I use NTLite to build my system images for windows every 6 months or so. I have thus far automated via powershell and batch scripts the following things:
1) Not powershell or batch-related but my answer file I injected into the ISO takes care of ALL things during the OS installation including the disk partitioning EXCEPT FOR the user account creation, that's the only exception
2) Post-install scripts:
1) Installing the necessary game launchers (STEAM, EA, Origin, Rockstar, EpicGames, GeforceNOW, GeforceExperience) IF it's a gaming PC (the scripts asks you yes or not, if you write yes then the next step will be the installation of them via Chocolatey)
2) Activates some software via my license key I bought
3) Turns on 128-bit file-sharing encryption
4) Installs a necessary NuGet Package Provider which will be needed for some scripts later
5) Force-Installs some PSModules I need for some scripts later
6) Pulls all the missing OS updates via WUS for the given OS, I build 1 image for Win10 and 1 image for Win11 so it'll be different depending on the OS
7) Installs Kaspersky Total Security silently via cmdprompt, it's a batch script
8) Creates a Scheduled Task for the Winget Update for all apps on my system that WinGet could possibly update, this will run 1x every Monday at 12PM; if it cannot, then it will be scheduled to run at the next opportunity. It updates those apps forcibly and silently
9) This powershell script enables BitLocker FVE with a default PIN I set inside the script, waits for 20 minutes (that's usually how long it takes for BitLocker to complete on my systems), then enters into a ForEach Loop during which it will check for the current encryption percentage 1x every 3 minutes, and once it finds the current encryption percentage is 100% it runs shutdown -s -t 0 /f rebooting my system forcibly with 0s downtime
9) About 8 months ago I wrote 2 GUI apps in Powershell, created the installer for them in InnoSetup, costumized it a little to check if the apps have already been installed prior and not been removed since, if the answer to that is no, then this script will inject 2 regkeys into the RunOnce reg hive and that will have my 2 apps start after I reboot the system and log on. One changes the BitLocker PIN, the other prompts to connect to my NAS, enter my credentials, then connect to it, queries all the available network shares on it then attempts to map all the network shares I can access as local drives in File Explorer, permanently, persistently by changing the DeferFlag reg key's value from 1 to 4, so if I reboot the system, those network shares will stay mapped as local drives in File Explorer.
For a home system, what else could I automate? Not asking for scripts but ideas as I have no idea and scripting is fun. Thanks for reading
@garlin
1) Not powershell or batch-related but my answer file I injected into the ISO takes care of ALL things during the OS installation including the disk partitioning EXCEPT FOR the user account creation, that's the only exception
2) Post-install scripts:
1) Installing the necessary game launchers (STEAM, EA, Origin, Rockstar, EpicGames, GeforceNOW, GeforceExperience) IF it's a gaming PC (the scripts asks you yes or not, if you write yes then the next step will be the installation of them via Chocolatey)
2) Activates some software via my license key I bought
3) Turns on 128-bit file-sharing encryption
4) Installs a necessary NuGet Package Provider which will be needed for some scripts later
5) Force-Installs some PSModules I need for some scripts later
6) Pulls all the missing OS updates via WUS for the given OS, I build 1 image for Win10 and 1 image for Win11 so it'll be different depending on the OS
7) Installs Kaspersky Total Security silently via cmdprompt, it's a batch script
8) Creates a Scheduled Task for the Winget Update for all apps on my system that WinGet could possibly update, this will run 1x every Monday at 12PM; if it cannot, then it will be scheduled to run at the next opportunity. It updates those apps forcibly and silently
9) This powershell script enables BitLocker FVE with a default PIN I set inside the script, waits for 20 minutes (that's usually how long it takes for BitLocker to complete on my systems), then enters into a ForEach Loop during which it will check for the current encryption percentage 1x every 3 minutes, and once it finds the current encryption percentage is 100% it runs shutdown -s -t 0 /f rebooting my system forcibly with 0s downtime
9) About 8 months ago I wrote 2 GUI apps in Powershell, created the installer for them in InnoSetup, costumized it a little to check if the apps have already been installed prior and not been removed since, if the answer to that is no, then this script will inject 2 regkeys into the RunOnce reg hive and that will have my 2 apps start after I reboot the system and log on. One changes the BitLocker PIN, the other prompts to connect to my NAS, enter my credentials, then connect to it, queries all the available network shares on it then attempts to map all the network shares I can access as local drives in File Explorer, permanently, persistently by changing the DeferFlag reg key's value from 1 to 4, so if I reboot the system, those network shares will stay mapped as local drives in File Explorer.
For a home system, what else could I automate? Not asking for scripts but ideas as I have no idea and scripting is fun. Thanks for reading
@garlin
My Computer
System One
-
- OS
- Win11
