Downloads:
13,835
Downloads of v 1.2.0.20191031:
12,185
Last Update:
31 Oct 2019
Package Maintainer(s):
Software Author(s):
- DarwinJS
Tags:
undo-winrmconfig-during-shutdown winrm packer admin- Software Specific:
- Software Site
- Software Docs
- Software Mailing List
- Software Issues
- Package Specific:
- Package Source
- Package outdated?
- Package broken?
- Contact Maintainers
- Contact Site Admins
- Software Vendor?
- Report Abuse
- Download
undo-winrmconfig-during-shutdown (Install)
- 1
- 2
- 3
1.2.0.20191031 | Updated: 31 Oct 2019
- Software Specific:
- Software Site
- Software Docs
- Software Mailing List
- Software Issues
- Package Specific:
- Package Source
- Package outdated?
- Package broken?
- Contact Maintainers
- Contact Site Admins
- Software Vendor?
- Report Abuse
- Download
Downloads:
13,835
Downloads of v 1.2.0.20191031:
12,185
Maintainer(s):
Software Author(s):
- DarwinJS
undo-winrmconfig-during-shutdown (Install) 1.2.0.20191031
Legal Disclaimer: Neither this package nor Chocolatey Software, Inc. are affiliated with or endorsed by DarwinJS. The inclusion of DarwinJS trademark(s), if any, upon this webpage is solely to identify DarwinJS goods or services and not for commercial purposes.
- 1
- 2
- 3
All Checks are Passing
3 Passing Tests
Deployment Method: Individual Install, Upgrade, & Uninstall
To install undo-winrmconfig-during-shutdown (Install), run the following command from the command line or from PowerShell:
To upgrade undo-winrmconfig-during-shutdown (Install), run the following command from the command line or from PowerShell:
To uninstall undo-winrmconfig-during-shutdown (Install), run the following command from the command line or from PowerShell:
Deployment Method:
This applies to both open source and commercial editions of Chocolatey.
1. Enter Your Internal Repository Url
(this should look similar to https://community.chocolatey.org/api/v2/)
2. Setup Your Environment
1. Ensure you are set for organizational deployment
Please see the organizational deployment guide
2. Get the package into your environment
Option 1: Cached Package (Unreliable, Requires Internet - Same As Community)-
Open Source or Commercial:
- Proxy Repository - Create a proxy nuget repository on Nexus, Artifactory Pro, or a proxy Chocolatey repository on ProGet. Point your upstream to https://community.chocolatey.org/api/v2/. Packages cache on first access automatically. Make sure your choco clients are using your proxy repository as a source and NOT the default community repository. See source command for more information.
- You can also just download the package and push it to a repository Download
-
Open Source
-
Download the package:
Download - Follow manual internalization instructions
-
-
Package Internalizer (C4B)
-
Run: (additional options)
choco download undo-winrmconfig-during-shutdown --internalize --source=https://community.chocolatey.org/api/v2/
-
For package and dependencies run:
choco push --source="'INTERNAL REPO URL'"
- Automate package internalization
-
Run: (additional options)
3. Copy Your Script
choco upgrade undo-winrmconfig-during-shutdown -y --source="'INTERNAL REPO URL'" [other options]
See options you can pass to upgrade.
See best practices for scripting.
Add this to a PowerShell script or use a Batch script with tools and in places where you are calling directly to Chocolatey. If you are integrating, keep in mind enhanced exit codes.
If you do use a PowerShell script, use the following to ensure bad exit codes are shown as failures:
choco upgrade undo-winrmconfig-during-shutdown -y --source="'INTERNAL REPO URL'"
$exitCode = $LASTEXITCODE
Write-Verbose "Exit code was $exitCode"
$validExitCodes = @(0, 1605, 1614, 1641, 3010)
if ($validExitCodes -contains $exitCode) {
Exit 0
}
Exit $exitCode
- name: Install undo-winrmconfig-during-shutdown
win_chocolatey:
name: undo-winrmconfig-during-shutdown
version: '1.2.0.20191031'
source: INTERNAL REPO URL
state: present
See docs at https://docs.ansible.com/ansible/latest/modules/win_chocolatey_module.html.
chocolatey_package 'undo-winrmconfig-during-shutdown' do
action :install
source 'INTERNAL REPO URL'
version '1.2.0.20191031'
end
See docs at https://docs.chef.io/resource_chocolatey_package.html.
cChocoPackageInstaller undo-winrmconfig-during-shutdown
{
Name = "undo-winrmconfig-during-shutdown"
Version = "1.2.0.20191031"
Source = "INTERNAL REPO URL"
}
Requires cChoco DSC Resource. See docs at https://github.com/chocolatey/cChoco.
package { 'undo-winrmconfig-during-shutdown':
ensure => '1.2.0.20191031',
provider => 'chocolatey',
source => 'INTERNAL REPO URL',
}
Requires Puppet Chocolatey Provider module. See docs at https://forge.puppet.com/puppetlabs/chocolatey.
4. If applicable - Chocolatey configuration/installation
See infrastructure management matrix for Chocolatey configuration elements and examples.
This package was approved as a trusted package on 15 Nov 2024.
Disable winrm through a self-deleting shutdown task.
Many windows remote orchestration tools (e.g. Packer) instruct you to completely open up winrm permissions in a way that is not safe for production.
Usually there is no built in method nor instruction on how to re-secure it or shut it back down.
The assumption most likely being that you would handle proper winrm re-configuration as a part of production deployment.
This is not a least privileged approach - depending on how big your company is and how widely your hypervisor templates are used - this is a disaster waiting to happen. So I feel leaving it in a disabled state by default is the far safer option.
To complicate things, if you attempt to secure winrm or shut it down as your last step in orchestration you slam the door on the orchestration system and it marks the attempt as a failure.
Due to imprecise timing, start up tasks that disable winrm could conflict with a subsequent attempt to re-enable it on the next boot for final configuration steps (especially if you are building a hypervisor template).
This self-deleting shutdown task performs the disable on the first shutdown and deletes itself.
If a system shutsdown extremely quickly there is some risk that the shutdown job would not be deleted - but in testing on AWS (very fast shutdown), there have not been an observed problems.
$ErrorActionPreference = 'Stop';
$toolsDir = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
$packageName = $env:ChocolateyPackageName
$ScriptToRun = "$toolsDir\Undo-WinRMConfig.ps1"
Start-ChocolateyProcessAsAdmin "& `'$ScriptToRun`' -RemoveShutdownScriptSetup"
# Undo-WinRMConfig Documentation
- [Undo-WinRMConfig Documentation](#undo-winrmconfig-documentation)
- [Community Testing Help Needed!](#community-testing-help-needed)
- [The Important Security Problem](#the-important-security-problem)
- [This Solution](#this-solution)
- [This Code Implementation](#this-code-implementation)
- [The Disclaimers](#the-disclaimers)
- [Ways to Run It](#ways-to-run-it)
- [Direct Run From GitHub](#direct-run-from-github)
- [Run Undo Process At Shutdown (default)](#run-undo-process-at-shutdown-default)
- [Run Immediately (Careful!)](#run-immediately-careful)
- [Remove Shutdown Job Before It Runs](#remove-shutdown-job-before-it-runs)
- [Place On Image Template Without Running](#place-on-image-template-without-running)
- [Chocolatey Package (Pre-release - does not show up publicly](#chocolatey-package-pre-release---does-not-show-up-publicly)
- [Run At Shutdown (default)](#run-at-shutdown-default)
- [Run Immediately (Careful!)](#run-immediately-careful)
- [Remove Shutdown Job Before It Runs](#remove-shutdown-job-before-it-runs)
