
- echo "Specify \"all\", or one or more of the following Windows media:"
- echo " win7x64-ultimate"
- echo " win81x64"
- echo " win10x64"
- echo " win11x64"
- echo " win81x64-enterprise-eval"
- echo " win10x64-enterprise-eval"
- echo " win11x64-enterprise-eval"
- echo " win10x64-enterprise-ltsc-eval (most secure)"
- echo " win2008r2"
- echo " win2012r2-eval"
- echo " win2016-eval"
- echo " win2019-eval"
- echo " win2022-eval"
- echo ""
- echo "Each ISO download takes between 3 - 7 GiBs (average: 5 GiBs)."
- echo ""
- echo "Updates"
- echo "-------"
- echo "All the downloads provided here are the most up-to-date releases that Microsoft provides. This is ensured by programmatically checking Microsoft's official download pages to get the latest download link. In other cases, the Windows version in question is no longer supported by Microsoft meaning a direct download link (stored in Mido) will always point to the most up-to-date release." | format
- echo ""
- echo "Remember to update Windows to the latest patch level after installation."
- echo ""
- echo "Overuse"
- echo "-------"
- echo "Newer consumer versions of Windows including win81x64, win10x64, and win11x64 are downloaded through Microsoft's gated download web interface. Do not overuse this interface. Microsoft may be quick to do ~24 hour IP address bans after only a few download requests (especially if they are done in quick succession). Being temporarily banned from one of these downloads (e.g. win11x64) doesn't cause you to be banned from any of the other downloads provided through this interface." | format
- echo ""
- echo "Privacy Preserving Technologies"
- echo "-------------------------------"
- echo "The aforementioned Microsoft gated download web interface is currently blocking Tor (and similar technologies). They say this is to prevent people in restricted regions from downloading certain Windows media they shouldn't have access to. This is fine by most standards because Tor is too slow for large downloads anyway and we have checksum verification for security." | format
- echo ""
- echo "Language"
- echo "--------"
- echo "All the downloads provided here are for English (United States). This helps to great simplify maintenance and minimize the user's fingerprint. If another language is desired then that can easily be configured in Windows once it's installed." | format
- echo ""
- echo "Architecture"
- echo "------------"
- echo "All the downloads provided here are for x86-64 (x64). This is the only architecture Microsoft ships Windows Server in.$([ -d /run/qubes ] && echo ' Also, the only architecture Qubes OS supports.')" | format
-}
-
-# Media naming scheme info:
-# Windows Server has no architecture because Microsoft only supports amd64 for this version of Windows (the last version to support x86 was Windows Server 2008 without the R2)
-# "eval" is short for "evaluation", it's simply the license type included with the Windows installation (only exists on enterprise/server) and must be specified in the associated answer file
-# "win7x64" has the "ultimate" edition appended to it because it isn't "multi-edition" like the other Windows ISOs (for multi-edition ISOs the edition is specified in the associated answer file)
-
-readonly win7x64_ultimate="win7x64-ultimate.iso"
-readonly win81x64="win81x64.iso"
-readonly win10x64="win10x64.iso"
-readonly win11x64="win11x64.iso"
-readonly win81x64_enterprise_eval="win81x64-enterprise-eval.iso"
-readonly win10x64_enterprise_eval="win10x64-enterprise-eval.iso"
-readonly win11x64_enterprise_eval="win11x64-enterprise-eval.iso"
-readonly win10x64_enterprise_ltsc_eval="win10x64-enterprise-ltsc-eval.iso"
-readonly win2008r2="win2008r2.iso"
-readonly win2012r2_eval="win2012r2-eval.iso"
-readonly win2016_eval="win2016-eval.iso"
-readonly win2019_eval="win2019-eval.iso"
-readonly win2022_eval="win2022-eval.iso"
-
-parse_args() {
- for arg in "$@"; do
- if [ "$arg" = "-h" ] || [ "$arg" = "--help" ]; then
- usage
- exit
- fi
- done
-
- if [ $# -lt 1 ]; then
- usage >&2
- exit 1
- fi
-
- # Append to media_list so media is downloaded in the order they're passed in
- for arg in "$@"; do
- case "$arg" in
- win7x64-ultimate)
- media_list="$media_list $win7x64_ultimate"
- ;;
- win81x64)
- media_list="$media_list $win81x64"
- ;;
- win10x64)
- media_list="$media_list $win10x64"
- ;;
- win11x64)
- media_list="$media_list $win11x64"
- ;;
- win81x64-enterprise-eval)
- media_list="$media_list $win81x64_enterprise_eval"
- ;;
- win10x64-enterprise-eval)
- media_list="$media_list $win10x64_enterprise_eval"
- ;;
- win11x64-enterprise-eval)
- media_list="$media_list $win11x64_enterprise_eval"
- ;;
- win10x64-enterprise-ltsc-eval)
- media_list="$media_list $win10x64_enterprise_ltsc_eval"
- ;;
- win2008r2)
- media_list="$media_list $win2008r2"
- ;;
- win2012r2-eval)
- media_list="$media_list $win2012r2_eval"
- ;;
- win2016-eval)
- media_list="$media_list $win2016_eval"
- ;;
- win2019-eval)
- media_list="$media_list $win2019_eval"
- ;;
- win2022-eval)
- media_list="$media_list $win2022_eval"
- ;;
- all)
- media_list="$win7x64_ultimate $win81x64 $win10x64 $win11x64 $win81x64_enterprise_eval $win10x64_enterprise_eval $win11x64_enterprise_eval $win10x64_enterprise_ltsc_eval $win2008r2 $win2012r2_eval $win2016_eval $win2019_eval $win2022_eval"
- break
- ;;
- *)
- echo_err "Invalid Windows media specified: $arg"
- exit 1
- ;;
- esac
- done
-}
+#!/usr/bin/env bash
+set -Eeuo pipefail
handle_curl_error() {
- error_code="$1"
- fatal_error_action=2
+ local error_code="$1"
+ local server_name="$2"
- case "$error_code" in
- 6)
- echo_err "Failed to resolve Microsoft servers! Is there an Internet connection? Exiting..."
- return "$fatal_error_action"
- ;;
- 7)
- echo_err "Failed to contact Microsoft servers! Is there an Internet connection or is the server down?"
- ;;
- 8)
- echo_err "Microsoft servers returned a malformed HTTP response!"
- ;;
- 22)
- echo_err "Microsoft servers returned a failing HTTP status code!"
- ;;
- 23)
- echo_err "Failed at writing Windows media to disk! Out of disk space or permission error? Exiting..."
- return "$fatal_error_action"
- ;;
- 26)
- echo_err "Ran out of memory during download! Exiting..."
- return "$fatal_error_action"
- ;;
- 36)
- echo_err "Failed to continue earlier download!"
- ;;
- 63)
- echo_err "Microsoft servers returned an unexpectedly large response!"
- ;;
- # POSIX defines exit statuses 1-125 as usable by us
- # https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_08_02
- $((error_code <= 125)))
- # Must be some other server or network error (possibly with this specific request/file)
- # This is when accounting for all possible errors in the curl manual assuming a correctly formed curl command and an HTTP(S) request, using only the curl features we're using, and a sane build
- echo_err "Miscellaneous server or network error!"
- ;;
- 126 | 127)
- echo_err "Curl command not found! Please install curl and try again. Exiting..."
- return "$fatal_error_action"
- ;;
- # Exit statuses are undefined by POSIX beyond this point
- *)
- case "$(kill -l "$error_code")" in
- # Signals defined to exist by POSIX:
- # https://pubs.opengroup.org/onlinepubs/009695399/basedefs/signal.h.html
- INT)
- echo_err "Curl was interrupted!"
- ;;
- # There could be other signals but these are most common
- SEGV | ABRT)
- echo_err "Curl crashed! Failed exploitation attempt? Please report any core dumps to curl developers. Exiting..."
- return "$fatal_error_action"
- ;;
- *)
- echo_err "Curl terminated due to a fatal signal!"
- ;;
- esac
- esac
+ case "$error_code" in
+ 1) error "Unsupported protocol!" ;;
+ 2) error "Failed to initialize curl!" ;;
+ 3) error "The URL format is malformed!" ;;
+ 5) error "Failed to resolve address of proxy host!" ;;
+ 6) error "Failed to resolve $server_name servers! Is there an Internet connection?" ;;
+ 7) error "Failed to contact $server_name servers! Is there an Internet connection or is the server down?" ;;
+ 8) error "$server_name servers returned a malformed HTTP response!" ;;
+ 16) error "A problem was detected in the HTTP2 framing layer!" ;;
+ 22) error "$server_name servers returned a failing HTTP status code!" ;;
+ 23) error "Failed at writing Windows media to disk! Out of disk space or permission error?" ;;
+ 26) error "Failed to read Windows media from disk!" ;;
+ 27) error "Ran out of memory during download!" ;;
+ 28) error "Connection timed out to $server_name server!" ;;
+ 35) error "SSL connection error from $server_name server!" ;;
+ 36) error "Failed to continue earlier download!" ;;
+ 52) error "Received no data from the $server_name server!" ;;
+ 63) error "$server_name servers returned an unexpectedly large response!" ;;
+ # POSIX defines exit statuses 1-125 as usable by us
+ # https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_08_02
+ $((error_code <= 125)))
+ # Must be some other server or network error (possibly with this specific request/file)
+ # This is when accounting for all possible errors in the curl manual assuming a correctly formed curl command and an HTTP(S) request, using only the curl features we're using, and a sane build
+ error "Miscellaneous server or network error, reason: $error_code"
+ ;;
+ 126 | 127 ) error "Curl command not found!" ;;
+ # Exit statuses are undefined by POSIX beyond this point
+ *)
+ case "$(kill -l "$error_code")" in
+ # Signals defined to exist by POSIX:
+ # https://pubs.opengroup.org/onlinepubs/009695399/basedefs/signal.h.html
+ INT) error "Curl was interrupted!" ;;
+ # There could be other signals but these are most common
+ SEGV | ABRT ) error "Curl crashed! Please report any core dumps to curl developers." ;;
+ *) error "Curl terminated due to fatal signal $error_code !" ;;
+ esac
+ esac
+
+ return 1
+}
+
+get_agent() {
+
+ local user_agent
+
+ # Determine approximate latest Firefox release
+ browser_version="$((124 + ($(date +%s) - 1710892800) / 2419200))"
+ echo "Mozilla/5.0 (X11; Linux x86_64; rv:${browser_version}.0) Gecko/20100101 Firefox/${browser_version}.0"
+
+ return 0
+}
+
+download_windows() {
+
+ local id="$1"
+ local lang="$2"
+ local desc="$3"
+ local sku_id=""
+ local sku_url=""
+ local iso_url=""
+ local iso_json=""
+ local language=""
+ local session_id=""
+ local user_agent=""
+ local download_type=""
+ local windows_version=""
+ local iso_download_link=""
+ local download_page_html=""
+ local product_edition_id=""
+ local language_skuid_json=""
+ local profile="606624d44113"
+
+ user_agent=$(get_agent)
+ language=$(getLanguage "$lang" "name")
+
+ case "${id,,}" in
+ "win11x64" ) windows_version="11" && download_type="1" ;;
+ "win10x64" ) windows_version="10" && download_type="1" ;;
+ "win11arm64" ) windows_version="11arm64" && download_type="2" ;;
+ * ) error "Invalid VERSION specified, value \"$id\" is not recognized!" && return 1 ;;
+ esac
+
+ local url="https://www.microsoft.com/en-us/software-download/windows$windows_version"
+ [[ "${id,,}" == "win10"* ]] && url+="ISO"
+
+ # uuidgen: For MacOS (installed by default) and other systems (e.g. with no /proc) that don't have a kernel interface for generating random UUIDs
+ session_id=$(cat /proc/sys/kernel/random/uuid 2> /dev/null || uuidgen --random)
+ session_id="${session_id//[![:print:]]/}"
+
+ # Get product edition ID for latest release of given Windows version
+ # Product edition ID: This specifies both the Windows release (e.g. 22H2) and edition ("multi-edition" is default, either Home/Pro/Edu/etc., we select "Pro" in the answer files) in one number
+ # This is the *only* request we make that Fido doesn't. Fido manually maintains a list of all the Windows release/edition product edition IDs in its script (see: $WindowsVersions array). This is helpful for downloading older releases (e.g. Windows 10 1909, 21H1, etc.) but we always want to get the newest release which is why we get this value dynamically
+ # Also, keeping a "$WindowsVersions" array like Fido does would be way too much of a maintenance burden
+ # Remove "Accept" header that curl sends by default
+ [[ "$DEBUG" == [Yy1]* ]] && echo "Parsing download page: ${url}"
+ download_page_html=$(curl --silent --max-time 30 --user-agent "$user_agent" --header "Accept:" --max-filesize 1M --fail --proto =https --tlsv1.2 --http1.1 -- "$url") || {
+ handle_curl_error "$?" "Microsoft"
+ return $?
