Update packer windows-update plugin

Update VMware Tools
2021-10-25 13:32:57 +02:00 · 2021-10-25 13:12:00 +02:00
72 changed files with 990 additions and 561 deletions
--- a/.drone.yml
+++ b/.drone.yml
@@ -16,51 +16,52 @@ steps:
  commands:
  - yamllint --version
  - packer --version
-  - ansible --version
+  - pwsh --version
  - ovftool --version
- name: Ubuntu Server 20.04
+- name: Windows 10
  image: bv11-cr01.bessems.eu/library/packer-extended
  pull: always
  commands:
  - sed -i -e "s/<<img-productkey>>/$${PRODUCTKEY}/" packer/preseed/Windows10/Autounattend.xml
  - |
-    sed -i -e "s/<<img-password>>/$${SSH_PASSWORD}/g" \
+    sed -i -e "s/<<img-password>>/$${WINRM_PASSWORD}/g" \
-      packer/preseed/UbuntuServer20.04/user-data
+      packer/preseed/Windows10/Autounattend.xml \
      packer/preseed/Windows10/Sysprep_Unattend.xml
  - |
-    yamllint -d "{extends: relaxed, rules: {line-length: disable}}" \
+    yamllint -d "{extends: relaxed, rules: {line-length: disable}}" scripts
      ansible \
      packer/preseed/UbuntuServer20.04/user-data \
      scripts
  - |
    packer init -upgrade \
      ./packer
  - |
    packer validate \
      -var vm_name=$DRONE_BUILD_NUMBER-${DRONE_COMMIT_SHA:0:10} \
-      -var vm_guestos=ubuntuserver20.04 \
+      -var vm_guestos=win10 \
      -var repo_username=$${REPO_USERNAME} \
      -var repo_password=$${REPO_PASSWORD} \
      -var vsphere_password=$${VSPHERE_PASSWORD} \
-      -var ssh_password=$${SSH_PASSWORD} \
+      -var winrm_password=$${WINRM_PASSWORD} \
      ./packer
  - |
    packer build \
-      -on-error=cleanup -timestamp-ui \
+      -on-error=cleanup \
      -var vm_name=$DRONE_BUILD_NUMBER-${DRONE_COMMIT_SHA:0:10} \
-      -var vm_guestos=ubuntuserver20.04 \
+      -var vm_guestos=win10 \
      -var repo_username=$${REPO_USERNAME} \
      -var repo_password=$${REPO_PASSWORD} \
      -var vsphere_password=$${VSPHERE_PASSWORD} \
-      -var ssh_password=$${SSH_PASSWORD} \
+      -var winrm_password=$${WINRM_PASSWORD} \
      ./packer
  environment:
    VSPHERE_PASSWORD:
      from_secret: vsphere_password
-    SSH_PASSWORD:
+    WINRM_PASSWORD:
-      from_secret: ssh_password
+      from_secret: winrm_password
    REPO_USERNAME:
      from_secret: repo_username
    REPO_PASSWORD:
      from_secret: repo_password
    PRODUCTKEY:
      from_secret: prodkey_win10
    # PACKER_LOG: 1
  volumes:
  - name: output
--- a/ansible/ansible.cfg
+++ b/ansible/ansible.cfg
@@ -1,3 +0,0 @@
 [defaults]
 deprecation_warnings = False
 remote_tmp           = /tmp/.ansible-${USER}/tmp
--- a/ansible/playbook.yml
+++ b/ansible/playbook.yml
@@ -1,7 +0,0 @@
 ---
 - hosts: all
  gather_facts: false
  become: true
  roles:
    - os
    - firstboot
--- a/ansible/roles/firstboot/files/ansible_payload/playbook.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/playbook.yml
@@ -1,10 +0,0 @@
 ---
 - hosts: 127.0.0.1
  connection: local
  gather_facts: false
  # become: true
  roles:
    - vapp
    - network
    - users
    - cleanup
--- a/ansible/roles/firstboot/files/ansible_payload/roles/cleanup/tasks/main.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/cleanup/tasks/main.yml
@@ -1,20 +0,0 @@
 - name: Disable crontab job
  ansible.builtin.cron:
    name: firstboot
    state: absent
 - name: Restore extra tty
  ansible.builtin.lineinfile:
    path: /etc/systemd/logind.conf
    regexp: "{{ item.regexp }}"
    line: "{{ item.line }}"
  loop:
  - { regexp: '^NAutoVTs=', line: '#NAutoVTs=6'}
  - { regexp: '^ReserveVT=', line: '#ReserveVT=6'}
 - name: Unmask getty@tty1 service
  ansible.builtin.systemd:
    name: getty@tty1
    enabled: yes
    masked: no
 - name: Reboot host
  ansible.builtin.shell:
    cmd: /usr/sbin/reboot now
--- a/ansible/roles/firstboot/files/ansible_payload/roles/network/tasks/main.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/network/tasks/main.yml
@@ -1,10 +0,0 @@
 - name: Set hostname
  ansible.builtin.hostname:
    name: "{{ ovfproperties['guestinfo.hostname'] }}"
 - name: Create netplan configuration file
  ansible.builtin.template:
    src: netplan.j2
    dest: /etc/netplan/00-installer-config.yaml
 - name: Apply netplan configuration
  ansible.builtin.shell:
    cmd: /usr/sbin/netplan apply
--- a/ansible/roles/firstboot/files/ansible_payload/roles/network/templates/netplan.j2
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/network/templates/netplan.j2
@@ -1,10 +0,0 @@
 network:
  version: 2
  ethernets:
    ens192:
      addresses:
      - {{ ovfproperties['guestinfo.ipaddress'] }}/{{ ovfproperties['guestinfo.prefixlength'] }}
      gateway4: {{ ovfproperties['guestinfo.gateway'] }}
      nameservers:
        addresses:
        - {{ ovfproperties['guestinfo.dnsserver'] }}
--- a/ansible/roles/firstboot/files/ansible_payload/roles/users/tasks/main.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/users/tasks/main.yml
@@ -1,25 +0,0 @@
 - name: Set root password
  ansible.builtin.user:
    name: root
    password: "{{ ovfproperties['guestinfo.rootpw'] | password_hash('sha512', 65534 | random(seed=ovfproperties['guestinfo.hostname']) | string) }}"
    generate_ssh_key: yes
    ssh_key_bits: 2048
    ssh_key_file: .ssh/id_rsa
 - name: Save root SSH publickey
  ansible.builtin.lineinfile:
    path: /root/.ssh/authorized_keys
    line: "{{ ovfproperties['guestinfo.rootsshkey'] }}"
 - name: Disable SSH password authentication
  ansible.builtin.lineinfile:
    path: /etc/ssh/sshd_config
    regex: "{{ item.regex }}"
    line: "{{ item.line }}"
    state: "{{ item.state }}"
  loop:
  - { regex: '$#PasswordAuthentication', line: 'PasswordAuthentication no', state: present}
  - { regex: '$PasswordAuthentication yes', line: 'PasswordAuthentication yes', state: absent}
 - name: Delete 'ubuntu' user
  ansible.builtin.user:
    name: ubuntu
    state: absent
    remove: yes
--- a/ansible/roles/firstboot/files/ansible_payload/roles/vapp/tasks/main.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/vapp/tasks/main.yml
@@ -1,21 +0,0 @@
 - name: Store current ovfEnvironment
  ansible.builtin.shell:
    cmd: /usr/bin/vmtoolsd --cmd "info-get guestinfo.ovfEnv"
  register: ovfenv
 - name: Parse XML for vApp properties