# Community Testing Help Needed!
It is not possible for me to test all OS versions and PowerShell versions running directly and via Chocolatey. Thinking community members could pick scenarios relevant to them. Below are some of the desirable tests. Problems reports should be submitted to: https://github.com/DarwinJS/CloudyWindowsAutomationCode/issues
Tests for each below scenario:
* "does it execute at all" but also
* "does it effectively undo WinRM configuration (not disable)" and
* "Can WinRm be rconfigured again with **conventional instructions** after this has run"
Script Functionality:
* (Default) Run and setup shutdown job (choco install)
* Run immediately to Undo WinRM Configuration (don't run over remoting) (choco install -params '"/RunImmediately"' )
* -RemoveShutdownScriptConfig (Choco Uninstall) - removes shutdown job before it runs (it self deletes during actual operation)
Run Scope:
* Run Over Remoting (Choco / non-choco)
* Run Under System Account (choco / non-choco)
* Run under a system account service (choco / non-choco)
OS / PowerShell Scope:
* Windows 2008 R2 (Tested) / Windows 7 (Windows Version 6.1)
* Server 2012 R2 (Tested) / Windows 8.1 (Windows Version 6.3)
* Server 2016 (Tested) / Windows 10 (Windows Version 10.0)
# The Important Security Problem
Many windows remote orchestration tools (e.g. Packer) instruct you to open up winrm permissions in a way that is not safe for (nor intended for) use in production. (e.g. https://www.packer.io/docs/builders/ncloud.html#sample-code-of-template-json) Generally there is no guidance on how to re-secure it nor even a reminder to do so. The assumption most likely being that you would handle proper winrm re-configuration as a part of provisioning the machine - but in many organizations systems preparation may be the only use of WinRM - so it is forgotten. Or maybe whatever you use to re-configure it does not actively manage one of the permissive settings used during machine provisioning.
Sysprep does not revert WinRM configuration to a pristine state and I checked with Microsoft and there is not an API call to revert to pristine either.
Keep in mind that disabling WinRM is not the goal - but rather returning it to a pristine state (or as close as possible). This allows it to be reconfigured using conventional instructions - including the possibility that subsequent system preparation automation (like packer) will be used to prepare a new template image based on a previously prepared image template.
Leaving WinRM in this state is not a least privileged approach for several reasons:
- sysprep does not automatically deconfigure WinRM.
- it is not secure at rest nor by default once booted.
- it is unlikely the next user of the image template would think that WinRM has been preconfigured with permissive settings and that they would need to deal with it.
- frequently images used for testing are not joined to a domain, so even if these settings are handled by a GPO in production environments - not all uses of the image template will necessarily have the benefit of such a GPO configuration.
Depending on how big your company is and how widely your hypervisor templates are used - this is a disaster waiting to happen. So I feel leaving it in a disabled state by default is the far safer option.
# This Solution
This self-deleting shutdown task performs the disable on the first shutdown and deletes itself. It can also run immediately - which only works if you are not using WinRM to run it.
# This Code Implementation
The goal of this code is NOT to disable WinRM, but to set WinRM configuration back to as close to pristine as possible so that it can be reconfigured as necessary.
At first glance, the code will appear a bit over complex, but that complexity has some rationale behind it:
1. If you attempt to revert WinRM configuration as your last step in automation that is using WinRM to access the machine - you slam the door on your own fingers and the automation will most likely exit with an error. This is the exact scenario for Packer.
2. Due to imprecise timing, **startup** tasks that disable winrm could conflict with a subsequent attempt to re-enable it on the next boot for final configuration steps.
3. Setting up a shutdown script requires some manipulation of GPO files and registry keys. To ensure appropriate security permissions no matter what user it used to execute this code, the setup is done via a scheduled job.
4. Since this implementation merely stages the undo to happen at shutdown - the code can run at any point during before the very last shutdown - it does not have to run last (though at the point you run it, you should not need anymore reboots with winrm enabled to finish configuration)
If you have the luxury of running this code locally on the build machine without using WinRM, then you can use the "RunImmediately" switch to skip the above convolutions.
FYI: If a system shuts down extremely quickly there is some risk that the shutdown job would not be deleted - but in testing on AWS (very fast shutdown), there have not been an observed problems.
# The Disclaimers
This code was engineered by reversing the commands required to configure winrm to be used for system preparation by Packer. In that regard it results in returning WinRM configuration to a state similar to, but quite possibly not identical to pristine defaults.
If your WinRM configuration process involves configuring additional items, the reversal of those settings may need to be added to this script. You could create a customized copy or submit an issue or PR against this script.
This code was engineered and tested on Server 2012 R2 / PowerShell 4 - it is unknown how well it works for earlier versions.
# Ways to Run It
## Direct Run From GitHub
### Run Undo Process At Shutdown (default)
Invoke-Expression (invoke-webrequest -uri 'https://raw.githubusercontent.com/DarwinJS/Undo-WinRMConfig/master/Undo-WinRMConfig.ps1')
### Run Immediately (Careful!)
**Caution:** If you run this command while remoting in, you will slam the remoting connection closed and have a non-zero exit code - does not work with packer.
Invoke-webrequest -uri 'https://raw.githubusercontent.com/DarwinJS/Undo-WinRMConfig/master/Undo-WinRMConfig.ps1' -outfile $env:public\Undo-WinRMConfig.ps1 ; & $env:public\Undo-WinRMConfig.ps1 -RunImmediately
### Remove Shutdown Job Before It Runs
Invoke-webrequest -uri 'https://raw.githubusercontent.com/DarwinJS/Undo-WinRMConfig/master/Undo-WinRMConfig.ps1' -outfile $env:public\Undo-WinRMConfig.ps1 ; & $env:public\Undo-WinRMConfig.ps1 -RemoveShutdownScriptConfig
## Place On Image Template Without Running
Invoke-webrequest -uri 'https://raw.githubusercontent.com/DarwinJS/Undo-WinRMConfig/master/Undo-WinRMConfig.ps1' -outfile $env:public\Undo-WinRMConfig.ps1
## Chocolatey Package (Pre-release - does not show up publicly
**ATTENTION: While this code is in the community feedback phase, I have it on a test feed. It will be available via chocolatey.org when the code is finalized**
### Run At Shutdown (default)
choco install undo-winrmconfig-at-shutdown -pre -confirm
### Run Immediately (Careful!)
**Caution:** If you run this command while remoting in, you will slam the remoting connection closed and have a non-zero exit code.
choco install undo-winrmconfig-at-shutdown -pre -confirm -params '"/RunImmediately"' -source https://www.myget.org/F/chocotesting/api/v2/
### Remove Shutdown Job Before It Runs
choco uninstall undo-winrmconfig-at-shutdown -confirm
<#
.SYNOPSIS
Initializes (full read of all bytes) AWS EBS volumes using FIO (File IO Utility).