+ }
+
+ [[ "$DEBUG" == [Yy1]* ]] && echo -n "Getting Product edition ID: "
+ product_edition_id=$(echo "$download_page_html" | grep -Eo '<option value="[0-9]+">Windows' | cut -d '"' -f 2 | head -n 1 | tr -cd '0-9' | head -c 16)
+ [[ "$DEBUG" == [Yy1]* ]] && echo "$product_edition_id"
+
+ if [ -z "$product_edition_id" ]; then
+ error "Product edition ID not found!"
+ return 1
+ fi
+
+ [[ "$DEBUG" == [Yy1]* ]] && echo "Permit Session ID: $session_id"
+ # Permit Session ID
+ curl --silent --max-time 30 --output /dev/null --user-agent "$user_agent" --header "Accept:" --max-filesize 100K --fail --proto =https --tlsv1.2 --http1.1 -- "https://vlscppe.microsoft.com/tags?org_id=y6jn8c31&session_id=$session_id" || {
+ # This should only happen if there's been some change to how this API works
+ handle_curl_error "$?" "Microsoft"
+ return $?
+ }
+
+ [[ "$DEBUG" == [Yy1]* ]] && echo -n "Getting language SKU ID: "
+ sku_url="https://www.microsoft.com/software-download-connector/api/getskuinformationbyproductedition?profile=$profile&ProductEditionId=$product_edition_id&SKU=undefined&friendlyFileName=undefined&Locale=en-US&sessionID=$session_id"
+ language_skuid_json=$(curl --silent --max-time 30 --request GET --user-agent "$user_agent" --referer "$url" --header "Accept:" --max-filesize 100K --fail --proto =https --tlsv1.2 --http1.1 -- "$sku_url") || {
+ handle_curl_error "$?" "Microsoft"
+ return $?
+ }
+
+ { sku_id=$(echo "$language_skuid_json" | jq --arg LANG "$language" -r '.Skus[] | select(.Language==$LANG).Id') 2>/dev/null; rc=$?; } || :
+
+ if [ -z "$sku_id" ] || [[ "${sku_id,,}" == "null" ]] || (( rc != 0 )); then
+ language=$(getLanguage "$lang" "desc")
+ error "No download in the $language language available for $desc!"
+ return 1
+ fi
+
+ [[ "$DEBUG" == [Yy1]* ]] && echo "$sku_id"
+ [[ "$DEBUG" == [Yy1]* ]] && echo "Getting ISO download link..."
+
+ # Get ISO download link
+ # If any request is going to be blocked by Microsoft it's always this last one (the previous requests always seem to succeed)
+
+ iso_url="https://www.microsoft.com/software-download-connector/api/GetProductDownloadLinksBySku?profile=$profile&ProductEditionId=undefined&SKU=$sku_id&friendlyFileName=undefined&Locale=en-US&sessionID=$session_id"
+ iso_json=$(curl --silent --max-time 30 --request GET --user-agent "$user_agent" --referer "$url" --header "Accept:" --max-filesize 100K --fail --proto =https --tlsv1.2 --http1.1 -- "$iso_url")
+
+ if ! [ "$iso_json" ]; then
+ # This should only happen if there's been some change to how this API works
+ error "Microsoft servers gave us an empty response to our request for an automated download."
+ return 1
+ fi
+
+ if echo "$iso_json" | grep -q "Sentinel marked this request as rejected."; then
+ error "Microsoft blocked the automated download request based on your IP address."
+ return 1
+ fi
+
+ if echo "$iso_json" | grep -q "We are unable to complete your request at this time."; then
+ error "Microsoft blocked the automated download request based on your IP address."
+ return 1
+ fi
+
+ { iso_download_link=$(echo "$iso_json" | jq --argjson TYPE "$download_type" -r '.ProductDownloadOptions[] | select(.DownloadType==$TYPE).Uri') 2>/dev/null; rc=$?; } || :
+
+ if [ -z "$iso_download_link" ] || [[ "${iso_download_link,,}" == "null" ]] || (( rc != 0 )); then
+ error "Microsoft servers gave us no download link to our request for an automated download!"
+ info "Response: $iso_json"
+ return 1
+ fi
+
+ MIDO_URL="$iso_download_link"
+ return 0
+}
+
+download_windows_eval() {
+
+ local id="$1"
+ local lang="$2"
+ local desc="$3"
+ local filter=""
+ local culture=""
+ local compare=""
+ local language=""
+ local user_agent=""
+ local enterprise_type=""
+ local windows_version=""
+
+ case "${id,,}" in
+ "win11${PLATFORM,,}-enterprise-eval" )
+ enterprise_type="enterprise"
+ windows_version="windows-11-enterprise" ;;
+ "win11${PLATFORM,,}-enterprise-iot-eval" )
+ enterprise_type="iot"
+ windows_version="windows-11-iot-enterprise-ltsc-eval" ;;
+ "win11${PLATFORM,,}-enterprise-ltsc-eval" )
+ enterprise_type="iot"
+ windows_version="windows-11-iot-enterprise-ltsc-eval" ;;
+ "win10${PLATFORM,,}-enterprise-eval" )
+ enterprise_type="enterprise"
+ windows_version="windows-10-enterprise" ;;
+ "win10${PLATFORM,,}-enterprise-ltsc-eval" )
+ enterprise_type="ltsc"
+ windows_version="windows-10-enterprise" ;;
+ "win2025-eval" )
+ enterprise_type="server"
+ windows_version="windows-server-2025" ;;
+ "win2022-eval" )
+ enterprise_type="server"
+ windows_version="windows-server-2022" ;;
+ "win2019-hv" )
+ enterprise_type="server"
+ windows_version="hyper-v-server-2019" ;;
+ "win2019-eval" )
+ enterprise_type="server"
+ windows_version="windows-server-2019" ;;
+ "win2016-eval" )
+ enterprise_type="server"
+ windows_version="windows-server-2016" ;;
+ "win2012r2-eval" )
+ enterprise_type="server"
+ windows_version="windows-server-2012-r2" ;;
+ * )
+ error "Invalid VERSION specified, value \"$id\" is not recognized!" && return 1 ;;
+ esac
+
+ user_agent=$(get_agent)
+ culture=$(getLanguage "$lang" "culture")
+
+ local country="${culture#*-}"
+ local iso_download_page_html=""
+ local url="https://www.microsoft.com/en-us/evalcenter/download-$windows_version"
+
+ [[ "$DEBUG" == [Yy1]* ]] && echo "Parsing download page: ${url}"
+ iso_download_page_html=$(curl --silent --max-time 30 --user-agent "$user_agent" --location --max-filesize 1M --fail --proto =https --tlsv1.2 --http1.1 -- "$url") || {
+ handle_curl_error "$?" "Microsoft"
+ return $?
+ }
+
+ if ! [ "$iso_download_page_html" ]; then
+ # This should only happen if there's been some change to where this download page is located
+ error "Windows server download page gave us an empty response"
+ return 1
+ fi
+
+ [[ "$DEBUG" == [Yy1]* ]] && echo "Getting download link.."
+
+ filter="https://go.microsoft.com/fwlink/?linkid=[0-9]\+&clcid=0x[0-9a-z]\+&culture=${culture,,}&country=${country,,}"
+
+ if ! echo "$iso_download_page_html" | grep -io "$filter" > /dev/null; then
+ filter="https://go.microsoft.com/fwlink/p/?linkid=[0-9]\+&clcid=0x[0-9a-z]\+&culture=${culture,,}&country=${country,,}"
+ fi
+
+ iso_download_links=$(echo "$iso_download_page_html" | grep -io "$filter") || {
+ # This should only happen if there's been some change to the download endpoint web address
+ if [[ "${lang,,}" == "en" || "${lang,,}" == "en-"* ]]; then
+ error "Windows server download page gave us no download link!"
+ else
+ language=$(getLanguage "$lang" "desc")
+ error "No download in the $language language available for $desc!"