  community.general.xml:
    xmlstring: "{{ ovfenv.stdout }}"
    namespaces:
      ns: http://schemas.dmtf.org/ovf/environment/1
    xpath: /ns:Environment/ns:PropertySection/ns:Property
    content: attribute
  register: ovfenv
 - name: Assign vApp properties to dictionary
  ansible.builtin.set_fact:
    ovfproperties: >-
      {{ ovfproperties | default({}) |
      combine({((item.values() | list)[0].values() | list)[0]:
      ((item.values() | list)[0].values() | list)[1]})
      }}
  loop: "{{ ovfenv.matches }}"
  no_log: true
--- a/ansible/roles/firstboot/tasks/main.yml
+++ b/ansible/roles/firstboot/tasks/main.yml
@@ -1,26 +0,0 @@
 - name: Create destination folder
  ansible.builtin.file:
    path: /opt/firstboot
    state: directory
 - name: Create firstboot script file
  ansible.builtin.template:
    src: firstboot.j2
    dest: /opt/firstboot/firstboot.sh
    owner: root
    group: root
    mode: o+x
 - name: Create @reboot crontab job
  ansible.builtin.cron:
    name: firstboot
    special_time: reboot
    job: "/opt/firstboot/firstboot.sh"
 - name: Copy payload folder
  ansible.builtin.copy:
    src: ansible_payload/
    dest: /opt/firstboot/ansible/
    owner: root
    group: root
    mode: '0644'
 - name: Install ansible-galaxy collection
  ansible.builtin.shell:
    cmd: ansible-galaxy collection install community.general
--- a/ansible/roles/firstboot/templates/firstboot.j2
+++ b/ansible/roles/firstboot/templates/firstboot.j2
@@ -1,4 +0,0 @@
 #!/bin/bash
 # Apply firstboot configuration w/ ansible
 /usr/local/bin/ansible-playbook /opt/firstboot/ansible/playbook.yml | tee -a /var/log/firstboot.log > /dev/tty1
--- a/ansible/roles/os/tasks/ansible.yml
+++ b/ansible/roles/os/tasks/ansible.yml
@@ -1,6 +0,0 @@
 - name: Install ansible (w/ dependencies)
  ansible.builtin.pip:
    name: "{{ item }}"
    executable: pip3
    state: latest
  loop: "{{ pip_packages }}"
--- a/ansible/roles/os/tasks/cloud-init.yml
+++ b/ansible/roles/os/tasks/cloud-init.yml
@@ -1,12 +0,0 @@
 - name: Delete cloud-init package
  ansible.builtin.apt:
    name: cloud-init
    state: absent
    purge: yes
 - name: Delete cloud-init files
  ansible.builtin.file:
    path: "{{ item }}"
    state: absent
  loop:
    - /etc/cloud
    - /var/lib/cloud
--- a/ansible/roles/os/tasks/logging.yml
+++ b/ansible/roles/os/tasks/logging.yml
@@ -1,5 +0,0 @@
 - name: Enable crontab logging
  ansible.builtin.lineinfile:
    path: /etc/rsyslog.d/50-default.conf
    regexp: '^#cron\.\*.*'
    line: "cron.*\t\t\t\t./var/log/cron.log"
--- a/ansible/roles/os/tasks/main.yml
+++ b/ansible/roles/os/tasks/main.yml
@@ -1,20 +0,0 @@
 - name: Disable tty logins
  import_tasks: tty.yml
 - name: Remove snapd
  import_tasks: snapd.yml
 - name: Remove cloud-init
  import_tasks: cloud-init.yml
 - name: Configure default logging
  import_tasks: logging.yml
 - name: Configure services
  import_tasks: services.yml
 - name: Install packages
  import_tasks: packages.yml
 - name: Install ansible
  import_tasks: ansible.yml
--- a/ansible/roles/os/tasks/packages.yml
+++ b/ansible/roles/os/tasks/packages.yml
@@ -1,15 +0,0 @@
 - name: Install additional packages
  ansible.builtin.apt:
    name: "{{ item }}"
    state: latest
    update_cache: yes
  loop: "{{ packages }}"
 - name: Upgrade all packages
  ansible.builtin.apt:
    name: "*"
    state: latest
    update_cache: yes
 - name: Cleanup
  ansible.builtin.apt:
    autoremove: yes
    purge: yes
--- a/ansible/roles/os/tasks/services.yml
+++ b/ansible/roles/os/tasks/services.yml
@@ -1,5 +0,0 @@
 - name: Disable & mask networkd-wait-online
  ansible.builtin.systemd:
    name: systemd-networkd-wait-online
    enabled: no
    masked: yes
--- a/ansible/roles/os/tasks/snapd.yml
+++ b/ansible/roles/os/tasks/snapd.yml
@@ -1,16 +0,0 @@
 - name: Delete snapd package
  ansible.builtin.apt:
    name: snapd
    state: absent
    purge: yes
 - name: Delete leftover files
  ansible.builtin.file:
    path: /root/snap
    state: absent
 - name: Hold snapd package
  ansible.builtin.dpkg_selections:
    name: snapd
    selection: hold
 - name: Reload systemd unit configurations
  ansible.builtin.systemd:
    daemon_reload: yes
--- a/ansible/roles/os/tasks/tty.yml
+++ b/ansible/roles/os/tasks/tty.yml
@@ -1,13 +0,0 @@
 - name: Disable extra tty
  ansible.builtin.lineinfile:
    path: /etc/systemd/logind.conf
    regexp: "{{ item.regexp }}"
    line: "{{ item.line }}"
  loop:
  - { regexp: '^#NAutoVTs=', line: 'NAutoVTs=1'}
  - { regexp: '^#ReserveVT=', line: 'ReserveVT=11'}
 - name: Mask getty@tty1 service
  ansible.builtin.systemd:
    name: getty@tty1
    enabled: no
    masked: yes
--- a/ansible/roles/os/vars/main.yml
+++ b/ansible/roles/os/vars/main.yml
@@ -1,11 +0,0 @@
 packages:
  - jq
  # (python3-*) Dependency for installation of Ansible
  - python3-pip
  - python3-setuptools
  - python3-wheel
 pip_packages:
  - pip
  - ansible-core
  - lxml
--- a/inspec/Windows10IoTEnterprise/profile/controls/Win10/Disabled
+++ b/inspec/Windows10IoTEnterprise/profile/controls/Win10/Disabled
@@ -0,0 +1,16 @@
 script = <<-EOH
 $nic = get-netadapter
 Get-NetAdapterBinding –InterfaceAlias $nic.name –ComponentID ms_tcpip6
 EOH
 control "ipv6" do
    title 'Disabled network protocol IPv6'
    desc '
        This test assures that IPv6 is disabled
    '
    describe powershell(script) do
        its('stdout') { should match 'False' }
    end
 end
--- a/inspec/Windows10IoTEnterprise/profile/controls/Win10/Disabled
+++ b/inspec/Windows10IoTEnterprise/profile/controls/Win10/Disabled
@@ -0,0 +1,29 @@
 script = <<-EOH
  # Initialize variable to empty array
  $NonCompliantServices = @()
  # Specify relevant services
  $Services = @(
      "wuauserv",
      "W3SVC",
      "XboxGipSvc",
      "XblGameSave"
  )
  # Enumerate all services
  $NonCompliantServices += Get-Service $Services -ErrorAction 'SilentlyContinue' | Where-Object {$_.StartType -ne 'Disabled'}
  # Output; 'True' or list of noncompliant services
  Write-Output ($True, $NonCompliantServices)[!($NonCompliantServices.Count -eq 0)]
 EOH
 control "disabled_services" do
    title 'Disabled services'
    desc '
        This test assures that all unneeded services are set to "disabled".