See this post for full details on why this code is helpful: https://cloudywindows.io/winrm-for-provisioning---close-the-door-on-the-way-out-eh/
.DESCRIPTION
CloudyWindows.io DevOps Automation: https://github.com/DarwinJS/CloudyWindowsAutomationCode
Why and How Blog Post: https://cloudywindows.io/winrm-for-provisioning---close-the-door-when-you-are-done-eh/
Invoke-Expression (invoke-webrequest -uri 'https://raw.githubusercontent.com/DarwinJS/Undo-WinRMConfig/blob/master/Undo-WinRMConfig/Undo-WinRMConfig.ps1')
Invoke-webrequest -uri 'https://raw.githubusercontent.com/DarwinJS/Undo-WinRMConfig/blob/master/Undo-WinRMConfig/Undo-WinRMConfig.ps1' -outfile $env:public\Undo-WinRMConfig.ps1 ; & $env:public\Undo-WinRMConfig.ps1 -immediately
Contributing New Undo Profiles: https://github.com/DarwinJS/Undo-WinRMConfig/blob/master/readme.md
Disclaimer - this code was engineered and tested on Server 2012 R2 and Server 2016.
Many windows remote orchestration tools (e.g. Packer) instruct you to completely open up winrm permissions in a way that is not safe for production.
Usually there is no built in method nor instruction on how to re-secure it or shut it back down.
The assumption most likely being that you would handle proper configuration as a part of production deployment.
This is not a least privileged approach - depending on how big your company is and how widely your hypervisor templates are used - this is a disaster waiting to happen. So I feel leaving it in a disabled state by default is the far safer option.
To complicate things, if you attempt to secure winrm or shut it down as your last step in orchestration you slam the door on the orchestration system and it marks the attempt as a failure.
Due to imprecise timing, start up tasks that disable winrm could conflict with a subsequent attempt to re-enable it on the next boot for final configuration steps (especially if you are building a hypervisor template).
This self-deleting shutdown task performs the disable on the first shutdown and deletes itself.
If a system shutsdown extremely quickly there is some risk that the shutdown job would not be deleted - but in testing on AWS (very fast shutdown), there have not been an observed problems.
Updates and more information on ways to use this script are here: https://github.com/DarwinJS/CloudyWindowsAutomationCode/blob/master/Undo-WinRMConfig/readme.md
.COMPONENT
CloudyWindows.io
.ROLE
Provisioning Automation
.PARAMETER RunImmediately
Specifies list of semi-colon seperated number ids of local Devices to initialize. Devices appear in HKLM:SYSTEM\CurrentControlSet\Services\disk\Enum.
.PARAMETER RemoveShutdownScriptConfig
Cancels running the script at the next shutdown by removing the shutdown configuration and files
.PARAMETER Version
Emits the version and exits.
.EXAMPLE
Invoke-Expression (invoke-webrequest -uri 'https://raw.githubusercontent.com/DarwinJS/Undo-WinRMConfig/blob/master/Undo-WinRMConfig/Undo-WinRMConfig.ps1')
Run directly from github with no parameters - sets up shutdown script to reseal winRM.
.EXAMPLE
Invoke-webrequest -uri 'https://raw.githubusercontent.com/DarwinJS/Undo-WinRMConfig/blob/master/Undo-WinRMConfig/Undo-WinRMConfig.ps1' -outfile $env:public\Undo-WinRMConfig.ps1 ; & $env:public\Undo-WinRMConfig.ps1 -immediately
Download dynamically from github and run immediately.
#>
Param (
[switch]$RunImmediately,
[switch]$RemoveShutdownScriptConfig,
[switch]$Version
)
$ThisScriptVersion = '1.2.0'
If ($version)
{
Write-Host "$ThisScriptVersion"
Exit 0
}
Function Setup-Undo {
Write-Host "`r`n`r`nUndo-WinRMConfig Version $ThisScriptVersion`r`n`r`n"
#This has to work for Win7 (no get-ciminstance) and Nano (no get-wmiobject) - each of which specially construct win32_operatingsystem.version to handle before and after Windows 10 version numbers (which are in different registry keys)
If ($psversiontable.psversion.major -lt 3)
{ $OSMajorMinorVersionString = @(([version](Get-WMIObject Win32_OperatingSystem).version).major,([version](Get-WMIObject Win32_OperatingSystem).version).minor) -join '.' }
Else
{ $OSMajorMinorVersionString = @(([version](Get-CIMInstance Win32_OperatingSystem).version).major,([version](Get-CIMInstance Win32_OperatingSystem).version).minor) -join '.' }
If (!(Test-Path "variable:Pristine-WSMan-${OSMajorMinorVersionString}.reg"))
{
Throw "Undo-WinRMConfig does not have Pristine WSMan .REG file for your OS version $OSMajorMinorVersionString, if you would like to create and contribute one, please see: "
Exit 5
}
#Build the undo script based on parameters
[string]$UndoWinRMScript = @'
If (!$PSScriptRoot) {$PSScriptRoot = Split-Path $MyInvocation.MyCommand.Path -Parent}
#This has to work for Win7 (no get-ciminstance) and Nano (no get-wmiobject) - each of which specially construct win32_operatingsystem.version to handle before and after Windows 10 version numbers (which are in different registry keys)
If ($psversiontable.psversion.major -lt 3)
{ $OSMajorMinorVersionString = @(([version](Get-WMIObject Win32_OperatingSystem).version).major,([version](Get-WMIObject Win32_OperatingSystem).version).minor) -join '.' }
Else
{ $OSMajorMinorVersionString = @(([version](Get-CIMInstance Win32_OperatingSystem).version).major,([version](Get-CIMInstance Win32_OperatingSystem).version).minor) -join '.' }
Write-Host "Disabling all Enabled Firewall rules that address port 5985 or 5896 directly"
$EnabledInboundRMPorts = @(New-object -comObject HNetCfg.FwPolicy2).rules | where-object {($_.LocalPorts -ilike '*5985*') -AND ($_.Enabled -ilike 'True')}
$EnabledInboundRMPorts += @(New-object -comObject HNetCfg.FwPolicy2).rules | where-object {($_.LocalPorts -ilike '*5986*') -AND ($_.Enabled -ilike 'True')}
ForEach ($FirewallRuleName in $EnabledInboundRMPorts)
{
Write-Host "Disabling firewall rule that addresses remoting: `"$($FirewallRuleName.Name)`""
netsh advfirewall firewall set rule name="$($FirewallRuleName.Name)" new enable=No
}
Write-Host "Undoing changes for Enable-PSRemoting, Enable-WSManCredSSP and winrm configuration commands"
Write-Host "Remove LocalAccountTokenFilterPolicy added by winrm configuration"
#This key is symlinked into "Wow6432Node" - both locations are handled by one delete
$regkeypath ='HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system'
If (!((Get-ItemProperty $regkeypath).LocalAccountTokenFilterPolicy -eq $null))
{Remove-ItemProperty -path $regkeypath -name LocalAccountTokenFilterPolicy}
Write-Host "Enable-PSRemoting changes will be removed by undoing WSMAN changes"
Write-Host "Enable-WSManCredSSP client or server changes will be removed by undoing WSMAN changes"
#Remove WSMAN Key before importing pristine .REG
Remove-Item 'HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN' -Recurse -Force
ForEach ($File in (Get-ChildItem "$PSScriptRoot\*${OSMajorMinorVersionString}.reg" | sort-object Name))
{
Write-Host "Importing $OSMajorMinorVersionString\$($File.name)"
reg.exe import "$($File.fullname)"
}
'@
If ($RunImmediately)
{
Write-Output 'Undoing WinRM Config Right Now (do NOT execute this over remoting or this code will not complete)...'