+ fi
+ return 1
+ }
+
+ case "$enterprise_type" in
+ "iot" | "ltsc" )
+ case "${PLATFORM,,}" in
+ "x64" )
+ if [[ "$windows_version" != "windows-10"* ]]; then
+ iso_download_link=$(echo "$iso_download_links" | head -n 1)
+ else
+ iso_download_link=$(echo "$iso_download_links" | head -n 4 | tail -n 1)
+ fi ;;
+ "arm64" )
+ iso_download_link=$(echo "$iso_download_links" | head -n 2 | tail -n 1) ;;
+ esac ;;
+ "enterprise" )
+ case "${PLATFORM,,}" in
+ "x64" )
+ if [[ "$windows_version" != "windows-10"* ]]; then
+ iso_download_link=$(echo "$iso_download_links" | head -n 1)
+ else
+ iso_download_link=$(echo "$iso_download_links" | head -n 2 | tail -n 1)
+ fi ;;
+ "arm64" )
+ iso_download_link=$(echo "$iso_download_links" | head -n 2 | tail -n 1) ;;
+ esac ;;
+ "server" )
+ case "${PLATFORM,,}" in
+ "x64" )
+ iso_download_link=$(echo "$iso_download_links" | head -n 1) ;;
+ esac ;;
+ * )
+ error "Invalid type specified, value \"$enterprise_type\" is not recognized!" && return 1 ;;
+ esac
+
+ [ -z "$iso_download_link" ] && error "Could not parse download link from page!" && return 1
+
+ # Follow redirect so proceeding log message is useful
+ # This is a request we make that Fido doesn't
+
+ iso_download_link=$(curl --silent --max-time 30 --user-agent "$user_agent" --location --output /dev/null --silent --write-out "%{url_effective}" --head --fail --proto =https --tlsv1.2 --http1.1 -- "$iso_download_link") || {
+ # This should only happen if the Microsoft servers are down
+ handle_curl_error "$?" "Microsoft"
+ return $?
+ }
+
+ case "${PLATFORM,,}" in
+ "x64" )
+ if [[ "${iso_download_link,,}" != *"x64"* ]]; then
+ echo "Found download link: $iso_download_link"
+ error "Download link is for the wrong platform? Please report this at $SUPPORT/issues"
+ return 1
+ fi ;;
+ "arm64" )
+ if [[ "${iso_download_link,,}" != *"a64"* && "${iso_download_link,,}" != *"arm64"* ]]; then
+ if [[ "$DEBUG" == [Yy1]* ]]; then
+ echo "Found download link: $iso_download_link"
+ echo "Link for ARM platform currently not available!"
+ fi
+ return 1
+ fi ;;
+ esac
+
+ if [[ "$DEBUG" == [Yy1]* && "$VERIFY" == [Yy1]* && "${lang,,}" == "en"* ]]; then
+ compare=$(getMido "$id" "$lang" "")
+ if [[ "${iso_download_link,,}" != "${compare,,}" ]]; then
+ echo "Retrieved link does not match the fixed link: $compare"
+ fi
+ fi
+
+ MIDO_URL="$iso_download_link"
+ return 0
+}
+
+getWindows() {
+
+ local version="$1"
+ local lang="$2"
+ local desc="$3"
+
+ local language edition
+ language=$(getLanguage "$lang" "desc")
+ edition=$(printEdition "$version" "$desc")
+
+ local msg="Requesting $desc from the Microsoft servers..."
+ info "$msg" && html "$msg"
+
+ case "${version,,}" in
+ "win2008r2" | "win81${PLATFORM,,}"* | "win11${PLATFORM,,}-enterprise-iot"* | "win11${PLATFORM,,}-enterprise-ltsc"* )
+ if [[ "${lang,,}" != "en" && "${lang,,}" != "en-"* ]]; then
+ error "No download in the $language language available for $edition!"
+ MIDO_URL="" && return 1
+ fi ;;
+ esac
+
+ case "${version,,}" in
+ "win11${PLATFORM,,}" ) ;;
+ "win11${PLATFORM,,}-enterprise"* ) ;;
+ * )
+ if [[ "${PLATFORM,,}" != "x64" ]]; then
+ error "No download for the ${PLATFORM^^} platform available for $edition!"
+ MIDO_URL="" && return 1
+ fi ;;
+ esac
+
+ case "${version,,}" in
+ "win10${PLATFORM,,}" | "win11${PLATFORM,,}" )
+ download_windows "$version" "$lang" "$edition" && return 0
+ ;;
+ "win11${PLATFORM,,}-enterprise"* | "win10${PLATFORM,,}-enterprise"* )
+ download_windows_eval "$version" "$lang" "$edition" && return 0
+ ;;
+ "win2025-eval" | "win2022-eval" | "win2019-eval" | "win2019-hv" | "win2016-eval" | "win2012r2-eval" )
+ download_windows_eval "$version" "$lang" "$edition" && return 0
+ ;;
+ "win81${PLATFORM,,}-enterprise"* | "win2008r2" )
+ ;;
+ * ) error "Invalid VERSION specified, value \"$version\" is not recognized!" ;;
+ esac
+
+ MIDO_URL=$(getMido "$version" "$lang" "")
+ [ -z "$MIDO_URL" ] && return 1
+
+ return 0
+}
+
+getBuild() {
+
+ local id="$1"
+ local ret="$2"
+ local url=""
+ local name=""
+ local build="$3"
+ local edition=""
+ local file="catalog.xml"
+
+ case "${id,,}" in
+ "win11${PLATFORM,,}" )
+ name="Windows 11 Pro"
+ url="https://worproject.com/dldserv/esd/getcatalog.php?build=${build}&arch=${PLATFORM^^}&edition=Professional" ;;
+ "win11${PLATFORM,,}-enterprise" | "win11${PLATFORM,,}-enterprise-eval")
+ name="Windows 11 Enterprise"
+ url="https://worproject.com/dldserv/esd/getcatalog.php?build=${build}&arch=${PLATFORM^^}&edition=Enterprise" ;;
+ esac
+
+ case "${ret,,}" in
+ "url" ) echo "$url" ;;
+ "file" ) echo "$file" ;;
+ "name" ) echo "$name" ;;
+ "edition" ) echo "$edition" ;;
+ *) echo "";;
+ esac
+
+ return 0
+}
+
+getCatalog() {
+
+ local id="$1"
+ local ret="$2"
+ local url=""
+ local name=""
+ local edition=""
+ local file="catalog.cab"
+
+ if [[ "${id,,}" == "win11"* ]] && ! isCompatible; then
+ # ARMv8.0 cannot run Windows 11 builds 24H2 and up.
+ getBuild "$1" "$2" "22631.2861" && return 0
+ fi
+
+ case "${id,,}" in
+ "win11${PLATFORM,,}" )
+ edition="Professional"
+ name="Windows 11 Pro"
+ url="https://go.microsoft.com/fwlink?linkid=2156292" ;;
+ "win10${PLATFORM,,}" )
+ edition="Professional"
+ name="Windows 10 Pro"
+ url="https://go.microsoft.com/fwlink/?LinkId=841361" ;;
+ "win11${PLATFORM,,}-enterprise" | "win11${PLATFORM,,}-enterprise-eval")
+ edition="Enterprise"
+ name="Windows 11 Enterprise"
+ url="https://go.microsoft.com/fwlink?linkid=2156292" ;;
+ "win10${PLATFORM,,}-enterprise" | "win10${PLATFORM,,}-enterprise-eval" )
+ edition="Enterprise"
+ name="Windows 10 Enterprise"
+ url="https://go.microsoft.com/fwlink/?LinkId=841361" ;;
+ esac
+
+ case "${ret,,}" in
+ "url" ) echo "$url" ;;
+ "file" ) echo "$file" ;;
+ "name" ) echo "$name" ;;
+ "edition" ) echo '[Edition="'"${edition}"'"]' ;;
+ *) echo "";;
+ esac
+
+ return 0
+}
+
+getESD() {
+
+ local dir="$1"
+ local version="$2"
+ local lang="$3"
+ local desc="$4"
+ local file
+ local result
+ local culture
+ local language
+ local edition
+ local catalog
+
+ file=$(getCatalog "$version" "file")
+ catalog=$(getCatalog "$version" "url")
+ culture=$(getLanguage "$lang" "culture")
+ edition=$(getCatalog "$version" "edition")
+
+ if [ -z "$file" ] || [ -z "$catalog" ]; then
+ error "Invalid VERSION specified, value \"$version\" is not recognized!" && return 1
+ fi
+
+ local msg="Downloading catalog..."
+ info "$msg" && html "$msg"
+
+ rm -rf "$dir"
+
+ if ! makeDir "$dir"; then
+ error "Failed to create directory \"$dir\" !" && return 1
+ fi
+
+ local xFile="products.xml"
+ local eFile="esd_edition.xml"
+ local fFile="products_filter.xml"
+
+ { wget "$catalog" -O "$dir/$file" -q --timeout=30 --no-http-keep-alive; rc=$?; } || :
+
+ msg="Failed to download $catalog"
+ (( rc == 3 )) && error "$msg , cannot write file (disk full?)" && return 1
+ (( rc == 4 )) && error "$msg , network failure!" && return 1
+ (( rc == 8 )) && error "$msg , server issued an error response!" && return 1
+ (( rc != 0 )) && error "$msg , reason: $rc" && return 1
+
+ if [[ "$file" == *".xml" ]]; then
+
+ mv -f "$dir/$file" "$dir/$xFile"
+
+ else
+
+ cd "$dir"
+
+ if ! cabextract "$file" > /dev/null; then
+ cd /run
+ error "Failed to extract $file!" && return 1
+ fi
+
+ cd /run
+
+ fi
+
+ if [ ! -s "$dir/$xFile" ]; then
+ error "Failed to find $xFile in $file!" && return 1
+ fi
+
+ local edQuery='//File[Architecture="'${PLATFORM,,}'"]'"${edition}"''
+ result=$(xmllint --nonet --xpath "${edQuery}" "$dir/$xFile" 2>/dev/null)
+
+ if [ -z "$result" ]; then
+
+ edQuery='//File[Architecture="'${PLATFORM^^}'"]'"${edition}"''
+
+ result=$(xmllint --nonet --xpath "${edQuery}" "$dir/$xFile" 2>/dev/null)
+
+ if [ -z "$result" ]; then
+ desc=$(printEdition "$version" "$desc")
+ language=$(getLanguage "$lang" "desc")
+ error "No download link available for $desc!" && return 1
+ fi
+
+ fi
+
+ echo -e '<Catalog>' > "$dir/$fFile"
+ echo "$result" >> "$dir/$fFile"
+ echo -e '</Catalog>'>> "$dir/$fFile"
+
+ result=$(xmllint --nonet --xpath "//File[LanguageCode=\"${culture,,}\"]" "$dir/$fFile" 2>/dev/null)
+
+ if [ -z "$result" ]; then
+ desc=$(printEdition "$version" "$desc")
+ language=$(getLanguage "$lang" "desc")
+ error "No download in the $language language available for $desc!" && return 1
+ fi
+
+ echo "$result" > "$dir/$eFile"
+
+ local tag="FilePath"
+ ESD=$(xmllint --nonet --xpath "//$tag" "$dir/$eFile" | sed -E -e "s/<[\/]?$tag>//g" 2>/dev/null)
+
+ if [ -z "$ESD" ]; then
+ error "Failed to find ESD URL in $eFile!" && return 1
+ fi
+
+ tag="Sha1"
+ ESD_SUM=$(xmllint --nonet --xpath "//$tag" "$dir/$eFile" | sed -E -e "s/<[\/]?$tag>//g" 2>/dev/null)
+
+ if [ -z "$ESD_SUM" ]; then
+ error "Failed to find ESD checksum in $eFile!" && return 1
+ fi
+
+ tag="Size"
+ ESD_SIZE=$(xmllint --nonet --xpath "//$tag" "$dir/$eFile" | sed -E -e "s/<[\/]?$tag>//g" 2>/dev/null)
+
+ if [ -z "$ESD_SIZE" ]; then
+ error "Failed to find ESD filesize in $eFile!" && return 1
+ fi
+
+ rm -rf "$dir"
+ return 0
+}
+
+isCompressed() {
+
+ local file="$1"
+
+ case "${file,,}" in
+ *".7z" | *".zip" | *".rar" | *".lzma" | *".bz" | *".bz2" )
+ return 0 ;;
+ esac
+
+ return 1
+}
+
+verifyFile() {
+
+ local iso="$1"
+ local size="$2"
+ local total="$3"
+ local check="$4"
+
+ if [ -n "$size" ] && [[ "$total" != "$size" && "$size" != "0" ]]; then
+ if [[ "$VERIFY" == [Yy1]* || "$DEBUG" == [Yy1]* ]]; then
+ warn "The downloaded file has a different size ( $total bytes) than expected ( $size bytes). Please report this at $SUPPORT/issues"
+ fi
+ fi
+
+ local hash=""
+ local algo="SHA256"
+
+ [ -z "$check" ] && return 0
+ [[ "$VERIFY" != [Yy1]* ]] && return 0
+ [[ "${#check}" == "40" ]] && algo="SHA1"
+
+ local msg="Verifying downloaded ISO..."