    '
    describe powershell(script) do
        its('stdout') { should match 'True' }
    end
 end
--- a/inspec/Windows10IoTEnterprise/profile/controls/Win10/Single
+++ b/inspec/Windows10IoTEnterprise/profile/controls/Win10/Single
@@ -0,0 +1,29 @@
 script = <<-EOH
  # Initialize variable to empty array
  $LogicalDisks = @()
  # Enumerate all logicaldisks
  # DriveType:
  #  Unknown (0)
  #  No Root Directory (1)
  #  Removable Disk (2)
  #  Local Disk (3)
  #  Network Drive (4)
  #  Compact Disc (5)
  #  RAM Disk (6)
  $LogicalDisks += Get-WmiObject -Class 'win32_logicaldisk' -Filter 'DriveType=3'
  # Filter/Quantify
  ($LogicalDisks.Count -eq 1) -and (($LogicalDisks | Where-Object {$_.DeviceID -ne 'C:'}).Count -eq 0)
 EOH
 control "single_disk" do
    title 'Single Disk'
    desc '
        This test assures that only a single disk (C:) is available
    '
    describe powershell(script) do
        its('stdout') { should match 'True' }
    end
 end
--- a/inspec/Windows10IoTEnterprise/profile/controls/Win10/Software
+++ b/inspec/Windows10IoTEnterprise/profile/controls/Win10/Software
@@ -0,0 +1,54 @@
 control "software_installed-7zip" do
    title 'Included Default Applications: 7-Zip'
    desc '
        This test assures that the software application "7-Zip" is installed.
    '
    describe chocolatey_package('7zip.install') do
        it { should be_installed }
    end
 end
 # control "software_installed-dotnetfx" do
 #     title 'Included Default Applications: .NET'
 #     desc '
 #         This test assures that the software application ".NET" is installed.
 #     '
 #     describe chocolatey_package('dotnetfx') do
 #         it { should be_installed }
 #     end
 # end
 # control "software_installed-foxitreader" do
 #    title 'Included Default Applications: Foxit Reader'
 #    desc '
 #        This test assures that the software application "Foxit Reader" is installed.
 #    '
 #    describe chocolatey_package('foxitreader') do
 #        it { should be_installed }
 #    end
 # end
 # control "software_installed-notepadplusplus" do
 #     title 'Included Default Applications: Notepad++'
 #     desc '
 #         This test assures that the software application "Notepad++" is installed.
 #     '
 #     describe chocolatey_package('notepadplusplus') do
 #         it { should be_installed }
 #     end
 # end
 # control "software_installed-putty" do
 #     title 'Included Default Applications: Putty'
 #     desc '
 #         This test assures that the software application "PuTTy" is installed.
 #     '
 #     describe chocolatey_package('putty') do
 #         it { should be_installed }
 #     end
 # end
--- a/inspec/Windows10IoTEnterprise/profile/inspec.yml
+++ b/inspec/Windows10IoTEnterprise/profile/inspec.yml
@@ -0,0 +1,10 @@
 ---
 name: Windows 10 IoT Enterprise
 title: Windows 10 IoT Enterprise InSpec Tests
 summary: Unit test for Windows 10 IoT Enterprise
 version: 1.0.0
 maintainer: https://code.spamasaurus.com/djpbessems
 copyright: https://code.spamasaurus.com/djpbessems
 license: Proprietary
 supports:
  - platform-family: windows
--- a/packer/iso.auto.pkrvars.hcl
+++ b/packer/iso.auto.pkrvars.hcl
@@ -1,2 +0,0 @@
 iso_url      = "sn.itch.fyi/Repository/iso/Canonical/Ubuntu%20Server%2020.04/ubuntu-20.04.2-live-server-amd64.iso"
 iso_checksum = "sha256:D1F2BF834BBE9BB43FAF16F9BE992A6F3935E65BE0EDECE1DEE2AA6EB1767423"
--- a/packer/preseed/UbuntuServer20.04/meta-data
+++ b/packer/preseed/UbuntuServer20.04/meta-data
--- a/packer/preseed/UbuntuServer20.04/user-data
+++ b/packer/preseed/UbuntuServer20.04/user-data
@@ -1,27 +0,0 @@
 #cloud-config
 autoinstall:
  version: 1
  locale: en_US
  keyboard:
    layout: en
    variant: us
  network:
    network:
      version: 2
      ethernets:
        ens192:
          dhcp4: true
  storage:
    layout:
      name: lvm
  identity:
    hostname: packer-template
    username: ubuntu
    password: $6$rounds=4096$ZKfzRoaQOtc$M.fhOsI0gbLnJcCONXz/YkPfSoefP4i2/PQgzi2xHEi2x9CUhush.3VmYKL0XVr5JhoYvnLfFwqwR/1YYEqZy/
  ssh:
    install-server: yes
    allow-pw: true
  user-data:
    disable_root: false
  late-commands:
    - echo 'ubuntu ALL=(ALL) NOPASSWD:ALL' > /target/etc/sudoers.d/ubuntu
--- a/packer/preseed/Windows10/Autounattend.xml
+++ b/packer/preseed/Windows10/Autounattend.xml
@@ -0,0 +1,159 @@
 <?xml version="1.0" encoding="utf-8"?>
 <unattend xmlns="urn:schemas-microsoft-com:unattend">
    <servicing/>
    <settings pass="windowsPE">
        <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
            <DiskConfiguration>
                <Disk wcm:action="add">
                    <CreatePartitions>
                        <CreatePartition wcm:action="add">
                            <Order>1</Order>
                            <Type>Primary</Type>
                            <Extend>true</Extend>
                        </CreatePartition>
                    </CreatePartitions>
                    <ModifyPartitions>
                        <ModifyPartition wcm:action="add">
                            <Extend>false</Extend>
                            <Format>NTFS</Format>
                            <Letter>C</Letter>
                            <Order>1</Order>
                            <PartitionID>1</PartitionID>
                            <Label>Windows 10</Label>
                        </ModifyPartition>
                    </ModifyPartitions>
                    <DiskID>0</DiskID>
                    <WillWipeDisk>true</WillWipeDisk>
                </Disk>
                <WillShowUI>OnError</WillShowUI>
            </DiskConfiguration>
            <UserData>
                <AcceptEula>true</AcceptEula>
                <!-- <FullName>Spamasaurus Rex</FullName>
                <Organization>Spamasaurus Rex</Organization> -->
                <ProductKey>
                    <Key><<img-productkey>></Key>
                    <WillShowUI>Never</WillShowUI>
                </ProductKey>
            </UserData>
            <ImageInstall>
                <OSImage>
                    <InstallTo>
                        <DiskID>0</DiskID>
                        <PartitionID>1</PartitionID>
                    </InstallTo>
                    <WillShowUI>OnError</WillShowUI>
                    <InstallToAvailablePartition>false</InstallToAvailablePartition>
                    <InstallFrom>
                        <MetaData wcm:action="add">
                            <Key>/IMAGE/INDEX</Key>
                            <Value>3</Value>
                        </MetaData>
                    </InstallFrom>
                </OSImage>
            </ImageInstall>
        </component>
        <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