Invoke-Command -ScriptBlock [Scriptblock]::Create($UndoWinRMScript)
exit 0
}
else
{
Write-Output 'Undoing WinRM Config On Next Shutdown'
}
#Write a file and call it in a machine shutdown script
$psScriptsFile = "$env:windir\System32\GroupPolicy\Machine\Scripts\psscripts.ini"
$Key1 = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\Scripts\Shutdown\0'
$Key2 = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine\Scripts\Shutdown\0'
$keys = @($key1,$key2)
$scriptpath = "$env:windir\System32\GroupPolicy\Machine\Scripts\Shutdown\Undo-WinRMConfig.ps1"
$scriptfilename = (Split-Path -leaf $scriptpath)
$ScriptFolder = (Split-Path -parent $scriptpath)
$FileContents = Get-Variable -name "Pristine-WSMan-${OSMajorMinorVersionString}.reg" -ValueOnly
Set-Content -Path "$ScriptFolder\Pristine-WSMan-${OSMajorMinorVersionString}.reg" -Value $FileContents
$selfdeletescript = @"
Start-Sleep -milliseconds 500
Remove-Item -Path "$key1" -Force -Recurse -ErrorAction SilentlyContinue
Remove-Item -Path "$key2" -Force -Recurse -ErrorAction SilentlyContinue
Remove-Item -Path $scriptpath -Force -ErrorAction SilentlyContinue
Get-ChildItem "$env:windir\System32\GroupPolicy\Machine\Scripts\Shutdown\*${OSMajorMinorVersionString}.reg" | remove-item -force
If (Test-Path $psScriptsFile)
{
(Get-Content "$psScriptsFile") -replace '0CmdLine=$scriptfilename', '' | Set-Content "$psScriptsFile"
(Get-Content "$psScriptsFile") -replace '0Parameters=', '' | Set-Content "$psScriptsFile"
}
"@
$selfdeletescript =[Scriptblock]::Create($selfdeletescript)
If ($RemoveShutdownScriptConfig)
{
Write-Host "Removing previously setup shutdown script"
Invoke-Command -ScriptBlock $selfdeletescript
exit $?
}
#Add the cleanup script block as a scheduled job executed immediately at the end of the shutdown script (if we aren't running immediately)
$UndoWinRMScript += "Register-ScheduledJob -Name CleanUpWinRM -RunNow -ScheduledJobOption @{RunElevated=$True;ShowInTaskScheduler=$True;RunWithoutNetwork=$True} -ScriptBlock $selfdeletescript"
Write-Host "Creating $scriptpath, with the following contents:"
Write-Host '*******************'
Write-Host "$UndoWinRMScript"
Write-Host '*******************`r`n`r`n'
If (!(Test-Path $ScriptFolder)) {New-Item $ScriptFolder -type Directory -force | Out-null}
Set-Content -path $scriptpath -value $UndoWinRMScript
Foreach ($Key in $keys)
{
Write-Host "Creating $Key"
New-Item -Path $key -Force | out-null
New-ItemProperty -Path $key -Name GPO-ID -Value LocalGPO -Force | out-null
New-ItemProperty -Path $key -Name SOM-ID -Value Local -Force | out-null
New-ItemProperty -Path $key -Name FileSysPath -Value "$env:windir\System32\GroupPolicy\Machine" -Force | out-null
New-ItemProperty -Path $key -Name DisplayName -Value "Local Group Policy" -Force | out-null
New-ItemProperty -Path $key -Name GPOName -Value "Local Group Policy" -Force | out-null
New-ItemProperty -Path $key -Name PSScriptOrder -Value 1 -PropertyType "DWord" -Force | out-null
$key = "$key\0"
New-Item -Path $key -Force | out-null
New-ItemProperty -Path $key -Name "Script" -Value $scriptfilename -Force | out-null
New-ItemProperty -Path $key -Name "Parameters" -Value $parameters -Force | out-null
New-ItemProperty -Path $key -Name "IsPowershell" -Value 1 -PropertyType "DWord" -Force | out-null
New-ItemProperty -Path $key -Name "ExecTime" -Value 0 -PropertyType "QWord" -Force | out-null
}
Write-Host "Updating $psScriptsFile"
If (!(Test-Path $psScriptsFile)) {New-Item $psScriptsFile -type file -force}
"[Shutdown]" | Out-File $psScriptsFile
"0CmdLine=$scriptfilename" | Out-File $psScriptsFile -Append
"0Parameters=$parameters" | Out-File $psScriptsFile -Append
Write-Host "`r`n`r`nUndo-WinRMConfig (v${ThisScriptVersion}) is staged to run at next shutdown. To unstage, run 'Undo-WinRMConfig -RemoveShutdownScriptConfig'"
}
${Pristine-WSMan-10.0.reg} = @'
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN]
"ServiceStackVersion"="3.0"
"StackVersion"="2.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\AutoRestartList]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\CertMapping]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Client]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Listener]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Listener\*+HTTP]
"Port"=dword:00001761
"uriprefix"="wsman"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Event Forwarding Plugin]
"ConfigXML"="<PlugInConfiguration xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Name=\"Event Forwarding Plugin\" Filename=\"C:\\Windows\\system32\\wevtfwd.dll\" SDKVersion=\"1\" XmlRenderingType=\"text\" UseSharedProcess=\"false\" ProcessIdleTimeoutSec=\"0\" RunAsUser=\"\" RunAsPassword=\"\" AutoRestart=\"false\" Enabled=\"true\" OutputBufferingMode=\"Block\" ><Resources><Resource ResourceUri=\"http://schemas.microsoft.com/wbem/wsman/1/windows/EventLog\" SupportsOptions=\"true\" ><Security Uri=\"\" ExactMatch=\"false\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GR;;;ER)S:P(AU;FA;GA;;;WD)(AU;SA;GWGX;;;WD)\" /><Capability Type=\"Subscribe\" SupportsFiltering=\"true\" /></Resource></Resources><Quotas MaxConcurrentUsers=\"2147483647\" MaxConcurrentOperationsPerUser=\"2147483647\" MaxConcurrentOperations=\"2147483647\"/></PlugInConfiguration>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"=" <PlugInConfiguration xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Name=\"microsoft.powershell\" Filename=\"%windir%\\system32\\pwrshplugin.dll\" SDKVersion=\"2\" XmlRenderingType=\"text\" Enabled=\"true\" > <InitializationParameters> <Param Name=\"PSVersion\" Value=\"5.1\"/> </InitializationParameters> <Resources> <Resource ResourceUri=\"http://schemas.microsoft.com/powershell/microsoft.powershell\" SupportsOptions=\"true\" ExactMatch=\"true\"> <Security xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Uri=\"http://schemas.microsoft.com/powershell/microsoft.powershell\" ExactMatch=\"true\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)\"/> <Capability Type=\"Shell\"/> </Resource> </Resources> <Quotas MaxMemoryPerShellMB=\"2147483647\" MaxIdleTimeoutms=\"2147483647\" MaxConcurrentUsers=\"2147483647\" IdleTimeoutms=\"7200000\" MaxProcessesPerShell=\"2147483647\" MaxConcurrentCommandsPerShell=\"2147483647\" MaxShells=\"2147483647\" MaxShellsPerUser=\"2147483647\"/> </PlugInConfiguration>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell.Workflow]