+ info "$msg" && html "$msg"
+
+ if [[ "${algo,,}" != "sha256" ]]; then
+ hash=$(sha1sum "$iso" | cut -f1 -d' ')
+ else
+ hash=$(sha256sum "$iso" | cut -f1 -d' ')
+ fi
+
+ if [[ "$hash" == "$check" ]]; then
+ info "Successfully verified ISO!" && return 0
+ fi
+
+ error "The downloaded file has an unknown $algo checksum: $hash , as the expected value was: $check. Please report this at $SUPPORT/issues"
+ return 1
+}
+
+downloadFile() {
+
+ local iso="$1"
+ local url="$2"
+ local sum="$3"
+ local size="$4"
+ local lang="$5"
+ local desc="$6"
+ local msg="Downloading $desc"
+ local rc total total_gb progress domain dots agent space folder
+
+ agent=$(get_agent)
+
+ if [ -n "$size" ] && [[ "$size" != "0" ]]; then
+ folder=$(dirname -- "$iso")
+ space=$(df --output=avail -B 1 "$folder" | tail -n 1)
+ total_gb=$(formatBytes "$space")
+ (( size > space )) && error "Not enough free space to download file, only $total_gb left!" && return 1
+ fi
+
+ # Check if running with interactive TTY or redirected to docker log
+ if [ -t 1 ]; then
+ progress="--progress=bar:noscroll"
+ else
+ progress="--progress=dot:giga"
+ fi
+
+ html "$msg..."
+ /run/progress.sh "$iso" "$size" "$msg ([P])..." &
+
+ domain=$(echo "$url" | awk -F/ '{print $3}')
+ dots=$(echo "$domain" | tr -cd '.' | wc -c)
+ (( dots > 1 )) && domain=$(expr "$domain" : '.*\.\(.*\..*\)')
+
+ if [ -n "$domain" ] && [[ "${domain,,}" != *"microsoft.com" ]]; then
+ msg="Downloading $desc from $domain"
+ fi
+
+ info "$msg..."
+ [[ "$DEBUG" == [Yy1]* ]] && echo "Downloading: $url"
+
+ { wget "$url" -O "$iso" --continue -q --timeout=30 --no-http-keep-alive --user-agent "$agent" --show-progress "$progress"; rc=$?; } || :
+
+ fKill "progress.sh"
+
+ if (( rc == 0 )) && [ -f "$iso" ]; then
+ total=$(stat -c%s "$iso")
+ total_gb=$(formatBytes "$total")
+ if [ "$total" -lt 100000000 ]; then
+ error "Invalid download link: $url (is only $total_gb ?). Please report this at $SUPPORT/issues" && return 1
+ fi
+ verifyFile "$iso" "$size" "$total" "$sum" || return 1
+ isCompressed "$url" && UNPACK="Y"
+ html "Download finished successfully..." && return 0
+ fi
+
+ msg="Failed to download $url"
+ (( rc == 3 )) && error "$msg , cannot write file (disk full?)" && return 1
+ (( rc == 4 )) && error "$msg , network failure!" && return 1
+ (( rc == 8 )) && error "$msg , server issued an error response! Please report this at $SUPPORT/issues" && return 1
+
+ error "$msg , reason: $rc"
+ return 1
+}
+
+delay() {
+
+ local i
+ local delay="$1"
+ local msg="Will retry in X seconds..."
+
+ info "${msg/X/$delay}"
+
+ for i in $(seq "$delay" -1 1); do
+ html "${msg/X/$i}"
+ sleep 1
+ done
+
+ return 0
+}
+
+downloadImage() {
+
+ local iso="$1"
+ local version="$2"
+ local lang="$3"
+ local tried="n"
+ local success="n"
+ local seconds="5"
+ local url sum size base desc language
+
+ if [[ "${version,,}" == "http"* ]]; then
+
+ base=$(basename "$iso")
+ desc=$(fromFile "$base")
+
+ rm -f "$iso"
+ downloadFile "$iso" "$version" "" "" "" "$desc" && return 0
+ delay "$seconds"
+ downloadFile "$iso" "$version" "" "" "" "$desc" && return 0
+ rm -f "$iso"
return 1
-}
+ fi
-part_ext=".PART"
-unverified_ext=".UNVERIFIED"
+ if ! validVersion "$version" "en"; then
+ error "Invalid VERSION specified, value \"$version\" is not recognized!" && return 1
+ fi
-scurl_file() {
- out_file="$1"
- tls_version="$2"
- url="$3"
+ desc=$(printVersion "$version" "")
- part_file="${out_file}${part_ext}"
-
- # --location: Microsoft likes to change which endpoint these downloads are stored on but is usually kind enough to add redirects
- # --fail: Return an error on server errors where the HTTP response code is 400 or greater
- curl --progress-bar --location --output "$part_file" --continue-at - --max-filesize 10G --fail --proto =https "--tlsv$tls_version" --http1.1 -- "$url" || {
- error_code=$?
- handle_curl_error "$error_code"
- error_action=$?
-
- # Clean up and make sure a future resume doesn't happen from a bad download resume file
- if [ -f "$out_file" ]; then
- # If file is empty, bad HTTP code, or bad download resume file
- if [ ! -s "$out_file" ] || [ "$error_code" = 22 ] || [ "$error_code" = 36 ]; then
- echo_info "Deleting failed download..."
- rm -f "$out_file"
- fi
- fi
-
- return "$error_action"
- }
-
- # Full downloaded succeeded, ready for verification check
- mv "$part_file" "${out_file}"
-}
-
-manual_verification() {
- media_verification_failed_list="$1"
- checksum_verification_failed_list="$2"
-
- echo_info "Manual verification instructions"
- echo " 1. Get checksum (may already be done for you):" >&2
- echo " sha256sum <ISO_FILENAME>" >&2
- echo "" >&2
- echo " 2. Verify media:" >&2
- echo " Web search: https://duckduckgo.com/?q=%22CHECKSUM_HERE%22" >&2
- echo " Onion search: https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/?q=%22CHECKSUM_HERE%22" >&2
- echo " \"No results found\" or unexpected results indicates the media has been modified and should not be used." >&2
- echo "" >&2
- echo " 3. Remove the $unverified_ext extension from the file after performing or deciding to skip verification (not recommended):" >&2
- echo " mv <ISO_FILENAME>$unverified_ext <ISO_FILENAME>" >&2
- echo "" >&2
-
- for media in $media_verification_failed_list; do
- # Read current checksum in list and then read remaining checksums back into the list (effectively running "shift" on the variable)
- # POSIX sh doesn't support indexing so do this instead to iterate both lists at once
- # POSIX sh doesn't support here-strings (<<<). We could also use the "cut" program but that's not a builtin
- IFS=' ' read -r checksum checksum_verification_failed_list << EOF
-$checksum_verification_failed_list
-EOF
-
- echo " ${media}${unverified_ext} = $checksum" >&2
- echo " Web search: https://duckduckgo.com/?q=%22$checksum%22" >&2
- echo " Onion search: https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/?q=%22$checksum%22" >&2
- echo " mv ${media}${unverified_ext} $media" >&2
- echo "" >&2
- done
-
- echo " Theses searches can be performed in a web/Tor browser or more securely using" >&2
- echo " ddgr (Debian/Fedora packages available) terminal search tool if preferred." >&2
- echo " Once validated, consider updating the checksums in Mido by submitting a pull request on GitHub." >&2
-
- # If you're looking for a single secondary source to cross-reference checksums then try here: https://files.rg-adguard.net/search
- # This site is recommended by the creator of Rufus in the Fido README and has worked well for me
-}
-
-consumer_download() {
- # Copyright (C) 2024 Elliot Killick <contact@elliotkillick.com>
- # Licensed under the MIT License. See LICENSE file for details.