            <SetupUILanguage>
                <UILanguage>en-US</UILanguage>
            </SetupUILanguage>
            <InputLocale>en-US</InputLocale>
            <SystemLocale>en-US</SystemLocale>
            <UILanguage>en-US</UILanguage>
            <UILanguageFallback>en-US</UILanguageFallback>
            <UserLocale>en-US</UserLocale>
        </component>
    </settings>
    <settings pass="offlineServicing">
        <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
            <EnableLUA>false</EnableLUA>
        </component>
    </settings>
    <settings pass="oobeSystem">
        <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <InputLocale>en-US</InputLocale>
            <SystemLocale>en-US</SystemLocale>
            <UILanguage>en-US</UILanguage>
            <UserLocale>en-US</UserLocale>
        </component>
        <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
            <UserAccounts>
                <AdministratorPassword>
                    <Value><<img-password>></Value>
                    <PlainText>true</PlainText>
                </AdministratorPassword>
            </UserAccounts>
            <OOBE>
                <HideEULAPage>true</HideEULAPage>
                <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
                <NetworkLocation>Home</NetworkLocation>
                <ProtectYourPC>1</ProtectYourPC>
            </OOBE>
            <AutoLogon>
                <Password>
                    <Value><<img-password>></Value>
                    <PlainText>true</PlainText>
                </Password>
                <Username>administrator</Username>
                <Enabled>true</Enabled>
            </AutoLogon>
            <FirstLogonCommands>
                <SynchronousCommand wcm:action="add">
                    <CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
                    <Description>Set execution policy 64bit</Description>
                    <Order>1</Order>
                    <RequiresUserInput>true</RequiresUserInput>
                </SynchronousCommand>
                <SynchronousCommand wcm:action="add">
                    <CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
                    <Description>Set execution policy 32bit</Description>
                    <Order>2</Order>
                    <RequiresUserInput>true</RequiresUserInput>
                </SynchronousCommand>
                <SynchronousCommand wcm:action="add">
                    <CommandLine>cmd.exe /c reg add "HKLM\System\CurrentControlSet\Control\Network\NewNetworkWindowOff"</CommandLine>
                    <Description>Disable new network prompt</Description>
                    <Order>3</Order>
                    <RequiresUserInput>true</RequiresUserInput>
                </SynchronousCommand>
                <SynchronousCommand wcm:action="add">
                    <CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\Set-NetworkProfile.ps1</CommandLine>
                    <Description>Set network profile to private</Description>
                    <Order>4</Order>
                    <RequiresUserInput>true</RequiresUserInput>
                </SynchronousCommand>
                <SynchronousCommand wcm:action="add">
                    <CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\Disable-WinRM.ps1</CommandLine>
                    <Description>Disable WinRM</Description>
                    <Order>5</Order>
                    <RequiresUserInput>true</RequiresUserInput>
                </SynchronousCommand>
                <SynchronousCommand wcm:action="add">
                    <CommandLine>cmd.exe /c a:\Install-VMwareTools.cmd</CommandLine>
                    <Order>13</Order>
                    <Description>Install VMware Tools</Description>
                </SynchronousCommand>
                <SynchronousCommand wcm:action="add">
                    <CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\Enable-WinRM.ps1</CommandLine>
                    <Description>Enable WinRM</Description>
                    <Order>99</Order>
                </SynchronousCommand>
            </FirstLogonCommands>
            <ShowWindowsLive>false</ShowWindowsLive>
        </component>
    </settings>
    <settings pass="specialize">
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
            <OEMInformation>
                <HelpCustomized>false</HelpCustomized>
            </OEMInformation>
            <!-- Rename computer here. -->
            <ComputerName>packer-template</ComputerName>
            <TimeZone>W. Europe Standard Time</TimeZone>
            <RegisteredOwner/>
        </component>
        <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
            <SkipAutoActivation>true</SkipAutoActivation>
        </component>
    </settings>
 </unattend>
--- a/packer/preseed/Windows10/Sysprep_Unattend.xml
+++ b/packer/preseed/Windows10/Sysprep_Unattend.xml
@@ -0,0 +1,42 @@
 <?xml version="1.0" encoding="utf-8"?>
 <unattend xmlns="urn:schemas-microsoft-com:unattend">
    <settings pass="generalize">
        <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <SkipRearm>1</SkipRearm>
        </component>
        <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
            <DoNotCleanUpNonPresentDevices>true</DoNotCleanUpNonPresentDevices>
        </component>
    </settings>
    <settings pass="oobeSystem">
        <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <InputLocale>en-US</InputLocale>
            <SystemLocale>en-US</SystemLocale>
            <UILanguage>en-US</UILanguage>
            <UserLocale>en-US</UserLocale>
        </component>
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <OOBE>
                <HideEULAPage>true</HideEULAPage>
                <HideLocalAccountScreen>true</HideLocalAccountScreen>
                <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
                <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
                <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
                <NetworkLocation>Work</NetworkLocation>
                <ProtectYourPC>1</ProtectYourPC>
                <SkipMachineOOBE>true</SkipMachineOOBE>
                <SkipUserOOBE>true</SkipUserOOBE>
            </OOBE>
            <TimeZone>UTC</TimeZone>
            <UserAccounts>
                <AdministratorPassword>
                    <Value><<img-password>></Value>
                    <PlainText>true</PlainText>
                </AdministratorPassword>
            </UserAccounts>
        </component>
    </settings>
    <settings pass="specialize">
    </settings>
 </unattend>
--- a/packer/ubuntuserver20.04.pkr.hcl
+++ b/packer/ubuntuserver20.04.pkr.hcl