"ConfigXML"=" <PlugInConfiguration xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Name=\"microsoft.powershell.workflow\" Filename=\"%windir%\\system32\\pwrshplugin.dll\" SDKVersion=\"2\" XmlRenderingType=\"text\" UseSharedProcess=\"true\" ProcessIdleTimeoutSec=\"1209600\" RunAsUser=\"\" RunAsPassword=\"\" AutoRestart=\"false\" Enabled=\"true\" > <InitializationParameters> <Param Name=\"PSVersion\" Value=\"5.1\"/> <Param Name=\"AssemblyName\" Value=\"Microsoft.PowerShell.Workflow.ServiceCore, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL\"/> <Param Name=\"PSSessionConfigurationTypeName\" Value=\"Microsoft.PowerShell.Workflow.PSWorkflowSessionConfiguration\"/> <Param Name=\"SessionConfigurationData\" Value=\" <SessionConfigurationData> <Param Name="ModulesToImport" Value="%windir%\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflow"/> <Param Name="PrivateData"> <PrivateData> <Param Name="enablevalidation" Value="true" /> </PrivateData> </Param> </SessionConfigurationData> \" /> </InitializationParameters> <Resources> <Resource ResourceUri=\"http://schemas.microsoft.com/powershell/microsoft.powershell.workflow\" SupportsOptions=\"true\" ExactMatch=\"true\"> <Security xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Uri=\"http://schemas.microsoft.com/powershell/microsoft.powershell.workflow\" ExactMatch=\"true\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)\"/> <Capability Type=\"Shell\"/> </Resource> </Resources> <Quotas MaxMemoryPerShellMB=\"2147483647\" MaxIdleTimeoutms=\"2147483647\" MaxConcurrentUsers=\"2147483647\" IdleTimeoutms=\"7200000\" MaxProcessesPerShell=\"2147483647\" MaxConcurrentCommandsPerShell=\"2147483647\" MaxShells=\"2147483647\" MaxShellsPerUser=\"2147483647\"/> </PlugInConfiguration>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell32]
"ConfigXML"="<PlugInConfiguration xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Name=\"microsoft.powershell32\" Filename=\"%windir%\\system32\\pwrshplugin.dll\" SDKVersion=\"2\" XmlRenderingType=\"text\" Architecture=\"32\" Enabled=\"true\" > <InitializationParameters> <Param Name=\"PSVersion\" Value=\"5.1\"/> </InitializationParameters> <Resources> <Resource ResourceUri=\"http://schemas.microsoft.com/powershell/microsoft.powershell32\" SupportsOptions=\"true\" ExactMatch=\"true\"> <Security xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Uri=\"http://schemas.microsoft.com/powershell/microsoft.powershell32\" ExactMatch=\"true\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)\"/> <Capability Type=\"Shell\"/> </Resource> </Resources> <Quotas MaxMemoryPerShellMB=\"2147483647\" MaxIdleTimeoutms=\"2147483647\" MaxConcurrentUsers=\"2147483647\" IdleTimeoutms=\"7200000\" MaxProcessesPerShell=\"2147483647\" MaxConcurrentCommandsPerShell=\"2147483647\" MaxShells=\"2147483647\" MaxShellsPerUser=\"2147483647\"/> </PlugInConfiguration>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.Windows.ServerManagerWorkflows]
"ConfigXML"=" <PlugInConfiguration xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Name=\"microsoft.windows.servermanagerworkflows\" Filename=\"C:\\Windows\\system32\\pwrshplugin.dll\" SDKVersion=\"2\" XmlRenderingType=\"text\" UseSharedProcess=\"true\" Enabled=\"true\" RunAsUser=\"\" RunAsPassword=\"\" AutoRestart=\"false\" > <InitializationParameters> <Param Name=\"PSVersion\" Value=\"3.0\"/> <Param Name=\"AssemblyName\" Value=\"Microsoft.Windows.ServerManager.Common, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL\"/> <Param Name=\"PSSessionConfigurationTypeName\" Value=\"Microsoft.Windows.ServerManager.Common.Workflow.WorkflowSessionConfiguration\"/> <Param Name=\"SessionConfigurationData\" Value=\" <SessionConfigurationData> <Param Name="ModulesToImport" Value="C:\\Windows\\\\system32\\\\ServerManagerInternal,C:\\Windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\Modules\\\\PSWorkflow" /> <Param Name="PrivateData"> <PrivateData> <Param Name="allowedactivity" Value="*" /> <Param Name="outofprocessactivity" Value="" /> </PrivateData> </Param> </SessionConfigurationData> \" /> </InitializationParameters> <Resources> <Resource ResourceUri=\"http://schemas.microsoft.com/powershell/microsoft.windows.servermanagerworkflows\" SupportsOptions=\"true\" ExactMatch=\"true\"> <Security xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Uri=\"http://schemas.microsoft.com/powershell/microsoft.windows.servermanagerworkflows\" ExactMatch=\"true\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)\"/> <Capability Type=\"Shell\"/> </Resource> </Resources> <Quotas MaxIdleTimeoutms=\"180000\" IdleTimeoutms=\"180000\" MaxConcurrentUsers=\"5\" MaxMemoryPerShellMB=\"2000\" MaxShells=\"100\" MaxProcessesPerShell=\"45\" MaxShellsPerUser=\"25\" MaxConcurrentCommandsPerShell=\"5000\"/> </PlugInConfiguration>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\SEL Plugin]
"ConfigXML"="<PlugInConfiguration xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Name=\"SEL Plugin\" Filename=\"C:\\Windows\\system32\\wsmselpl.dll\" SDKVersion=\"1\" XmlRenderingType=\"text\" UseSharedProcess=\"false\" ProcessIdleTimeoutSec=\"0\" RunAsUser=\"\" RunAsPassword=\"\" AutoRestart=\"false\" Enabled=\"true\" OutputBufferingMode=\"Block\" > <Resources> <Resource ResourceUri=\"http://schemas.microsoft.com/wbem/wsman/1/logrecord/sel\" SupportsOptions=\"true\" > <Security Uri=\"\" ExactMatch=\"false\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;S-1-5-80-4059739203-877974739-1245631912-527174227-2996563517)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)\" /> <Capability Type=\"Subscribe\" /> </Resource> </Resources> <Quotas MaxConcurrentUsers=\"2147483647\" MaxConcurrentOperationsPerUser=\"2147483647\" MaxConcurrentOperations=\"2147483647\"/> </PlugInConfiguration>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\WMI Provider]
"ConfigXML"="<PlugInConfiguration xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Name=\"WMI Provider\" Filename=\"C:\\Windows\\system32\\WsmWmiPl.dll\" SDKVersion=\"1\" XmlRenderingType=\"text\" UseSharedProcess=\"false\" ProcessIdleTimeoutSec=\"0\" RunAsUser=\"\" RunAsPassword=\"\" AutoRestart=\"false\" Enabled=\"true\" OutputBufferingMode=\"Block\" ><Resources><Resource ResourceUri=\"http://schemas.microsoft.com/wbem/wsman/1/wmi\" SupportsOptions=\"true\" ><Security Uri=\"\" ExactMatch=\"false\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GWGX;;;WD)\" /><Capability Type=\"Identify\" /><Capability Type=\"Get\" SupportsFragment=\"true\" /><Capability Type=\"Put\" SupportsFragment=\"true\" /><Capability Type=\"Invoke\" /><Capability Type=\"Create\" /><Capability Type=\"Delete\" /><Capability Type=\"Enumerate\" SupportsFiltering=\"true\"/><Capability Type=\"Subscribe\" SupportsFiltering=\"true\"/></Resource><Resource ResourceUri=\"http://schemas.dmtf.org/wbem/wscim/1/cim-schema\" SupportsOptions=\"true\" ><Security Uri=\"\" ExactMatch=\"false\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GWGX;;;WD)\" /><Capability Type=\"Get\" SupportsFragment=\"true\" /><Capability Type=\"Put\" SupportsFragment=\"true\" /><Capability