- #
- # This function is from the Mido project:
- # https://github.com/ElliotKillick/Mido
-
- # Download newer consumer Windows versions from behind gated Microsoft API
-
- out_file="$1"
- # Either 8, 10, or 11
- windows_version="$2"
-
- url="https://www.microsoft.com/en-us/software-download/windows$windows_version"
- case "$windows_version" in
- 8 | 10) url="${url}ISO" ;;
- esac
-
- user_agent="Mozilla/5.0 (X11; Linux x86_64; rv:100.0) Gecko/20100101 Firefox/100.0"
- # uuidgen: For MacOS (installed by default) and other systems (e.g. with no /proc) that don't have a kernel interface for generating random UUIDs
- session_id="$(cat /proc/sys/kernel/random/uuid 2> /dev/null || uuidgen --random)"
-
- # Get product edition ID for latest release of given Windows version
- # Product edition ID: This specifies both the Windows release (e.g. 22H2) and edition ("multi-edition" is default, either Home/Pro/Edu/etc., we select "Pro" in the answer files) in one number
- # This is a request we make that Fido doesn't. Fido manually maintains a list of all the Windows release/edition product edition IDs in its script (see: $WindowsVersions array). This is helpful for downloading older releases (e.g. Windows 10 1909, 21H1, etc.) but we always want to get the newest release which is why we get this value dynamically
- # Also, keeping a "$WindowsVersions" array like Fido does would be way too much of a maintenance burden
- # Remove "Accept" header that curl sends by default (match Fido requests)
- iso_download_page_html="$(curl -sS --user-agent "$user_agent" --header "Accept:" --max-filesize 1M --fail --proto =https --tlsv1.2 --http1.1 -- "$url")" || {
- handle_curl_error $?
- return $?
- }
-
- # tr: Filter for only numerics to prevent HTTP parameter injection
- # head -c was recently added to POSIX: https://austingroupbugs.net/view.php?id=407
- product_edition_id="$(echo "$iso_download_page_html" | grep -Eo '<option value="[0-9]+">Windows' | cut -d '"' -f 2 | head -n 1 | tr -cd '0-9' | head -c 16)"
- [ "$VERBOSE" ] && echo "Product edition ID: $product_edition_id" >&2
-
- # Permit Session ID
- # "org_id" is always the same value
- curl -sS --output /dev/null --user-agent "$user_agent" --header "Accept:" --max-filesize 100K --fail --proto =https --tlsv1.2 --http1.1 -- "https://vlscppe.microsoft.com/tags?org_id=y6jn8c31&session_id=$session_id" || {
- # This should only happen if there's been some change to how this API works
- handle_curl_error $?
- return $?
- }
-
- # Extract everything after the last slash
- url_segment_parameter="${url##*/}"
-
- # Get language -> skuID association table
- # SKU ID: This specifies the language of the ISO. We always use "English (United States)", however, the SKU for this changes with each Windows release
- # We must make this request so our next one will be allowed
- # --data "" is required otherwise no "Content-Length" header will be sent causing HTTP response "411 Length Required"
- language_skuid_table_html="$(curl -sS --request POST --user-agent "$user_agent" --data "" --header "Accept:" --max-filesize 10K --fail --proto =https --tlsv1.2 --http1.1 -- "https://www.microsoft.com/en-US/api/controls/contentinclude/html?pageId=a8f8f489-4c7f-463a-9ca6-5cff94d8d041&host=www.microsoft.com&segments=software-download,$url_segment_parameter&query=&action=getskuinformationbyproductedition&sessionId=$session_id&productEditionId=$product_edition_id&sdVersion=2")" || {
- handle_curl_error $?
- return $?
- }
-
- # tr: Filter for only alphanumerics or "-" to prevent HTTP parameter injection
- sku_id="$(echo "$language_skuid_table_html" | grep "English (United States)" | sed 's/"//g' | cut -d ',' -f 1 | cut -d ':' -f 2 | tr -cd '[:alnum:]-' | head -c 16)"
- [ "$VERBOSE" ] && echo "SKU ID: $sku_id" >&2
-
- # Get ISO download link
- # If any request is going to be blocked by Microsoft it's always this last one (the previous requests always seem to succeed)
- # --referer: Required by Microsoft servers to allow request
- iso_download_link_html="$(curl -sS --request POST --user-agent "$user_agent" --data "" --referer "$url" --header "Accept:" --max-filesize 100K --fail --proto =https --tlsv1.2 --http1.1 -- "https://www.microsoft.com/en-US/api/controls/contentinclude/html?pageId=6e2a1789-ef16-4f27-a296-74ef7ef5d96b&host=www.microsoft.com&segments=software-download,$url_segment_parameter&query=&action=GetProductDownloadLinksBySku&sessionId=$session_id&skuId=$sku_id&language=English&sdVersion=2")" || {
- # This should only happen if there's been some change to how this API works
- handle_curl_error $?
- return $?
- }
-
- if ! [ "$iso_download_link_html" ]; then
- # This should only happen if there's been some change to how this API works
- echo_err "Microsoft servers gave us an empty response to our request for an automated download."
- manual_verification="true"
- return 1
+ if [[ "${lang,,}" != "en" && "${lang,,}" != "en-"* ]]; then
+ language=$(getLanguage "$lang" "desc")
+ if ! validVersion "$version" "$lang"; then
+ desc=$(printEdition "$version" "$desc")
+ error "The $language language version of $desc is not available, please switch to English." && return 1
fi
+ desc+=" in $language"
+ fi
- if echo "$iso_download_link_html" | grep -q "We are unable to complete your request at this time."; then
- echo_err "Microsoft blocked the automated download request based on your IP address."
- manual_verification="true"
- return 1
- fi
+ if isMido "$version" "$lang"; then
- # Filter for 64-bit ISO download URL
- # sed: HTML decode "&" character
- # tr: Filter for only alphanumerics or punctuation
- iso_download_link="$(echo "$iso_download_link_html" | grep -o "https://software.download.prss.microsoft.com.*IsoX64" | cut -d '"' -f 1 | sed 's/&/\&/g' | tr -cd '[:alnum:][:punct:]' | head -c 512)"
+ tried="y"
+ success="n"
- if ! [ "$iso_download_link" ]; then
- # This should only happen if there's been some change to the download endpoint web address
- echo_err "Microsoft servers gave us no download link to our request for an automated download."
- manual_verification="true"
- return 1
- fi
-
- #echo_ok "Got latest ISO download link (valid for 24 hours): $iso_download_link"
-
- # Download ISO
- scurl_file "$out_file" "1.3" "$iso_download_link"
-}
-
-enterprise_eval_download() {
- # Copyright (C) 2024 Elliot Killick <contact@elliotkillick.com>
- # Licensed under the MIT License. See LICENSE file for details.
- #
- # This function is from the Mido project:
- # https://github.com/ElliotKillick/Mido
-
- # Download enterprise evaluation Windows versions
-
- out_file="$1"
- windows_version="$2"
- enterprise_type="$3"
-
- url="https://www.microsoft.com/en-us/evalcenter/download-$windows_version"
-
- iso_download_page_html="$(curl -sS --location --max-filesize 1M --fail --proto =https --tlsv1.2 --http1.1 -- "$url")" || {
- handle_curl_error $?
- return $?
- }
-
- if ! [ "$iso_download_page_html" ]; then
- # This should only happen if there's been some change to where this download page is located
- echo_err "Windows enterprise evaluation download page gave us an empty response"
- return 1
- fi
-
- iso_download_links="$(echo "$iso_download_page_html" | grep -o "https://go.microsoft.com/fwlink/p/?LinkID=[0-9]\+&clcid=0x[0-9a-z]\+&culture=en-us&country=US")" || {
- # This should only happen if there's been some change to the download endpoint web address
- echo_err "Windows enterprise evaluation download page gave us no download link"
- return 1
- }
-
- # Limit untrusted size for input validation
- iso_download_links="$(echo "$iso_download_links" | head -c 1024)"
-
- case "$enterprise_type" in
- # Select x64 download link
- "enterprise") iso_download_link=$(echo "$iso_download_links" | head -n 2 | tail -n 1) ;;
- # Select x64 LTSC download link
- "ltsc") iso_download_link=$(echo "$iso_download_links" | head -n 4 | tail -n 1) ;;
- *) iso_download_link="$iso_download_links" ;;
- esac
-
- # Follow redirect so proceeding log message is useful
- # This is a request we make this Fido doesn't
- # We don't need to set "--max-filesize" here because this is a HEAD request and the output is to /dev/null anyway
- iso_download_link="$(curl -sS --location --output /dev/null --silent --write-out "%{url_effective}" --head --fail --proto =https --tlsv1.2 --http1.1 -- "$iso_download_link")" || {
- # This should only happen if the Microsoft servers are down
- handle_curl_error $?
- return $?
- }
-
- # Limit untrusted size for input validation
- iso_download_link="$(echo "$iso_download_link" | head -c 1024)"
-
- #echo_ok "Got latest ISO download link: $iso_download_link"
-
- # Use highest TLS version for endpoints that support it
- case "$iso_download_link" in
- "https://download.microsoft.com"*) tls_version="1.2" ;;
- *) tls_version="1.3" ;;
- esac
-
- # Download ISO
- scurl_file "$out_file" "$tls_version" "$iso_download_link"
-}
-
-download_media() {
- echo_info "Downloading Windows media from official Microsoft servers..."
-
- media_download_failed_list=""
-
- for media in $media_list; do
- case "$media" in
- "$win7x64_ultimate")
- echo_info "Downloading Windows 7..."
- # Source, Google search this (it can be found many places): "dec04cbd352b453e437b2fe9614b67f28f7c0b550d8351827bc1e9ef3f601389" "download.microsoft.com"
- # This Windows 7 ISO bundles MSU update packages
- # It's the most up-to-date Windows 7 ISO that Microsoft offers (August 2018 update): https://files.rg-adguard.net/files/cea4210a-3474-a17a-88d4-4b3e10bd9f66
- # Of particular interest to us is the update that adds support for SHA-256 driver signatures so Qubes Windows Tools installs correctly
- #
- # Microsoft purged Windows 7 from all their servers...
- # More info about this event: https://github.com/pbatard/Fido/issues/64
- # Luckily, the ISO is still available on the Wayback Machine so get the last copy of it from there
- # This is still secure because we validate with the checksum from before the purge
- # The only con then is that web.archive.org is a much slower download source than the Microsoft servers
- echo_info "Microsoft has unfortunately purged all downloads of Windows 7 from their servers so this identical download is sourced from: web.archive.org"
- scurl_file "$media" "1.3" "https://web.archive.org/web/20221228154140/https://download.microsoft.com/download/5/1/9/5195A765-3A41-4A72-87D8-200D897CBE21/7601.24214.180801-1700.win7sp1_ldr_escrow_CLIENT_ULTIMATE_x64FRE_en-us.iso"
- ;;
- "$win81x64")
- echo_info "Downloading Windows 8.1..."
- consumer_download "$media" 8
- ;;
- "$win10x64")
- echo_info "Downloading Windows 10..."
- consumer_download "$media" 10
- ;;
- "$win11x64")
- echo_info "Downloading Windows 11..."
- consumer_download "$media" 11
- ;;
-
- "$win81x64_enterprise_eval")
- echo_info "Downloading Windows 8.1 Enterprise Evaluation..."