@@ -1,94 +0,0 @@
 packer {
  required_plugins {
  }
 }
 source "vsphere-iso" "ubuntuserver" {
  vcenter_server          = var.vcenter_server
  username                = var.vsphere_username
  password                = var.vsphere_password
  insecure_connection     = "true"
  vm_name                 = "${var.vm_guestos}-${var.vm_name}"
  datacenter              = var.vsphere_datacenter
  host                    = var.vsphere_host
  folder                  = var.vsphere_folder
  datastore               = var.vsphere_datastore
  guest_os_type           = "ubuntu64Guest"
  boot_order              = "disk,cdrom"
  boot_command            = [
    "<enter><wait2><enter><wait><f6><esc><wait>",
    " autoinstall<wait2> ds=nocloud;",
    "<wait><enter>"
  ]
  boot_wait               = "2s"
  communicator            = "ssh"
  ssh_username            = "ubuntu"
  ssh_password            = var.ssh_password
  ssh_timeout             = "20m"
  ssh_handshake_attempts  = "100"
  ssh_pty                 = true
  CPUs                    = 2
  RAM                     = 4096
  network_adapters {
    network               = var.vsphere_network
    network_card          = "vmxnet3"
  }
  storage {
    disk_size             = 20480
    disk_thin_provisioned = true
  }
  disk_controller_type    = ["pvscsi"]
  usb_controller          = ["xhci"]
  cd_files                = [
    "packer/preseed/UbuntuServer20.04/user-data",
    "packer/preseed/UbuntuServer20.04/meta-data"
  ]
  cd_label                = "cidata"
  iso_url                 = local.iso_authenticatedurl
  iso_checksum            = var.iso_checksum
  shutdown_command        = "echo '${var.ssh_password}' | sudo -S shutdown -P now"
  shutdown_timeout        = "5m"
  export {
    images                = false
    output_directory      = "/scratch/ubuntuserver"
  }
  remove_cdrom            = true
 }
 build {
  sources = ["source.vsphere-iso.ubuntuserver"]
  provisioner "ansible" {
    playbook_file    = "ansible/playbook.yml"
    user             = "ubuntu"
    ansible_env_vars = [
      "ANSIBLE_CONFIG=ansible/ansible.cfg"
    ]
    use_proxy        = "false"
    extra_arguments  = [
      "--extra-vars", "ansible_ssh_pass=${var.ssh_password}"
    ]
  }
  post-processor "shell-local" {
    inline = [
      "pwsh -command \"& scripts/Update-OvfConfiguration.ps1 \\",
      " -OVFFile '/scratch/ubuntuserver/${var.vm_guestos}-${var.vm_name}.ovf' \\",
      " -Parameter @{'appliance.name'='${var.vm_guestos}';'appliance.version'='${var.vm_name}'}\"",
      "pwsh -file scripts/Update-Manifest.ps1 \\",
      " -ManifestFileName '/scratch/ubuntuserver/${var.vm_guestos}-${var.vm_name}.mf'",
      "ovftool --acceptAllEulas --allowExtraConfig --overwrite \\",
      " '/scratch/ubuntuserver/${var.vm_guestos}-${var.vm_name}.ovf' \\",
      " /output/Ubuntu-Server-20.04.ova"
    ]
  }
 }
--- a/packer/variables.pkr.hcl
+++ b/packer/variables.pkr.hcl
@@ -1,8 +1,6 @@
 variable "vcenter_server" {}
 variable "vsphere_username" {}
-variable "vsphere_password" {
+variable "vsphere_password" {}
    sensitive = true
 }
 variable "vsphere_host" {}
 variable "vsphere_datacenter" {}
@@ -14,17 +12,7 @@ variable "vsphere_network" {}
 variable "vm_name" {}
 variable "vm_guestos" {}
-variable "ssh_password" {
+variable "winrm_password" {}
    sensitive = true
 }
 variable "iso_url" {}
 variable "iso_checksum" {}
 variable "repo_username" {}
-variable "repo_password" {
+variable "repo_password" {}
    sensitive = true
 }
 local "iso_authenticatedurl" {
    expression = "https://${var.repo_username}:${var.repo_password}@${var.iso_url}"
    sensitive  = true
 }
--- a/packer/windows10.pkr.hcl
+++ b/packer/windows10.pkr.hcl
@@ -0,0 +1,133 @@
 packer {
  required_plugins {
    windows-update = {
      version = ">= 0.14.0"
      source  = "github.com/rgl/windows-update"
    }
  }
 }
 source "vsphere-iso" "win10" {
  vcenter_server          = var.vcenter_server
  username                = var.vsphere_username
  password                = var.vsphere_password
  insecure_connection     = "true"
  vm_name                 = "${var.vm_guestos}-${var.vm_name}"
  datacenter              = var.vsphere_datacenter
  host                    = var.vsphere_host
  folder                  = var.vsphere_folder
  datastore               = var.vsphere_datastore
  guest_os_type           = "windows9_64Guest"
  boot_order              = "disk,cdrom"
  boot_command            = [""]
  boot_wait               = "5m"
  communicator            = "winrm"
  winrm_username          = "administrator"
  winrm_password          = var.winrm_password
  winrm_timeout           = "10m"
  CPUs                    = 2
  RAM                     = 8192
  network_adapters {
    network               = var.vsphere_network
    network_card          = "vmxnet3"
  }
  storage {
    disk_size             = 20480
    disk_thin_provisioned = true
  }
  disk_controller_type    = ["lsilogic-sas"]
  usb_controller          = ["xhci"]
  floppy_files            = [
    "packer/preseed/Windows10/Autounattend.xml",
    "packer/preseed/Windows10/Sysprep_Unattend.xml",
    "scripts/Set-NetworkProfile.ps1",
    "scripts/Disable-WinRM.ps1",
    "scripts/Enable-WinRM.ps1",
    "scripts/Install-VMwareTools.cmd"
  ]
  iso_checksum            = "sha256:8D1663B71280533824CF95C7AB48ADAF5A187C38FCFF5B16A569F903688916D0"
  iso_paths               = [
    "ISO-files/VMware-tools-windows-11.3.5-18557794/VMware-tools-windows-11.3.5-18557794.iso"
  ]
  iso_url                 = "https://${var.repo_username}:${var.repo_password}@sn.itch.fyi/Repository/iso/Microsoft/Windows%2010/20H2/en_windows_10_enterprise_20H2_x64.iso"
  shutdown_command        = "C:\\Windows\\System32\\Sysprep\\sysprep.exe /generalize /oobe /unattend:A:\\Sysprep_Unattend.xml"
  shutdown_timeout        = "1h"
  export {
    images                = false
    output_directory      = "/scratch/win10"
  }
  remove_cdrom            = true
 }
 build {
  sources = ["source.vsphere-iso.win10"]
  provisioner "windows-update" {
    filters = [
      "exclude:$_.Title -like '*Preview*'",
      "include:$true"
    ]
  }
  provisioner "powershell" {
    inline = [
      "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12",
      "Invoke-Expression ((New-Object Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))"
    ]
  }
  provisioner "powershell" {
    inline = [
      "choco config set --name=limit-output --value=LimitOutput",
      "choco install -y 7zip.install",
      "choco install -y sysinternals",
      "choco install -y firefox"
    ]
  }
  provisioner "windows-update" {
    filters = [
      "exclude:$_.Title -like '*Preview*'",
      "include:$true"
    ]
  }
  provisioner "powershell" {