Type=\"Invoke\" /><Capability Type=\"Create\" /><Capability Type=\"Delete\" /><Capability Type=\"Enumerate\"/><Capability Type=\"Subscribe\" SupportsFiltering=\"true\"/></Resource><Resource ResourceUri=\"http://schemas.dmtf.org/wbem/wscim/1/*\" SupportsOptions=\"true\" ExactMatch=\"true\" ><Security Uri=\"\" ExactMatch=\"false\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GWGX;;;WD)\" /><Capability Type=\"Enumerate\" SupportsFiltering=\"true\"/><Capability Type=\"Subscribe\"SupportsFiltering=\"true\"/></Resource><Resource ResourceUri=\"http://schemas.dmtf.org/wbem/cim-xml/2/cim-schema/2/*\" SupportsOptions=\"true\" ExactMatch=\"true\"><Security Uri=\"\" ExactMatch=\"false\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GWGX;;;WD)\" /><Capability Type=\"Get\" SupportsFragment=\"false\"/><Capability Type=\"Enumerate\" SupportsFiltering=\"true\"/></Resource></Resources><Quotas MaxConcurrentUsers=\"2147483647\" MaxConcurrentOperationsPerUser=\"2147483647\" MaxConcurrentOperations=\"2147483647\"/></PlugInConfiguration>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\SafeClientList]
"WSManSafeClientList"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Service]
"allow_remote_requests"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\WinRS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\WinRS\CustomRemoteShell]
'@
${Pristine-WSMan-6.3.reg} = @'
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN]
"StackVersion"="2.0"
"ServiceStackVersion"="3.0"
"WtrPresent"=dword:00000000
"UpdatedConfig"="E6F6821F-51CC-4FEC-8E46-40C75C0CAD27"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\AutoRestartList]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\CertMapping]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Client]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Listener]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Listener\*+HTTP]
"hostname"=""
"uriprefix"="wsman"
"certThumbprint"=""
"Port"=dword:00001761
"enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Event Forwarding Plugin]
"ConfigXML"="<PlugInConfiguration xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Name=\"Event Forwarding Plugin\" Filename=\"C:\\Windows\\system32\\wevtfwd.dll\" SDKVersion=\"1\" XmlRenderingType=\"text\" UseSharedProcess=\"false\" ProcessIdleTimeoutSec=\"0\" RunAsUser=\"\" RunAsPassword=\"\" AutoRestart=\"false\" Enabled=\"true\" OutputBufferingMode=\"Block\" ><Resources><Resource ResourceUri=\"http://schemas.microsoft.com/wbem/wsman/1/windows/EventLog\" SupportsOptions=\"true\" ><Security Uri=\"\" ExactMatch=\"false\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GR;;;ER)S:P(AU;FA;GA;;;WD)(AU;SA;GWGX;;;WD)\" /><Capability Type=\"Subscribe\" SupportsFiltering=\"true\" /></Resource></Resources><Quotas MaxConcurrentUsers=\"100\" MaxConcurrentOperationsPerUser=\"15\" MaxConcurrentOperations=\"1500\"/></PlugInConfiguration>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"="<PlugInConfiguration xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Name=\"microsoft.powershell\" Filename=\"%windir%\\system32\\pwrshplugin.dll\" SDKVersion=\"2\" XmlRenderingType=\"text\" Enabled=\"true\" Architecture=\"64\" UseSharedProcess=\"false\" ProcessIdleTimeoutSec=\"0\" RunAsUser=\"\" RunAsPassword=\"\" RunAsVirtualAccount=\"false\" RunAsVirtualAccountGroups=\"\" AutoRestart=\"false\" OutputBufferingMode=\"Block\"><InitializationParameters><Param Name=\"PSVersion\" Value=\"5.0\"/></InitializationParameters><Resources><Resource ResourceUri=\"http://schemas.microsoft.com/powershell/microsoft.powershell\" SupportsOptions=\"true\" ExactMatch=\"true\"><Security xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Uri=\"http://schemas.microsoft.com/powershell/microsoft.powershell\" ExactMatch=\"true\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)\"/><Capability Type=\"Shell\"/></Resource></Resources><Quotas MaxMemoryPerShellMB=\"1024\" MaxIdleTimeoutms=\"2147483647\" MaxConcurrentUsers=\"5\" IdleTimeoutms=\"7200000\" MaxProcessesPerShell=\"15\" MaxConcurrentCommandsPerShell=\"1000\" MaxShells=\"25\" MaxShellsPerUser=\"25\"/></PlugInConfiguration>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell.Workflow]
"ConfigXML"="<PlugInConfiguration xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Name=\"microsoft.powershell.workflow\" Filename=\"%windir%\\system32\\pwrshplugin.dll\" SDKVersion=\"2\" XmlRenderingType=\"text\" UseSharedProcess=\"true\" ProcessIdleTimeoutSec=\"1209600\" RunAsUser=\"\" RunAsPassword=\"\" AutoRestart=\"false\" Enabled=\"true\" Architecture=\"64\" RunAsVirtualAccount=\"false\" RunAsVirtualAccountGroups=\"\" OutputBufferingMode=\"Block\"><InitializationParameters><Param Name=\"PSVersion\" Value=\"5.0\"/><Param Name=\"AssemblyName\" Value=\"Microsoft.PowerShell.Workflow.ServiceCore, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL\"/><Param Name=\"PSSessionConfigurationTypeName\" Value=\"Microsoft.PowerShell.Workflow.PSWorkflowSessionConfiguration\"/><Param Name=\"SessionConfigurationData\" Value=\" <SessionConfigurationData> <Param Name="ModulesToImport" Value="%windir%\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflow"/> <Param Name="PrivateData"> <PrivateData> <Param Name="enablevalidation" Value="true" /> </PrivateData> </Param> </SessionConfigurationData> \"/></InitializationParameters><Resources><Resource ResourceUri=\"http://schemas.microsoft.com/powershell/microsoft.powershell.workflow\" SupportsOptions=\"true\" ExactMatch=\"true\"><Security xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Uri=\"http://schemas.microsoft.com/powershell/microsoft.powershell.workflow\" ExactMatch=\"true\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)\"/><Capability Type=\"Shell\"/></Resource></Resources><Quotas MaxMemoryPerShellMB=\"1024\" MaxIdleTimeoutms=\"2147483647\" MaxConcurrentUsers=\"5\" IdleTimeoutms=\"7200000\" MaxProcessesPerShell=\"15\" MaxConcurrentCommandsPerShell=\"1000\" MaxShells=\"25\" MaxShellsPerUser=\"25\"/></PlugInConfiguration>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell32]
"ConfigXML"="<PlugInConfiguration xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Name=\"microsoft.powershell32\" Filename=\"%windir%\\system32\\pwrshplugin.dll\" SDKVersion=\"2\" XmlRenderingType=\"text\" Architecture=\"32\" Enabled=\"true\" UseSharedProcess=\"false\" ProcessIdleTimeoutSec=\"0\" RunAsUser=\"\" RunAsPassword=\"\" RunAsVirtualAccount=\"false\" RunAsVirtualAccountGroups=\"\" AutoRestart=\"false\" OutputBufferingMode=\"Block\"><InitializationParameters><Param Name=\"PSVersion\" Value=\"5.0\"/></InitializationParameters><Resources><Resource ResourceUri=\"http://schemas.microsoft.com/powershell/microsoft.powershell32\" SupportsOptions=\"true\" ExactMatch=\"true\"><Security xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Uri=\"http://schemas.microsoft.com/powershell/microsoft.powershell32\" ExactMatch=\"true\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)\"/><Capability Type=\"Shell\"/></Resource></Resources><Quotas MaxMemoryPerShellMB=\"1024\" MaxIdleTimeoutms=\"2147483647\" MaxConcurrentUsers=\"5\" IdleTimeoutms=\"7200000\" MaxProcessesPerShell=\"15\" MaxConcurrentCommandsPerShell=\"1000\" MaxShells=\"25\" MaxShellsPerUser=\"25\"/></PlugInConfiguration>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.Windows.ServerManagerWorkflows]