- # This download link is "Update 1": https://files.rg-adguard.net/file/166cbcab-1647-53d5-1785-6ef9e22a6500
- # A more up-to-date "Update 3" enterprise ISO exists but it was only ever distributed by Microsoft through MSDN which means it's impossible to get a Microsoft download link now: https://files.rg-adguard.net/file/549a58f2-7813-3e77-df6c-50609bc6dd7c
- # win81x64 is "Update 3" but that's isn't an enterprise version (although technically it's possible to modify a few files in the ISO to get any edition)
- # If you want "Update 3" enterprise though (not from Microsoft servers), then you should still be able to get it from here: https://archive.org/details/en_windows_8.1_enterprise_with_update_x64_dvd_6054382_202110
- # "Update 1" enterprise also seems to be the ISO used by other projects
- # Old source, used to be here but Microsoft deleted it: http://technet.microsoft.com/en-us/evalcenter/hh699156.aspx
- # Source: https://gist.github.com/eyecatchup/11527136b23039a0066f
- scurl_file "$media" "1.2" "https://download.microsoft.com/download/B/9/9/B999286E-0A47-406D-8B3D-5B5AD7373A4A/9600.17050.WINBLUE_REFRESH.140317-1640_X64FRE_ENTERPRISE_EVAL_EN-US-IR3_CENA_X64FREE_EN-US_DV9.ISO"
- ;;
- "$win10x64_enterprise_eval")
- echo_info "Downloading Windows 10 Enterprise Evaluation..."
- enterprise_eval_download "$media" windows-10-enterprise enterprise
- ;;
- "$win11x64_enterprise_eval")
- echo_info "Downloading Windows 11 Enterprise Evaluation..."
- enterprise_eval_download "$media" windows-11-enterprise enterprise
- ;;
- "$win10x64_enterprise_ltsc_eval")
- echo_info "Downloading Windows 10 Enterprise LTSC Evaluation..."
- enterprise_eval_download "$media" windows-10-enterprise ltsc
- ;;
-
- "$win2008r2")
- echo_info "Downloading Windows Server 2008 R2..."
- # Old source, used to be here but Microsoft deleted it: https://www.microsoft.com/en-us/download/details.aspx?id=11093
- # Microsoft took down the original download link provided by that source too but this new one has the same checksum
- # Source: https://github.com/rapid7/metasploitable3/pull/563
- scurl_file "$media" "1.2" "https://download.microsoft.com/download/4/1/D/41DEA7E0-B30D-4012-A1E3-F24DC03BA1BB/7601.17514.101119-1850_x64fre_server_eval_en-us-GRMSXEVAL_EN_DVD.iso"
- ;;
- "$win2012r2_eval")
- echo_info "Downloading Windows Server 2012 R2 Evaluation..."
- enterprise_eval_download "$media" windows-server-2012-r2 server
- ;;
- "$win2016_eval")
- echo_info "Downloading Windows Server 2016 Evaluation..."
- enterprise_eval_download "$media" windows-server-2016 server
- ;;
- "$win2019_eval")
- echo_info "Downloading Windows Server 2019 Evaluation..."
- enterprise_eval_download "$media" windows-server-2019 server
- ;;
- "$win2022_eval")
- echo_info "Downloading Windows Server 2022 Evaluation..."
- enterprise_eval_download "$media" windows-server-2022 server
- ;;
- esac || {
- error_action=$?
- media_download_failed_list="$media_download_failed_list $media"
- # Return immediately on a fatal error action
- if [ "$error_action" = 2 ]; then
- return
- fi
- }
- done
-}
-
-verify_media() {
- # SHA256SUMS file
- # Some of these Windows ISOs are EOL (e.g. win81x64) so their checksums will always match
- # For all other Windows ISOs, a new release will make their checksums no longer match
- #
- # IMPORTANT: These checksums are not necessarily subject to being updated
- # Unfortunately, the maintenance burden would be too large and even if I did there would still be some time gap between Microsoft releasing a new ISO and me updating the checksum (also, users would have to update this script)
- # For these reasons, I've opted for a slightly more manual verification where you have to look up the checksum to see if it's a well-known Windows ISO checksum
- # Ultimately, you have to trust Microsoft because they could still include a backdoor in the verified ISO (keeping Windows air gapped could help with this)
- # Community contributions for these checksums are welcome
- #
- # Leading backslash is to avoid prepending a newline while maintaining alignment
- readonly sha256sums="\
-dec04cbd352b453e437b2fe9614b67f28f7c0b550d8351827bc1e9ef3f601389 win7x64-ultimate.iso
-d8333cf427eb3318ff6ab755eb1dd9d433f0e2ae43745312c1cd23e83ca1ce51 win81x64.iso
-# Windows 10 22H2
-a6f470ca6d331eb353b815c043e327a347f594f37ff525f17764738fe812852e win10x64.iso
-# Windows 11 23H2 v2
-36de5ecb7a0daa58dce68c03b9465a543ed0f5498aa8ae60ab45fb7c8c4ae402 win11x64.iso
-2dedd44c45646c74efc5a028f65336027e14a56f76686a4631cf94ffe37c72f2 win81x64-enterprise-eval.iso
-ef7312733a9f5d7d51cfa04ac497671995674ca5e1058d5164d6028f0938d668 win10x64-enterprise-eval.iso
-ebbc79106715f44f5020f77bd90721b17c5a877cbc15a3535b99155493a1bb3f win11x64-enterprise-eval.iso
-e4ab2e3535be5748252a8d5d57539a6e59be8d6726345ee10e7afd2cb89fefb5 win10x64-enterprise-ltsc-eval.iso
-30832ad76ccfa4ce48ccb936edefe02079d42fb1da32201bf9e3a880c8ed6312 win2008r2.iso
-6612b5b1f53e845aacdf96e974bb119a3d9b4dcb5b82e65804ab7e534dc7b4d5 win2012r2-eval.iso
-1ce702a578a3cb1ac3d14873980838590f06d5b7101c5daaccbac9d73f1fb50f win2016-eval.iso
-6dae072e7f78f4ccab74a45341de0d6e2d45c39be25f1f5920a2ab4f51d7bcbb win2019-eval.iso
-3e4fa6d8507b554856fc9ca6079cc402df11a8b79344871669f0251535255325 win2022-eval.iso"
-
- # Read sha256sums line-by-line to build known checksum and media lists
- # Only use shell builtins for better security and stability
- # Don't use a for loop because IFS cannot temporarily be set using that
- while IFS="$(printf '\n')" read -r line; do
- # Ignore comments and empty lines
- case "$line" in
- "#"* | "") continue ;;
- esac
-
- # Read first and second words of line
- IFS=' ' read -r known_checksum known_media _ << EOF
-$line
-EOF
-
- known_checksum_list="$known_checksum_list $known_checksum"
- known_media_list="$known_media_list $known_media"
- done << EOF
-$sha256sums
-EOF
-
- media_verification_failed_list=""
- checksum_verification_failed_list=""
-
- for media in $media_list; do
- # Scan for unverified media files
- if ! [ -f "${media}${unverified_ext}" ]; then
- continue
- fi
-
- if [ "$verify_media_message_shown" != "true" ]; then
- echo_info "Verifying integrity..."
- verify_media_message_shown="true"
- fi
-
- checksum_line="$(sha256sum "${media}${unverified_ext}")"
- # Get first word of checksum line
- IFS=' ' read -r checksum _ << EOF
-$checksum_line
-EOF
-
- # Sanity check: Assert correct size of SHA-256 checksum
- if [ ${#checksum} != 64 ]; then
- echo_err "Failed SHA-256 sanity check! Exiting..."
- exit 2
- fi
-
- known_checksum_list_iterator="$known_checksum_list"
-
- # Search known media and checksum lists for the current media
- for known_media in $known_media_list; do
- IFS=' ' read -r known_checksum known_checksum_list_iterator << EOF
-$known_checksum_list_iterator
-EOF
-
- if [ "$media" = "$known_media" ]; then
- break
- fi
- done
-
- # Verify current media integrity
- if [ "$checksum" = "$known_checksum" ]; then
- echo "$media: OK"
- mv "${media}${unverified_ext}" "$media"
- else
- echo "$media: UNVERIFIED"
- media_verification_failed_list="$media_verification_failed_list $media"
- checksum_verification_failed_list="$checksum_verification_failed_list $checksum"
- fi
-
- # Reset known checksum list iterator so we can iterate on it again for the next media
- known_checksum_list_iterator="$known_checksum_list"
- done
-}
-
-ending_summary() {
- echo "" >&2
-
- if [ "$media_download_failed_list" ]; then
- for media in $media_download_failed_list; do
- media_download_failed_argument_list="$media_download_failed_argument_list ${media%%.iso}"
- done
-
- # shellcheck disable=SC2086
- echo_err "Attempted download failed!"
- fi
-
- # Exit codes
- # 0: Success
- # 1: Argument parsing error
- # 2: Runtime error (see error message for more info)
- # 3: One or more downloads failed
- # 4: One or more verifications failed
- # 5: At least one download and one verification failed (when more than one media is specified)
-
- exit_code=0
-
- # Determine exit code
- if [ "$media_download_failed_list" ] && [ "$media_verification_failed_list" ]; then
- exit_code=5
+ if getWindows "$version" "$lang" "$desc"; then
+ success="y"
else
- if [ "$media_download_failed_list" ]; then
- exit_code=3
- elif [ "$media_verification_failed_list" ]; then
- exit_code=4
- fi
+ delay "$seconds"
+ getWindows "$version" "$lang" "$desc" && success="y"
fi
- trap -- - EXIT
+ if [[ "$success" == "y" ]]; then
+ size=$(getMido "$version" "$lang" "size" )
+ sum=$(getMido "$version" "$lang" "sum")
- if [ "$exit_code" = 0 ]; then
- echo_ok "Successfully downloaded Windows image!"
+ rm -f "$iso"
+ downloadFile "$iso" "$MIDO_URL" "$sum" "$size" "$lang" "$desc" && return 0
+ delay "$seconds"
+ downloadFile "$iso" "$MIDO_URL" "$sum" "$size" "$lang" "$desc" && return 0
+ rm -f "$iso"
+ fi
+ fi
+
+ switchEdition "$version"
+
+ if isESD "$version" "$lang"; then
+
+ if [[ "$tried" != "n" ]]; then
+ info "Failed to download $desc, will try a different method now..."