    inline = [
      "New-Item -Path 'C:\\Payload\\Scripts' -ItemType 'Directory' -Force:$True -Confirm:$False"
    ]
  }
  provisioner "file" {
    destination = "C:\\Payload\\"
    source      = "scripts/Windows10/payload/"
  }
  provisioner "powershell" {
    scripts = [
      "scripts/Windows10/Register-ScheduledTask.ps1"
    ]
  }
  post-processor "shell-local" {
    inline = [
      "pwsh -command \"& scripts/Update-OvfConfiguration.ps1 \\",
      " -OVFFile '/scratch/win10/${var.vm_guestos}-${var.vm_name}.ovf' \\",
      " -Parameter @{'appliance.name'='${var.vm_guestos}';'appliance.version'='${var.vm_name}'}\"",
      "pwsh -file scripts/Update-Manifest.ps1 \\",
      " -ManifestFileName '/scratch/win10/${var.vm_guestos}-${var.vm_name}.mf'",
      "ovftool --acceptAllEulas --allowExtraConfig --overwrite \\",
      " '/scratch/win10/${var.vm_guestos}-${var.vm_name}.ovf' \\",
      " /output/Windows10.ova"
    ]
  }
 }
--- a/scripts/Disable-WinRM.ps1
+++ b/scripts/Disable-WinRM.ps1
@@ -0,0 +1,8 @@
 netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new enable=yes action=block
 netsh advfirewall firewall set rule group="Windows Remote Management" new enable=yes
 $winrmService = Get-Service -Name WinRM
 if ($winrmService.Status -eq "Running"){
    Disable-PSRemoting -Force
 }
 Stop-Service winrm
 Set-Service -Name winrm -StartupType Disabled
--- a/scripts/Enable-WinRM.ps1
+++ b/scripts/Enable-WinRM.ps1
@@ -0,0 +1,18 @@
 $NetworkListManager = [Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]"{DCB00C01-570F-4A9B-8D69-199FDBA5723B}"))
 $Connections = $NetworkListManager.GetNetworkConnections()
 $Connections | ForEach-Object { $_.GetNetwork().SetCategory(1) }
 Enable-PSRemoting -Force
 winrm quickconfig -q
 winrm quickconfig -transport:http
 winrm set winrm/config '@{MaxTimeoutms="1800000"}'
 winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="800"}'
 winrm set winrm/config/service '@{AllowUnencrypted="true"}'
 winrm set winrm/config/service/auth '@{Basic="true"}'
 winrm set winrm/config/client/auth '@{Basic="true"}'
 winrm set winrm/config/listener?Address=*+Transport=HTTP '@{Port="5985"}'
 netsh advfirewall firewall set rule group="Windows Remote Administration" new enable=yes
 netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new enable=yes action=allow
 netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" profile=public new remoteip=any
 Set-Service winrm -startuptype "auto"
 Restart-Service winrm
--- a/scripts/Install-VMwareTools.cmd
+++ b/scripts/Install-VMwareTools.cmd
@@ -0,0 +1,2 @@
@rem Silent mode, basic UI, no reboot
 e:\setup64 /s /v "/qb REBOOT=R"
--- a/scripts/MVMC/BlockList.xml
+++ b/scripts/MVMC/BlockList.xml
@@ -0,0 +1,73 @@
 <?xml version="1.0"  encoding="utf-8" ?>
 <BlockList>
    <!-- services to disable -->
    <Services>
 		<Name>MVMCP2VAgent</Name>
 		<Name>VMTools</Name>
 		<Name> VMUpgradeHelper </Name>
 		<Name> vmvss </Name>
        <Name>vmdesched</Name>
        <Name>Virtual Server</Name>
        <!-- Virtual Machine Helper -->
        <Name>vmh</Name>
        <!-- Xen-specific service -->
        <Name>xensvc</Name>
    </Services>
    <!-- drivers to disable -->
    <Drivers>
        <Name>vmx_svga</Name>
        <Name>vmmouse</Name>
        <Name>vmscsi</Name>
        <Name>amdpcn</Name>
        <Name>PCnet</Name>
        <Name>VMMEMCTL</Name>
        <Name> pvscsi </Name>
        <Name> vmci </Name>
        <Name> vmmouse </Name>
        <Name> vmaudio </Name>
        <Name> vmrawdsk </Name>
        <Name> vmxnet </Name>
        <Name> vmxnet3ndis6 </Name>
        <Name> vm3dmp </Name>
        <Name> vmdebug </Name>
        <Name> vmxnet3ndis5 </Name>
        <Name>cirrus</Name>
        <!-- storage drivers -->
        <Name>buslogic</Name>
        <Name>symc810</Name>
        <Name>cpqarray</Name>
        <Name>pcntn4m</Name>
        <Name>cpqnf3</Name>
        <Name>MRaidNT</Name>
        <Name>Symc8XX</Name>
        <!-- VIA chipset drivers -->
        <Name>viaide</Name>
        <Name>VIAudio</Name>
        <Name>VIAPFD</Name>
        <Name>viafilter</Name>
        <Name>viaagp</Name>
        <Name>viaagp1</Name>
        <!-- network drivers: Intel(R) PRO/100 -->
        <Name>E100B</Name>
        <!-- tape drivers -->
        <Name>4mmdat</Name>
        <Name>4mmdat-SeSFT</Name>
        <Name>SCSIChanger</Name>
        <!-- Virtual Machine Monitor -->
        <Name>vmm</Name>
        <!-- Xen-specific drivers -->
        <Name>xenevtchn</Name>
        <Name>xenvbd</Name>
        <Name>xennet</Name>
    </Drivers>
    <Programs>
        <Name>ProMON</Name>
        <Name>s3tray2</Name>
        <Name>VMwareTray</Name>
        <Name>VMwareUser</Name>
    </Programs>
 </BlockList>
--- a/scripts/MVMC/Microsoft.Accelerators.Framework.Core.dll
+++ b/scripts/MVMC/Microsoft.Accelerators.Framework.Core.dll
--- a/scripts/MVMC/Microsoft.Accelerators.Framework.dll
+++ b/scripts/MVMC/Microsoft.Accelerators.Framework.dll
--- a/scripts/MVMC/Microsoft.Accelerators.Mvmc.Engine.dll
+++ b/scripts/MVMC/Microsoft.Accelerators.Mvmc.Engine.dll
--- a/scripts/MVMC/Microsoft.Accelerators.Mvmc.ScxSshCommon.dll
+++ b/scripts/MVMC/Microsoft.Accelerators.Mvmc.ScxSshCommon.dll
--- a/scripts/MVMC/Microsoft.Accelerators.Mvmc.ScxSshWrapper_x64.dll
+++ b/scripts/MVMC/Microsoft.Accelerators.Mvmc.ScxSshWrapper_x64.dll
--- a/scripts/MVMC/Microsoft.Accelerators.Mvmc.ScxSshWrapper_x86.dll
+++ b/scripts/MVMC/Microsoft.Accelerators.Mvmc.ScxSshWrapper_x86.dll
--- a/scripts/MVMC/Microsoft.Practices.ServiceLocation.dll
+++ b/scripts/MVMC/Microsoft.Practices.ServiceLocation.dll
--- a/scripts/MVMC/Microsoft.Practices.Unity.dll
+++ b/scripts/MVMC/Microsoft.Practices.Unity.dll
--- a/scripts/MVMC/Microsoft.Samples.WindowsAzure.ServiceManagement.dll
+++ b/scripts/MVMC/Microsoft.Samples.WindowsAzure.ServiceManagement.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Management.CloudService.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Management.CloudService.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Management.ConsoleAppUtils.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Management.ConsoleAppUtils.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Management.Service.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Management.Service.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Management.ServiceBus.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Management.ServiceBus.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Management.ServiceManagement.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Management.ServiceManagement.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Management.SqlDatabase.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Management.SqlDatabase.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Management.Sync.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Management.Sync.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Management.Tools.Vhd.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Management.Tools.Vhd.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Management.Websites.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Management.Websites.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Management.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Management.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Storage.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Storage.dll
