Added VIM to GrundpaketServer

tiNGrundpaketServer.txt

@@ -92,7 +92,7 @@ choco install autoruns -y --cacheLocation="c:\temp"
 choco install procexp -y --cacheLocation="c:\temp"
 choco install windirstat -y --cacheLocation="c:\temp"
 choco install doublecmd -y --cacheLocation="c:\temp"
-choco install notepadplusplus.install -y --cacheLocation="c:\temp"
+choco install vim -y --cacheLocation="c:\temp" --params "'/NoDesktopShortcuts'"
 
 #---------------Zabbix: Windows Update Trapper incl. Aufgabenplanung einrichten-----------------
 #Wird erst jetzt ausgeführt da die Installation von Zabbix vorher abgeschlossen sein muss

tiNGrundpaketServer.txt~

@@ -0,0 +1,108 @@
+#Windows Server 2019 Std. Boxstarter Script: Grundpaket und Konfiguration (c) Tüit GmbH
+#TODO: Defaultprograms for Datatypes, Install all Updates (not only critical)
+
+#----------------Setting Variables------------------------
+#Set these Variables to newest Version
+$dZabbixAgentDownloadUrlMsi = "https://www.zabbix.com/downloads/4.4.1/zabbix_agent-4.4.1-win-amd64-openssl.msi"
+$dZabbixWindowsUpdatesVBSUrl = "https://git.tueit.de/tueit_GmbH/zabbix_client_configuration/raw/commit/cbb8ed1c397202e44fc39173e88efc8fff72e447/windowsserver2019/winupdates.vbs"
+
+#Other Variables
+$dHostname = Read-Host 'Input desired Hostname (Default: Keep current hostname)'
+if($dHostname -eq ""){$dHostname = [Net.Dns]::GetHostName()}
+$dInstallZabbix = ""
+$dZabbixServer = ""
+$dZabbixPSK = ""
+$dZabbixHostname = ""
+$dInstallZabbix = Read-Host 'Install and configure Zabbix Agent (yes/no)? (Default: yes)'
+if(($dInstallZabbix -eq "yes") -or ($dInstallZabbix -eq "")){`
+	$dZabbixServer = Read-Host 'Input Zabbix Server or Proxy IP (Default: IP of DefaultGateway)'
+	if($dZabbixServer -eq ""){$dZabbixServer = Get-NetRoute -DestinationPrefix "0.0.0.0/0" | Select-Object -ExpandProperty "NextHop"}
+	$dZabbixPSK = Read-Host 'Input Zabbix PSK (Default: NotSet)'
+	if($dZabbixPSK -eq ""){$dZabbixPSK = "NotSet"}
+	$dZabbixHostname = Read-Host 'Input Zabbix Hostname as defined in Zabbix Server (Default: NotSet)'
+	if($dZabbixHostname -eq ""){$dZabbixHostname = "NotSet"}
+}
+
+#---------------Configure Chocolatey and Environment-------------------------------
+choco features enable -n=allowGlobalConfirmation
+choco feature enable -n=allowEmptyChecksums
+New-Item -ErrorAction Ignore -Path "C:\" -Name "temp" -ItemType "directory"`
+
+#--------------Install Zabbix Agent (if wanted)------------------------------
+if(($dInstallZabbix -eq "yes") -or ($dInstallZabbix -eq "")){
+	wget -O $dZabbixAgentDownloadUrlMsi "C:\temp\zabbix_agent_setup.msi"
+	msiexec /l*v "C:\temp\zabbix_installation_log.txt" /i "C:\temp\zabbix_agent_setup.msi" /norestart /qn SERVER="$dZabbixServer" HOSTNAME="$dZabbixHostname" TLSCONNECT=psk TLSACCEPT=psk TLSPSKIDENTITY="$dHostname" TLSPSKVALUE="$dZabbixPSK" ENABLEREMOTECOMMANDS=1 
+}
+
+#----------------Configure Windows------------------------
+#Set Hostname
+Write-Host "Setting Hostname to $dHostname":
+Rename-Computer -NewName "$dHostname" -Force
+#Enable RemoteDesktop
+Enable-RemoteDesktop
+#Remove annoying Windows Stuff
+Disable-GameBarTips
+Disable-BingSearch
+#Set Taskbar to Lock and put it to the bottom and show all icons
+Set-TaskbarOptions -Size Small -Dock Bottom -Combine Full -Lock
+Set-TaskbarOptions -Size Small -Dock Bottom -Combine Full -AlwaysShowIconsOn
+#Show Hidden Files, File Extensions, Systemfiles and Full-Path in Titlebar
+Set-WindowsExplorerOptions -EnableShowHiddenFilesFoldersDrives -EnableShowProtectedOSFiles -EnableShowFileExtensions -EnableShowFullPathInTitleBar
+#Allow SMB through the firewall
+Write-Host SMB firewall rule:
+netsh advfirewall firewall add rule name=SMB dir=in action=allow localport=445 protocol=tcp
+# Disable SMB Version 1 - https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/
+Disable-WindowsOptionalFeature -Online -FeatureName smb1protocol
+#Disable IPv6
+Write-Host DisabledComponents registry key:
+reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters /v DisabledComponents /t REG_DWORD /d 0xFF /f
+#Zeitserver einstellen
+reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DateTime\Servers /v (Standard) /t REG_SZ /d 1 /f
+reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DateTime\Servers /v 1 /t REG_SZ /d 0.de.pool.ntp.org /f
+reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DateTime\Servers /v 2 /t REG_SZ /d 1.de.pool.ntp.org /f
+net time /setsntp:"0.de.pool.ntp.org"
+
+
+#--------------Windows Update Behaviour-------------------------
+#Set Active Hours, but disable them
+Write-Host Set Active Hours for Windows Updates registry key:
+reg add HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate /v ActiveHoursStart /t REG_DWORD /d 5 /f
+reg add HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate /v ActiveHoursEnd /t REG_DWORD /d 23 /f
+reg add HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate /v SetActiveHours /t REG_DWORD /d 0 /f
+#Configure Windows automatic Updates
+Write-Host Disable automatic reboot after update installation at scheduled time registry key:
+reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /v AlwaysAutoRebootAtScheduledTime /t REG_DWORD /d 0 /f
+Write-Host Set Scheduled Time for Update Install registry key:
+reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /v ScheduleInstallTime /t REG_DWORD /d 23 /f
+Write-Host Set automatically download and notify for installation of updates registry key:
+reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /v AUOptions /t REG_DWORD /d 3 /f
+Write-Host Set No Auto Reboot With Logged On Users registry key:
+reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /v NoAutoRebootWithLoggedOnUsers /t REG_DWORD /d 1 /f
+
+#---------------Install important Windows Packages---------------
+#Install all critical OS Updates
+Install-WindowsUpdate -AcceptEula -GetUpdatesFromMS
+
+#---------------Install Tueit Basic Software---------------------
+choco install anydesk -y --cacheLocation="c:\temp"
+choco install 7zip -y --cacheLocation="c:\temp"
+choco install firefox -y --cacheLocation="c:\temp"
+choco install hwinfo -y --cacheLocation="c:\temp"
+choco install autoruns -y --cacheLocation="c:\temp"
+choco install procexp -y --cacheLocation="c:\temp"
+choco install windirstat -y --cacheLocation="c:\temp"
+choco install doublecmd -y --cacheLocation="c:\temp"
+choco install notepadplusplus.install -y --cacheLocation="c:\temp"
+
+#---------------Zabbix: Windows Update Trapper incl. Aufgabenplanung einrichten-----------------
+#Wird erst jetzt ausgeführt da die Installation von Zabbix vorher abgeschlossen sein muss
+if(($dInstallZabbix -eq "yes") -or ($dInstallZabbix -eq "")){
+	Write-Host Create Windows Update windowsupdates.bat file for sending data to Zabbix Trapper:
+	Write-Output "cscript //NoLogo winupdates.vbs $dZabbixHostname | .\zabbix_sender.exe -z $dZabbixServer -i - -c zabbix_agentd.conf" | Out-File -FilePath "C:\Program Files\Zabbix Agent\winupdates.bat" -Append -Encoding ascii
+	Write-Host Copy VBS-Script for Windows Updates:
+	wget -O "C:\Program Files\Zabbix Agent\winupdates.vbs" $dZabbixWindowsUpdatesVBSUrl
+	Write-Host Create Task for Windows Updates polling to Zabbix:
+	schtasks /create /tn "Zabbix Winupdate Send" /sc MINUTE /mo 30 /tr "C:\Program Files\Zabbix Agent\winupdates.bat" /ru System
+}
+
+