"ConfigXML"="<PlugInConfiguration xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Name=\"microsoft.windows.servermanagerworkflows\" Filename=\"C:\\Windows\\system32\\pwrshplugin.dll\" SDKVersion=\"2\" XmlRenderingType=\"text\" UseSharedProcess=\"true\" Enabled=\"true\" RunAsUser=\"\" RunAsPassword=\"\" AutoRestart=\"false\" Architecture=\"64\" ProcessIdleTimeoutSec=\"0\" RunAsVirtualAccount=\"false\" RunAsVirtualAccountGroups=\"\" OutputBufferingMode=\"Block\"><InitializationParameters><Param Name=\"PSVersion\" Value=\"3.0\"/><Param Name=\"AssemblyName\" Value=\"Microsoft.Windows.ServerManager.Common, Version=6.3.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL\"/><Param Name=\"PSSessionConfigurationTypeName\" Value=\"Microsoft.Windows.ServerManager.Common.Workflow.WorkflowSessionConfiguration\"/><Param Name=\"SessionConfigurationData\" Value=\" <SessionConfigurationData> <Param Name="ModulesToImport" Value="C:\\Windows\\\\system32\\\\ServerManagerInternal,C:\\Windows\\\\system32\\\\windowspowershell\\\\v1.0\\\\Modules\\\\PSWorkflow" /> <Param Name="PrivateData"> <PrivateData> <Param Name="allowedactivity" Value="*" /> <Param Name="outofprocessactivity" Value="" /> </PrivateData> </Param> </SessionConfigurationData> \"/></InitializationParameters><Resources><Resource ResourceUri=\"http://schemas.microsoft.com/powershell/microsoft.windows.servermanagerworkflows\" SupportsOptions=\"true\" ExactMatch=\"true\"><Security xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Uri=\"http://schemas.microsoft.com/powershell/microsoft.windows.servermanagerworkflows\" ExactMatch=\"true\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)\"/><Capability Type=\"Shell\"/></Resource></Resources><Quotas MaxIdleTimeoutms=\"180000\" IdleTimeoutms=\"180000\" MaxConcurrentUsers=\"5\" MaxMemoryPerShellMB=\"2000\" MaxShells=\"100\" MaxProcessesPerShell=\"45\" MaxShellsPerUser=\"25\" MaxConcurrentCommandsPerShell=\"5000\"/></PlugInConfiguration>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\SEL Plugin]
"ConfigXML"="<PlugInConfiguration xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Name=\"SEL Plugin\" Filename=\"C:\\Windows\\system32\\wsmselpl.dll\" SDKVersion=\"1\" XmlRenderingType=\"text\" UseSharedProcess=\"false\" ProcessIdleTimeoutSec=\"0\" RunAsUser=\"\" RunAsPassword=\"\" AutoRestart=\"false\" Enabled=\"true\" OutputBufferingMode=\"Block\" > <Resources> <Resource ResourceUri=\"http://schemas.microsoft.com/wbem/wsman/1/logrecord/sel\" SupportsOptions=\"true\" > <Security Uri=\"\" ExactMatch=\"false\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;S-1-5-80-4059739203-877974739-1245631912-527174227-2996563517)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)\" /> <Capability Type=\"Subscribe\" /> </Resource> </Resources> <Quotas MaxConcurrentUsers=\"100\" MaxConcurrentOperationsPerUser=\"15\" MaxConcurrentOperations=\"1500\"/> </PlugInConfiguration>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\WMI Provider]
"ConfigXML"="<PlugInConfiguration xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Name=\"WMI Provider\" Filename=\"C:\\Windows\\system32\\WsmWmiPl.dll\" SDKVersion=\"1\" XmlRenderingType=\"text\" UseSharedProcess=\"false\" ProcessIdleTimeoutSec=\"0\" RunAsUser=\"\" RunAsPassword=\"\" AutoRestart=\"false\" Enabled=\"true\" OutputBufferingMode=\"Block\" ><Resources><Resource ResourceUri=\"http://schemas.microsoft.com/wbem/wsman/1/wmi\" SupportsOptions=\"true\" ><Security Uri=\"\" ExactMatch=\"false\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GWGX;;;WD)\" /><Capability Type=\"Identify\" /><Capability Type=\"Get\" SupportsFragment=\"true\" /><Capability Type=\"Put\" SupportsFragment=\"true\" /><Capability Type=\"Invoke\" /><Capability Type=\"Create\" /><Capability Type=\"Delete\" /><Capability Type=\"Enumerate\" SupportsFiltering=\"true\"/><Capability Type=\"Subscribe\" SupportsFiltering=\"true\"/></Resource><Resource ResourceUri=\"http://schemas.dmtf.org/wbem/wscim/1/cim-schema\" SupportsOptions=\"true\" ><Security Uri=\"\" ExactMatch=\"false\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GWGX;;;WD)\" /><Capability Type=\"Get\" SupportsFragment=\"true\" /><Capability Type=\"Put\" SupportsFragment=\"true\" /><Capability Type=\"Invoke\" /><Capability Type=\"Create\" /><Capability Type=\"Delete\" /><Capability Type=\"Enumerate\"/><Capability Type=\"Subscribe\" SupportsFiltering=\"true\"/></Resource><Resource ResourceUri=\"http://schemas.dmtf.org/wbem/wscim/1/*\" SupportsOptions=\"true\" ExactMatch=\"true\" ><Security Uri=\"\" ExactMatch=\"false\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GWGX;;;WD)\" /><Capability Type=\"Enumerate\" SupportsFiltering=\"true\"/><Capability Type=\"Subscribe\"SupportsFiltering=\"true\"/></Resource><Resource ResourceUri=\"http://schemas.dmtf.org/wbem/cim-xml/2/cim-schema/2/*\" SupportsOptions=\"true\" ExactMatch=\"true\"><Security Uri=\"\" ExactMatch=\"false\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GWGX;;;WD)\" /><Capability Type=\"Get\" SupportsFragment=\"false\"/><Capability Type=\"Enumerate\" SupportsFiltering=\"true\"/></Resource></Resources><Quotas MaxConcurrentUsers=\"100\" MaxConcurrentOperationsPerUser=\"100\" MaxConcurrentOperations=\"1500\"/></PlugInConfiguration>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\SafeClientList]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Service]
"allow_remote_requests"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\WinRS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\WinRS\CustomRemoteShell]
'@
${Pristine-WSMan-6.1.reg} = @'
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN]
"StackVersion"="2.0"
"SupportsCompatListeners"=dword:00000001
"UpdatedConfig"="58262FF8-3F83-4B48-A1FB-054FA5700982"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\CertMapping]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Client]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Listener]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Event Forwarding Plugin]