--- a/scripts/MVMC/MvmcCmdlet.dll
+++ b/scripts/MVMC/MvmcCmdlet.dll
--- a/scripts/MVMC/MvmcCmdlet.psd1
+++ b/scripts/MVMC/MvmcCmdlet.psd1
--- a/scripts/MVMC/Sshlib_x64.dll
+++ b/scripts/MVMC/Sshlib_x64.dll
--- a/scripts/MVMC/Sshlib_x86.dll
+++ b/scripts/MVMC/Sshlib_x86.dll
--- a/scripts/MVMC/System.Reactive.Core.dll
+++ b/scripts/MVMC/System.Reactive.Core.dll
--- a/scripts/MVMC/System.Reactive.Interfaces.dll
+++ b/scripts/MVMC/System.Reactive.Interfaces.dll
--- a/scripts/MVMC/System.Reactive.Linq.dll
+++ b/scripts/MVMC/System.Reactive.Linq.dll
--- a/scripts/MVMC/System.Reactive.PlatformServices.dll
+++ b/scripts/MVMC/System.Reactive.PlatformServices.dll
--- a/scripts/MVMC/System.Reactive.Providers.dll
+++ b/scripts/MVMC/System.Reactive.Providers.dll
--- a/scripts/MVMC/System.Reactive.Windows.Threading.dll
+++ b/scripts/MVMC/System.Reactive.Windows.Threading.dll
--- a/scripts/Set-NetworkProfile.ps1
+++ b/scripts/Set-NetworkProfile.ps1
@@ -0,0 +1,23 @@
 # You cannot enable Windows PowerShell Remoting on network connections that are set to Public
 # Spin through all the network locations and if they are set to Public, set them to Private
 # using the INetwork interface:
 # http://msdn.microsoft.com/en-us/library/windows/desktop/aa370750(v=vs.85).aspx
 # For more info, see:
 # http://blogs.msdn.com/b/powershell/archive/2009/04/03/setting-network-location-to-private.aspx
 # Network location feature was only introduced in Windows Vista - no need to bother with this
 # if the operating system is older than Vista
 if([environment]::OSVersion.version.Major -lt 6) { return }
 # You cannot change the network location if you are joined to a domain, so abort
 if(1,3,4,5 -contains (Get-WmiObject win32_computersystem).DomainRole) { return }
 # Get network connections
 $networkListManager = [Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]"{DCB00C01-570F-4A9B-8D69-199FDBA5723B}"))
 $connections = $networkListManager.GetNetworkConnections()
 $connections |foreach {
 	Write-Host $_.GetNetwork().GetName()"category was previously set to"$_.GetNetwork().GetCategory()
 	$_.GetNetwork().SetCategory(1)
 	Write-Host $_.GetNetwork().GetName()"changed to category"$_.GetNetwork().GetCategory()
 }
--- a/scripts/Update-OvfConfiguration.ps1
+++ b/scripts/Update-OvfConfiguration.ps1
@@ -47,77 +47,7 @@ $GetContentSplat = @{
 }
 $XML = [xml](Get-Content @GetContentSplat)
 $NS = [System.Xml.XmlNamespaceManager]$XML.NameTable
-[void]$NS.AddNamespace('ns', $XML.DocumentElement.xmlns)
+[void]$NS.AddNamespace('Any', $XML.DocumentElement.xmlns)
 [void]$NS.AddNamespace('ovf', $XML.DocumentElement.ovf)
 [void]$NS.AddNamespace('rasd', $XML.DocumentElement.rasd)
 [void]$NS.AddNamespace('vmw', $XML.DocumentElement.vmw)
 # Create copy of existing 'Item/ResourceType'=17 (=Hard disk) node
 $XMLDiskTemplate = $XML.SelectSingleNode("//ns:VirtualHardwareSection/ns:Item/rasd:ResourceType[.='17']", $NS).ParentNode.CloneNode($True)
 ForEach ($Disk in $OVFConfig.DynamicDisks) {
    # Determine next free available 'diskId'
    $XMLDisks = $XML.SelectNodes("//ns:DiskSection/ns:Disk[contains(@ovf:diskId,'vmdisk')]", $NS)
    $DiskId = 1
    While ($XMLDisks.DiskId -contains "vmdisk$($DiskId)") {
        $DiskId++
    }
    # Add new 'Disk' node (under 'DiskSection')
    $XMLDisk = $XML.CreateElement('Disk', $XML.DocumentElement.xmlns)
    $PowersMap = @{
        KB = 10
        MB = 20
        GB = 30
        TB = 40
        PB = 50
    }
    If ($PowersMap.Keys -notcontains $Disk.UnitSize) {
        # Invalid UnitSize; skipping adding new disk
        Continue
    }
    [void]$XMLDisk.SetAttribute('capacityAllocationUnits', $NS.LookupNamespace('ovf'), "byte * 2^$($PowersMap[$Disk.UnitSize])")
    [void]$XMLDisk.SetAttribute('format', $NS.LookupNamespace('ovf'), 'http://www.vmware.com/interfaces/specifications/vmdk.html#streamOptimized')
    [void]$XMLDisk.SetAttribute('diskId', $NS.LookupNamespace('ovf'), "vmdisk$($DiskId)")
    [void]$XMLDisk.SetAttribute('capacity', $NS.LookupNamespace('ovf'), '${{vmconfig.disksize.{0}}}' -f $DiskId)
    [void]$XMLDisk.SetAttribute('populatedSize', $NS.LookupNamespace('ovf'), 0)
    [void]$XML.SelectSingleNode('//ns:DiskSection', $NS).AppendChild($XMLDisk)
    # Add new 'Item/ResourceType' node (under 'VirtualHardwareSection')
    $XMLDiskItem = $XMLDiskTemplate.CloneNode($True)
    $XMLDiskItem.SelectSingleNode('rasd:AddressOnParent', $NS).InnerText = ($DiskId - 1)
    $XMLDiskItem.SelectSingleNode('rasd:ElementName', $NS).InnerText = "Hard Disk $($DiskId)"
    $XMLDiskItem.SelectSingleNode('rasd:HostResource', $NS).InnerText = "ovf:/disk/vmdisk$($DiskId)"
    # Determine next free available and highest 'InstanceID'
    $InstanceIDs = $XML.SelectNodes('//ns:VirtualHardwareSection/ns:Item/rasd:InstanceID', $NS).InnerText
    $InstanceID = 1
    While ($InstanceIDs -contains $InstanceID) {
        $InstanceID++
    }
    $HighestInstanceID = ($InstanceIDs | Measure-Object -Maximum).Maximum
    $XMLDiskItem.SelectSingleNode('rasd:InstanceID', $NS).InnerText = $InstanceID
    [void]$XML.SelectSingleNode('//ns:VirtualHardwareSection', $NS).InsertAfter(
        $XMLDiskItem,
        $XML.SelectSingleNode("//ns:VirtualHardwareSection/ns:Item/rasd:InstanceID[.='$($HighestInstanceID)']", $NS).ParentNode
    )
    $OVFConfig.PropertyCategories[0].ProductProperties += @{
        Key              = "vmconfig.disksize.$($DiskId)"
        Type             = If ([boolean]$Disk.Constraints.Minimum -or [boolean]$Disk.Constraints.Maximum) {
                "Int($($Disk.Constraints.Minimum)..$($Disk.Constraints.Maximum))"
            }
            Else {
                'Int'
            }
        Label            = "Disk $($DiskId) size*"
        Description      = "$($Disk.Description) (in $($Disk.UnitSize))".Trim()
        DefaultValue     = "$($Disk.Constraints.Minimum)"
        Configurations   = '*'
        UserConfigurable = 'true'
    }
 }
 Write-Host "Inserted $($OVFConfig.DynamicDisks.Count) new node(s) into 'DiskSection' and 'VirtualHardwareSection' respectively"