+ fi
+
+ tried="y"
+ success="n"
+
+ if getESD "$TMP/esd" "$version" "$lang" "$desc"; then
+ success="y"
else
- echo_ok "Finished! Please see the above errors with information"
- exit "$exit_code"
+ delay "$seconds"
+ getESD "$TMP/esd" "$version" "$lang" "$desc" && success="y"
fi
+
+ if [[ "$success" == "y" ]]; then
+ ISO="${ISO%.*}.esd"
+
+ rm -f "$ISO"
+ downloadFile "$ISO" "$ESD" "$ESD_SUM" "$ESD_SIZE" "$lang" "$desc" && return 0
+ delay "$seconds"
+ downloadFile "$ISO" "$ESD" "$ESD_SUM" "$ESD_SIZE" "$lang" "$desc" && return 0
+ rm -f "$ISO"
+ ISO="$iso"
+ fi
+
+ fi
+
+ for ((i=1;i<=MIRRORS;i++)); do
+
+ url=$(getLink "$i" "$version" "$lang")
+
+ if [ -n "$url" ]; then
+
+ if [[ "$tried" != "n" ]]; then
+ info "Failed to download $desc, will try another mirror now..."
+ fi
+
+ tried="y"
+ size=$(getSize "$i" "$version" "$lang")
+ sum=$(getHash "$i" "$version" "$lang")
+
+ rm -f "$iso"
+ downloadFile "$iso" "$url" "$sum" "$size" "$lang" "$desc" && return 0
+ delay "$seconds"
+ downloadFile "$iso" "$url" "$sum" "$size" "$lang" "$desc" && return 0
+ rm -f "$iso"
+ fi
+
+ done
+
+ return 1
}
-# https://unix.stackexchange.com/questions/752570/why-does-trap-passthough-zero-instead-of-the-signal-the-process-was-killed-wit
-handle_exit() {
- exit_code=$?
- signal="$1"
-
- if [ "$exit_code" != 0 ] || [ "$signal" ]; then
- echo "" >&2
- echo_err "Mido was exited abruptly!"
- fi
-
- if [ "$exit_code" != 0 ]; then
- trap -- - EXIT
- exit "$exit_code"
- elif [ "$signal" ]; then
- trap -- - "$signal"
- kill -s "$signal" -- $$
- fi
-}
-
-# Enable exiting on error
-#
-# Disable shell globbing
-# This isn't necessary given that all unquoted variables (e.g. for determining word count) are set directly by us but it's just a precaution
-set -ef
-
-# IFS defaults to many different kinds of whitespace but we only care about space
-# Note: This means that ISO filenames cannot contain spaces but that's a bad idea anyway
-IFS=' '
-
-parse_args "$@"
-
-# POSIX sh doesn't include signals in its EXIT trap so do it ourselves
-signo=1
-while true; do
- # "kill" is a shell builtin
- # shellcheck disable=SC2064
- case "$(kill -l "$signo" 2> /dev/null)" in
- # Trap on all catchable terminating signals as defined by POSIX
- # Stop (i.e. suspend) signals (like Ctrl + Z or TSTP) are fine because they can be resumed
- # Most signals result in termination so this way is easiest (Linux signal(7) only adds more terminating signals)
- #
- # https://pubs.opengroup.org/onlinepubs/009695399/basedefs/signal.h.html
- # https://unix.stackexchange.com/a/490816
- # Signal WINCH was recently added to POSIX: https://austingroupbugs.net/view.php?id=249
- CHLD | CONT | URG | WINCH | KILL | STOP | TSTP | TTIN | TTOU) ;;
- *) trap "handle_exit $signo" "$signo" 2> /dev/null || break ;;
- esac
-
- signo=$((signo + 1))
-done
-trap handle_exit EXIT
-
-download_media
-verify_media
-ending_summary
+return 0
diff --git a/src/power.sh b/src/power.sh
index cc28f8d..98a6f73 100644
--- a/src/power.sh
+++ b/src/power.sh
@@ -1,18 +1,19 @@
#!/usr/bin/env bash
set -Eeuo pipefail
+: "${QEMU_TIMEOUT:="110"}" # QEMU Termination timeout
+
# Configure QEMU for graceful shutdown
QEMU_TERM=""
-QEMU_PORT=7100
-QEMU_TIMEOUT=110
-QEMU_PID="/run/shm/qemu.pid"
-QEMU_PTY="/run/shm/qemu.pty"
-QEMU_LOG="/run/shm/qemu.log"
-QEMU_OUT="/run/shm/qemu.out"
-QEMU_END="/run/shm/qemu.end"
+QEMU_DIR="/run/shm"
+QEMU_PID="$QEMU_DIR/qemu.pid"
+QEMU_PTY="$QEMU_DIR/qemu.pty"
+QEMU_LOG="$QEMU_DIR/qemu.log"
+QEMU_OUT="$QEMU_DIR/qemu.out"
+QEMU_END="$QEMU_DIR/qemu.end"
-rm -f /run/shm/qemu.*
+rm -f "$QEMU_DIR/qemu.*"
touch "$QEMU_LOG"
_trap() {
@@ -22,32 +23,58 @@ _trap() {
done
}
+boot() {
+
+ [ -f "$QEMU_END" ] && return 0
+
+ if [ -s "$QEMU_PTY" ]; then
+ if [ "$(stat -c%s "$QEMU_PTY")" -gt 7 ]; then
+ local fail=""
+ if [[ "${BOOT_MODE,,}" == "windows_legacy" ]]; then
+ grep -Fq "No bootable device." "$QEMU_PTY" && fail="y"
+ grep -Fq "BOOTMGR is missing" "$QEMU_PTY" && fail="y"
+ fi
+ if [ -z "$fail" ]; then
+ info "Windows started successfully, visit http://127.0.0.1:8006/ to view the screen..."
+ return 0
+ fi
+ fi
+ fi
+
+ error "Timeout while waiting for QEMU to boot the machine!"
+
+ local pid
+ pid=$(<"$QEMU_PID")
+ { kill -15 "$pid" || true; } 2>/dev/null
+
+ return 0
+}
+
ready() {
[ -f "$STORAGE/windows.boot" ] && return 0
[ ! -s "$QEMU_PTY" ] && return 1
- if [ -f "$STORAGE/windows.old" ]; then
+ if [[ "${BOOT_MODE,,}" == "windows_legacy" ]]; then
local last
local bios="Booting from Hard"
last=$(grep "^Booting.*" "$QEMU_PTY" | tail -1)
- if [[ "${last,,}" == "${bios,,}"* ]]; then
- return 0
- fi
- return 1
- fi
-
- local line="Windows Boot Manager"
- if grep -Fq "$line" "$QEMU_PTY"; then
+ [[ "${last,,}" != "${bios,,}"* ]] && return 1
+ grep -Fq "No bootable device." "$QEMU_PTY" && return 1
+ grep -Fq "BOOTMGR is missing" "$QEMU_PTY" && return 1
return 0
fi
+ local line="\"Windows Boot Manager\""
+ grep -Fq "$line" "$QEMU_PTY" && return 0
+
return 1
}
finish() {
local pid
+ local cnt=0
local reason=$1
touch "$QEMU_END"
@@ -55,29 +82,53 @@ finish() {
if [ -s "$QEMU_PID" ]; then
pid=$(<"$QEMU_PID")
- error "Forcefully terminating Windows, reason: $reason..."
+ echo && error "Forcefully terminating Windows, reason: $reason..."
{ kill -15 "$pid" || true; } 2>/dev/null
while isAlive "$pid"; do
+
sleep 1
+ cnt=$((cnt+1))
+
# Workaround for zombie pid
[ ! -s "$QEMU_PID" ] && break
+
+ if [ "$cnt" == "5" ]; then
+ echo && error "QEMU did not terminate itself, forcefully killing process..."
+ { kill -9 "$pid" || true; } 2>/dev/null
+ fi
+
done
+
fi
- if [ ! -f "$STORAGE/windows.boot" ] && [ -f "$STORAGE/$BASE" ]; then
+ if [ ! -f "$STORAGE/windows.boot" ] && [ -f "$BOOT" ]; then
# Remove CD-ROM ISO after install
if ready; then
- rm -f "$STORAGE/$BASE"
- touch "$STORAGE/windows.boot"
+ local file="$STORAGE/windows.boot"
+ touch "$file"
+ ! setOwner "$file" && error "Failed to set the owner for \"$file\" !"
+ if [[ "$REMOVE" != [Nn]* ]]; then
+ rm -f "$BOOT" 2>/dev/null || true
+ fi
fi
fi
pid="/var/run/tpm.pid"
[ -s "$pid" ] && pKill "$(<"$pid")"
+ rm -f "$pid"
- fKill "wsdd"
- fKill "smbd"
+ pid="/var/run/wsdd.pid"
+ [ -s "$pid" ] && pKill "$(<"$pid")"
+ rm -f "$pid"
+
+ pid="/var/run/samba/nmbd.pid"
+ [ -s "$pid" ] && pKill "$(<"$pid")"
+ rm -f "$pid"
+
+ pid="/var/run/samba/smbd.pid"
+ [ -s "$pid" ] && pKill "$(<"$pid")"
+ rm -f "$pid"
closeNetwork
@@ -109,7 +160,7 @@ terminal() {
fi
if [ ! -c "$dev" ]; then
- dev=$(echo 'info chardev' | nc -q 1 -w 1 localhost "$QEMU_PORT" | tr -d '\000')
+ dev=$(echo 'info chardev' | nc -q 1 -w 1 localhost "$MON_PORT" | tr -d '\000')
dev="${dev#*serial0}"
dev="${dev#*pty:}"
dev="${dev%%$'\n'*}"
@@ -158,7 +209,7 @@ _graceful_shutdown() {
fi
# Send ACPI shutdown signal
- echo 'system_powerdown' | nc -q 1 -w 1 localhost "${QEMU_PORT}" > /dev/null
+ echo 'system_powerdown' | nc -q 1 -w 1 localhost "$MON_PORT" > /dev/null
local cnt=0
while [ "$cnt" -lt "$QEMU_TIMEOUT" ]; do
@@ -173,7 +224,7 @@ _graceful_shutdown() {
info "Waiting for Windows to shutdown... ($cnt/$QEMU_TIMEOUT)"
# Send ACPI shutdown signal
- echo 'system_powerdown' | nc -q 1 -w 1 localhost "${QEMU_PORT}" > /dev/null
+ echo 'system_powerdown' | nc -q 1 -w 1 localhost "$MON_PORT" > /dev/null
done
@@ -185,8 +236,8 @@ _graceful_shutdown() {
}
SERIAL="pty"
-MONITOR="telnet:localhost:$QEMU_PORT,server,nowait,nodelay"
-MONITOR="$MONITOR -daemonize -D $QEMU_LOG -pidfile $QEMU_PID"
+MONITOR="telnet:localhost:$MON_PORT,server,nowait,nodelay"
+MONITOR+=" -daemonize -D $QEMU_LOG -pidfile $QEMU_PID"
_trap _graceful_shutdown SIGTERM SIGHUP SIGINT SIGABRT SIGQUIT
diff --git a/src/samba.sh b/src/samba.sh
index eb262af..7cd3210 100644
--- a/src/samba.sh
+++ b/src/samba.sh
@@ -1,83 +1,228 @@
#!/usr/bin/env bash
set -Eeuo pipefail
-: "${SAMBA:="Y"}"
+: "${SAMBA:="Y"}" # Enable Samba
+: "${SAMBA_LEVEL:="1"}" # Logging level
+: "${SAMBA_DEBUG:="N"}" # Disable debug
-[[ "$DHCP" == [Yy1]* ]] && return 0
-[[ "$SAMBA" != [Yy1]* ]] && return 0
-[[ "$NETWORK" != [Yy1]* ]] && return 0
+tmp="/tmp/smb"
+rm -rf "$tmp"
-SHARE="$STORAGE/shared"
+rm -f /var/run/wsdd.pid
+rm -f /var/run/samba/nmbd.pid
+rm -f /var/run/samba/smbd.pid
-mkdir -p "$SHARE"
-chmod -R 777 "$SHARE"
+[[ "$SAMBA" == [Nn]* ]] && return 0
+[[ "$NETWORK" == [Nn]* ]] && return 0
-SAMBA="/etc/samba/smb.conf"
+if [[ "$DHCP" == [Yy1]* ]]; then
+ socket="$IP"
+ hostname="$IP"
+ interfaces="$VM_NET_DEV"
+else
+ hostname="host.lan"
+ case "${NETWORK,,}" in
+ "passt" | "slirp" )
+ interfaces="lo"
+ socket="127.0.0.1" ;;
+ *)
+ socket="$VM_NET_IP"
+ interfaces="$VM_NET_BRIDGE" ;;
+ esac
+ if [ -n "${SAMBA_INTERFACE:-}" ]; then
+ interfaces+=",$SAMBA_INTERFACE"
+ fi
+fi
-{ echo "[global]"
+html "Initializing shared folder..."