"ConfigXML"="<PlugInConfiguration xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Name=\"Event Forwarding Plugin\" Filename=\"%systemroot%\\system32\\wevtfwd.dll\" SDKVersion=\"1\" XmlRenderingType=\"text\" ><Resources><Resource ResourceUri=\"http://schemas.microsoft.com/wbem/wsman/1/windows/EventLog\" SupportsOptions=\"true\" ><Security Uri=\"\" ExactMatch=\"false\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GR;;;ER)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)\" /><Capability Type=\"Subscribe\" SupportsFiltering=\"true\" /></Resource></Resources></PlugInConfiguration>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"=" <PlugInConfiguration xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Name=\"microsoft.powershell\" Filename=\"%windir%\\system32\\pwrshplugin.dll\" SDKVersion=\"1\" XmlRenderingType=\"text\" > <InitializationParameters> <Param Name=\"PSVersion\" Value=\"2.0\"/> </InitializationParameters> <Resources> <Resource ResourceUri=\"http://schemas.microsoft.com/powershell/microsoft.powershell\" SupportsOptions=\"true\" ExactMatch=\"true\"> <Security xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Uri=\"http://schemas.microsoft.com/powershell/microsoft.powershell\" ExactMatch=\"true\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)\"/> <Capability Type=\"Shell\"/> </Resource> </Resources> </PlugInConfiguration>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.ServerManager]
"ConfigXML"=" <PlugInConfiguration xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Name=\"microsoft.ServerManager\" Filename=\"%windir%\\system32\\pwrshplugin.dll\" SDKVersion=\"1\" XmlRenderingType=\"text\" > <InitializationParameters> <Param Name=\"PSVersion\" Value=\"2.0\"/> <Param Name=\"AssemblyName\" Value=\"Microsoft.Windows.ServerManager.PowerShell, Version=6.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL\" /> <Param Name=\"PSSessionConfigurationTypeName\" Value=\"Microsoft.Windows.ServerManager.Commands.PowerShellCustomShell\" /> </InitializationParameters> <Resources> <Resource ResourceUri=\"http://schemas.microsoft.com/powershell/microsoft.ServerManager\" SupportsOptions=\"true\" ExactMatch=\"true\"> <Security xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Uri=\"http://schemas.microsoft.com/powershell/microsoft.ServerManager\" ExactMatch=\"true\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)\"/> <Capability Type=\"Shell\"/> </Resource> </Resources> </PlugInConfiguration>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\SEL Plugin]
"ConfigXML"="<PlugInConfiguration xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Name=\"SEL Plugin\" Filename=\"%systemroot%\\system32\\wsmselpl.dll\" SDKVersion=\"1\" XmlRenderingType=\"text\" ><Resources><Resource ResourceUri=\"http://schemas.microsoft.com/wbem/wsman/1/logrecord/sel\" SupportsOptions=\"true\" ><Security Uri=\"\" ExactMatch=\"false\" Sddl=\"O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;S-1-5-80-4059739203-877974739-1245631912-527174227-2996563517)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)\" /><Capability Type=\"Subscribe\" /></Resource></Resources></PlugInConfiguration>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\WMI Provider]
"ConfigXML"="<PlugInConfiguration xmlns=\"http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration\" Name=\"WMI Provider\" Filename=\"%systemroot%\\system32\\WsmWmiPl.dll\" SDKVersion=\"1\" XmlRenderingType=\"text\" ><Resources><Resource ResourceUri=\"http://schemas.microsoft.com/wbem/wsman/1/wmi\" SupportsOptions=\"true\" ><Capability Type=\"Get\" SupportsFragment=\"true\" /><Capability Type=\"Put\" SupportsFragment=\"true\" /><Capability Type=\"Invoke\" /><Capability Type=\"Enumerate\" SupportsFiltering=\"true\"/></Resource><Resource ResourceUri=\"http://schemas.dmtf.org/wbem/wscim/1/cim-schema\" SupportsOptions=\"true\" ><Capability Type=\"Get\" SupportsFragment=\"true\" /><Capability Type=\"Put\" SupportsFragment=\"true\" /><Capability Type=\"Invoke\" /><Capability Type=\"Enumerate\" /></Resource><Resource ResourceUri=\"http://schemas.dmtf.org/wbem/wscim/1/*\" SupportsOptions=\"true\" ExactMatch=\"true\" ><Capability Type=\"Enumerate\" SupportsFiltering=\"true\"/></Resource></Resources></PlugInConfiguration>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Service]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\WinRS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\WinRS\CustomRemoteShell]
'@
Setup-Undo
Log in or click on link to see number of positives.
In cases where actual malware is found, the packages are subject to removal. Software sometimes has false positives. Moderators do not necessarily validate the safety of the underlying software, only that a package retrieves software from the official distribution point and/or validate embedded software against official distribution point (where distribution rights allow redistribution).
Chocolatey Pro provides runtime protection from possible malware.
Add to Builder | Version | Downloads | Last Updated | Status |
---|---|---|---|---|
undo-winrmconfig-during-shutdown (Install) 1.2.0.20191031 | 12185 | Thursday, October 31, 2019 | Approved | |
undo-winrmconfig-during-shutdown (Install) 1.2.0 | 850 | Wednesday, September 5, 2018 | Approved | |
undo-winrmconfig-during-shutdown (Install) 1.1.9-alpha2 | 251 | Thursday, July 12, 2018 | Exempted | |
undo-winrmconfig-during-shutdown (Install) 1.1.8-alpha2 | 289 | Sunday, June 24, 2018 | Exempted | |
undo-winrmconfig-during-shutdown (Install) 1.1.8-alpha1 | 260 | Thursday, June 21, 2018 | Exempted |
Ground Rules:
- This discussion is only about undo-winrmconfig-during-shutdown (Install) and the undo-winrmconfig-during-shutdown (Install) package. If you have feedback for Chocolatey, please contact the Google Group.
- This discussion will carry over multiple versions. If you have a comment about a particular version, please note that in your comments.
- The maintainers of this Chocolatey Package will be notified about new comments that are posted to this Disqus thread, however, it is NOT a guarantee that you will get a response. If you do not hear back from the maintainers after posting a message below, please follow up by using the link on the left side of this page or follow this link to contact maintainers. If you still hear nothing back, please follow the package triage process.
- Tell us what you love about the package or undo-winrmconfig-during-shutdown (Install), or tell us what needs improvement.
- Share your experiences with the package, or extra configuration or gotchas that you've found.
- If you use a url, the comment will be flagged for moderation until you've been whitelisted. Disqus moderated comments are approved on a weekly schedule if not sooner. It could take between 1-5 days for your comment to show up.