+SAMBA_CONFIG="/etc/samba/smb.conf"
+[[ "$DEBUG" == [Yy1]* ]] && echo "Starting Samba daemon..."
+
+addShare() {
+ local dir="$1"
+ local ref="$2"
+ local name="$3"
+ local comment="$4"
+ local cfg="$5"
+ local owner=""
+
+ if [ ! -d "$dir" ]; then
+ if ! mkdir -p "$dir"; then
+ error "Failed to create shared folder ($dir)." && return 1
+ fi
+ fi
+
+ if ! ls -A "$dir" >/dev/null 2>&1; then
+ msg="No permission to access shared folder ($dir)."
+ msg+=" If SELinux is active, you need to add the \":Z\" flag to the bind mount."
+ error "$msg" && return 1
+ fi
+
+ if [ ! -w "$dir" ]; then
+ msg="shared folder ($dir) is not writeable!"
+ warn "$msg"
+ fi
+
+ if [ -z "$(ls -A "$dir")" ]; then
+ if ! chmod 2777 "$dir"; then
+ error "Failed to set permissions for directory $dir" && return 1
+ fi
+ owner=$(stat -c %u "$dir")
+ if [[ "$owner" == "0" ]]; then
+ if ! chown "1000:1000" "$dir"; then
+ error "Failed to set ownership for directory $dir" && return 1
+ fi
+ fi
+ fi
+
+ if [[ "$dir" == "$tmp" ]]; then
+
+ { echo "--------------------------------------------------------"
+ echo " $APP for $ENGINE v$(</run/version)..."
+ echo " For support visit $SUPPORT"
+ echo "--------------------------------------------------------"
+ echo ""
+ echo "Using this folder you can exchange files with the host machine."
+ echo ""
+ echo "To select a folder on the host for this purpose, include the following bind mount in your compose file:"
+ echo ""
+ echo " volumes:"
+ echo " - \"./example:${ref}\""
+ echo ""
+ echo "Or in your run command:"
+ echo ""
+ echo " -v \"\${PWD:-.}/example:${ref}\""
+ echo ""
+ echo "Replace the example path ./example with your desired shared folder, which then will become visible here."
+ echo ""
+ } | unix2dos > "$dir/readme.txt"
+
+ fi
+
+ { echo ""
+ echo "[$name]"
+ echo " path = $dir"
+ echo " comment = $comment"
+ echo " writable = yes"
+ echo " guest ok = yes"
+ echo " guest only = yes"
+ } >> "$cfg"
+
+ return 0
+}
+
+{ echo "[global]"
echo " server string = Dockur"
- echo " netbios name = dockur"
+ echo " netbios name = $hostname"
echo " workgroup = WORKGROUP"
- echo " interfaces = dockerbridge"
+ echo " interfaces = $interfaces"
echo " bind interfaces only = yes"
+ echo " socket address = $socket"
echo " security = user"
echo " guest account = nobody"
echo " map to guest = Bad User"
echo " server min protocol = NT1"
+ echo " follow symlinks = yes"
+ echo " wide links = yes"
+ echo " unix extensions = no"
+ echo " inherit owner = yes"
+ echo " create mask = 0666"
+ echo " directory mask = 02777"
+ echo " force user = root"
+ echo " force group = root"
+ echo " force create mode = 0666"
+ echo " force directory mode = 02777"
echo ""
- echo " # disable printing services"
+ echo " # Disable printing services"
echo " load printers = no"
echo " printing = bsd"
echo " printcap name = /dev/null"
echo " disable spoolss = yes"
- echo ""
- echo "[Data]"
- echo " path = $SHARE"
- echo " comment = Shared"
- echo " writable = yes"
- echo " guest ok = yes"
- echo " guest only = yes"
- echo " force user = root"
- echo " force group = root"
-} > "$SAMBA"
+} > "$SAMBA_CONFIG"
-{ echo "--------------------------------------------------------"
- echo " $APP for Docker v$(</run/version)..."
- echo " For support visit $SUPPORT"
- echo "--------------------------------------------------------"
- echo ""
- echo "Using this folder you can share files with the host machine."
- echo ""
- echo "To change the storage location, include the following bind mount in your compose file:"
- echo ""
- echo " volumes:"
- echo " - \"/home/user/example:/storage/shared\""
- echo ""
- echo "Or in your run command:"
- echo ""
- echo " -v \"/home/user/example:/storage/shared\""
- echo ""
- echo "Replace the example path /home/user/example with the desired storage folder."
- echo ""
-} | unix2dos > "$SHARE/readme.txt"
+# Add shared folders
+share="/shared"
+[ ! -d "$share" ] && [ -d "$STORAGE/shared" ] && share="$STORAGE/shared"
+[ ! -d "$share" ] && [ -d "/data" ] && share="/data"
+[ ! -d "$share" ] && [ -d "$STORAGE/data" ] && share="$STORAGE/data"
+[ ! -d "$share" ] && share="$tmp"
-! smbd && smbd --debug-stdout
+! addShare "$share" "/shared" "Data" "Shared" "$SAMBA_CONFIG" && return 0
-isXP="N"
-
-if [ -f "$STORAGE/windows.old" ]; then
- MT=$(<"$STORAGE/windows.old")
- if [[ "${MT,,}" == "pc-q35-2"* ]]; then
- isXP="Y"
+if [ -d "/shared2" ]; then
+ addShare "/shared2" "/shared2" "Data2" "Shared" "$SAMBA_CONFIG" || :
+else
+ if [ -d "/data2" ]; then
+ addShare "/data2" "/shared2" "Data2" "Shared" "$SAMBA_CONFIG" || :
fi
fi
-if [[ "$isXP" == [Yy1]* ]]; then
- # Enable NetBIOS on Windows XP
- ! nmbd && nmbd --debug-stdout
+if [ -d "/shared3" ]; then
+ addShare "/shared3" "/shared3" "Data3" "Shared" "$SAMBA_CONFIG" || :
else
- # Enable Web Service Discovery
- wsdd -i dockerbridge -p -n "host.lan" &
+ if [ -d "/data3" ]; then
+ addShare "/data3" "/shared3" "Data3" "Shared" "$SAMBA_CONFIG" || :
+ fi
+fi
+
+# Create directories if missing
+mkdir -p /var/lib/samba/sysvol
+mkdir -p /var/lib/samba/private
+mkdir -p /var/lib/samba/bind-dns
+
+# Try to repair Samba permissions
+[ -d /run/samba/msg.lock ] && chmod -R 0755 /run/samba/msg.lock 2>/dev/null || :
+[ -d /var/log/samba/cores ] && chmod -R 0700 /var/log/samba/cores 2>/dev/null || :
+[ -d /var/cache/samba/msg.lock ] && chmod -R 0755 /var/cache/samba/msg.lock 2>/dev/null || :
+
+rm -f /var/log/samba/log.smbd
+
+if ! smbd -l /var/log/samba; then
+ SAMBA_DEBUG="Y"
+ error "Failed to start Samba daemon!"
+fi
+
+if [[ "$SAMBA_DEBUG" == [Yy1]* ]]; then
+ tail -fn +0 /var/log/samba/log.smbd --pid=$$ &
+fi
+
+case "${NETWORK,,}" in
+ "passt" | "slirp" )
+ return 0 ;;
+esac
+
+if [[ "${BOOT_MODE:-}" == "windows_legacy" ]]; then
+
+ # Enable NetBIOS on Windows 7 and lower
+ [[ "$DEBUG" == [Yy1]* ]] && echo "Starting NetBIOS daemon..."
+
+ rm -f /var/log/samba/log.nmbd
+
+ if ! nmbd -l /var/log/samba; then
+ SAMBA_DEBUG="Y"
+ error "Failed to start NetBIOS daemon!"
+ fi
+
+ if [[ "$SAMBA_DEBUG" == [Yy1]* ]]; then
+ tail -fn +0 /var/log/samba/log.nmbd --pid=$$ &
+ fi
+
+else
+
+ # Enable Web Service Discovery on Vista and up
+ [[ "$DEBUG" == [Yy1]* ]] && echo "Starting wsddn daemon..."
+
+ rm -f /var/log/wsddn.log
+
+ if ! wsddn -i "${interfaces%%,*}" -H "$hostname" --unixd --log-file=/var/log/wsddn.log --pid-file=/var/run/wsdd.pid; then
+ SAMBA_DEBUG="Y"
+ error "Failed to start wsddn daemon!"
+ fi
+
+ if [[ "$SAMBA_DEBUG" == [Yy1]* ]]; then
+ tail -fn +0 /var/log/wsddn.log --pid=$$ &
+ fi
+
fi
return 0
]]></plaintext></settings></span>