 If ($OVFConfig.DeploymentConfigurations.Count -gt 0) {
    $XMLSection = $XML.CreateElement('DeploymentOptionSection', $XML.DocumentElement.xmlns)
@@ -128,72 +58,52 @@ If ($OVFConfig.DeploymentConfigurations.Count -gt 0) {
    ForEach ($Configuration in $OVFConfig.DeploymentConfigurations) {
        $XMLConfig = $XML.CreateElement('Configuration', $XML.DocumentElement.xmlns)
-        [void]$XMLConfig.SetAttribute('id', $NS.LookupNamespace('ovf'), $Configuration.Id)
+        $XMLConfigAttrId = $XML.CreateAttribute('id', $XML.DocumentElement.ovf)
        $XMLConfigAttrId.Value = $Configuration.Id
        $XMLConfigLabel = $XML.CreateElement('Label', $XML.DocumentElement.xmlns)
        $XMLConfigLabel.InnerText = $Configuration.Label
        $XMLConfigDescription = $XML.CreateElement('Description', $XML.DocumentElement.xmlns)
        $XMLConfigDescription.InnerText = $Configuration.Description
        [void]$XMLConfig.Attributes.Append($XMLConfigAttrId)
        [void]$XMLConfig.AppendChild($XMLConfigLabel)
        [void]$XMLConfig.AppendChild($XMLConfigDescription)
        [void]$XMLSection.AppendChild($XMLConfig)
    }
-    [void]$XML.SelectSingleNode('//ns:Envelope', $NS).InsertAfter($XMLSection, $XML.SelectSingleNode('//ns:NetworkSection', $NS))
+    [void]$XML.SelectSingleNode('//Any:Envelope', $NS).InsertAfter($XMLSection, $XML.SelectSingleNode('//Any:NetworkSection', $NS))
    Write-Host "Inserted 'DeploymentOptionSection' with $($Configuration.Count) nodes"
    If ($OVFConfig.DeploymentConfigurations.Count -eq $OVFConfig.DeploymentConfigurations.Size.Count) {
        # Create copies of existing 'Item/ResourceType' nodes
        $XMLCPUTemplate = $XML.SelectSingleNode("//ns:VirtualHardwareSection/ns:Item/rasd:ResourceType[.='3']", $NS).ParentNode.CloneNode($True)
        $XMLMemoryTemplate = $XML.SelectSingleNode("//ns:VirtualHardwareSection/ns:Item/rasd:ResourceType[.='4']", $NS).ParentNode.CloneNode($True)
        # Delete existing nodes
        ForEach ($Node in $XML.SelectNodes("//ns:VirtualHardwareSection/ns:Item/rasd:ResourceType[.='3' or .='4']", $NS).ParentNode) {
            [void]$Node.ParentNode.RemoveChild($Node)
        }
        # Add adjusted 'Item/ResourceType' nodes
        ForEach ($Configuration in $OVFConfig.DeploymentConfigurations) {
            $XMLCPU = $XMLCPUTemplate.CloneNode($True)
            [void]$XMLCPU.SetAttribute('configuration', $NS.LookupNamespace('ovf'), $Configuration.Id)
            $XMLCPU.SelectSingleNode('rasd:ElementName', $NS).InnerText = '{0} virtual CPU(s)' -f $Configuration.Size.CPU
            $XMLCPU.SelectSingleNode('rasd:VirtualQuantity', $NS).InnerText = $Configuration.Size.CPU
            $XMLMemory = $XMLMemoryTemplate.CloneNode($True)
            [void]$XMLMemory.SetAttribute('configuration', $NS.LookupNamespace('ovf'), $Configuration.Id)
            $XMLMemory.SelectSingleNode('rasd:ElementName', $NS).InnerText = '{0}MB of memory' -f $Configuration.Size.Memory
            $XMLMemory.SelectSingleNode('rasd:VirtualQuantity', $NS).InnerText = $Configuration.Size.Memory
            [void]$XML.SelectSingleNode('//ns:VirtualHardwareSection', $NS).InsertAfter(
                $XMLCPU,
                $XML.SelectSingleNode('//ns:VirtualHardwareSection/ns:System', $NS)
            )
            [void]$XML.SelectSingleNode('//ns:VirtualHardwareSection', $NS).InsertAfter(
                $XMLMemory,
                $XML.SelectSingleNode('//ns:VirtualHardwareSection/ns:System', $NS)
            )
        }
    }
 }
-[void]$XML.SelectSingleNode('//ns:VirtualHardwareSection', $NS).SetAttribute('transport', $NS.LookupNamespace('ovf'), 'com.vmware.guestInfo')
+$XMLAttrTransport = $XML.CreateAttribute('transport', $XML.DocumentElement.ovf)
 $XMLAttrTransport.Value = 'com.vmware.guestInfo'
 [void]$XML.SelectSingleNode('//Any:VirtualHardwareSection', $NS).Attributes.Append($XMLAttrTransport)
 ForEach ($ExtraConfig in $OVFConfig.AdvancedOptions) {
    $XMLExtraConfig = $XML.CreateElement('vmw:ExtraConfig', $XML.DocumentElement.vmw)
-    [void]$XMLExtraConfig.SetAttribute('required', $NS.LookupNamespace('ovf'), "$([boolean]$ExtraConfig.Required)".ToLower())
+    $XMLExtraConfigAttrRequired = $XML.CreateAttribute('required', $XML.DocumentElement.ovf)
-    [void]$XMLExtraConfig.SetAttribute('key', $NS.LookupNamespace('vmw'), $ExtraConfig.Key)
+    $XMLExtraConfigAttrRequired.Value = "$([boolean]$ExtraConfig.Required)".ToLower()
-    [void]$XMLExtraConfig.SetAttribute('value', $NS.LookupNamespace('vmw'), $ExtraConfig.Value)
+    $XMLExtraConfigAttrKey = $XML.CreateAttribute('key', $XML.DocumentElement.vmw)
    $XMLExtraConfigAttrKey.Value = $ExtraConfig.Key
    $XMLExtraConfigAttrValue = $XML.CreateAttribute('value', $XML.DocumentElement.vmw)
    $XMLExtraConfigAttrValue.Value = $ExtraConfig.Value
-    [void]$XML.SelectSingleNode('//ns:VirtualHardwareSection', $NS).AppendChild($XMLExtraConfig)
+    [void]$XMLExtraConfig.Attributes.Append($XMLExtraConfigAttrRequired)
    [void]$XMLExtraConfig.Attributes.Append($XMLExtraConfigAttrKey)
    [void]$XMLExtraConfig.Attributes.Append($XMLExtraConfigAttrValue)
    [void]$XML.SelectSingleNode('//Any:VirtualHardwareSection', $NS).AppendChild($XMLExtraConfig)
 }
-Write-Host "Added $($OVFConfig.AdvancedOptions.Count) 'vmw:ExtraConfig' node(s)"
+Write-Host "Added $($OVFConfig.AdvancedOptions.Count) 'vmw:ExtraConfig' nodes"
-$XMLProductSection = $XML.SelectSingleNode('//ns:ProductSection', $NS)
+$XMLProductSection = $XML.SelectSingleNode('//Any:ProductSection', $NS)
 If ($XMLProductSection -eq $Null) {
    $XMLProductSection = $XML.CreateElement('ProductSection', $XML.DocumentElement.xmlns)
-    [void]$XML.SelectSingleNode('//ns:VirtualSystem', $NS).AppendChild($XMLProductSection)
+    [void]$XML.SelectSingleNode('//Any:VirtualSystem', $NS).AppendChild($XMLProductSection)
    Write-Host "Inserted 'ProductSection'"
 } Else {
-    ForEach ($Child in $XMLProductSection.SelectNodes('//ns:ProductSection/child::*', $NS)) {
+    ForEach ($Child in $XMLProductSection.SelectNodes('//Any:ProductSection/child::*', $NS)) {
        [void]$Child.ParentNode.RemoveChild($Child)
    }
    Write-Host "Destroyed pre-existing children in 'ProductSection'"
@@ -214,13 +124,15 @@ ForEach ($Category in $OVFConfig.PropertyCategories) {
    ForEach ($Property in $Category.ProductProperties) {
        $XMLProperty = $XML.CreateElement('Property', $XML.DocumentElement.xmlns)
-        [void]$XMLProperty.SetAttribute('key', $NS.LookupNamespace('ovf'), $Property.Key)
+        $XMLPropertyAttrKey = $XML.CreateAttribute('key', $XML.DocumentElement.ovf)
        $XMLPropertyAttrKey.Value = $Property.Key
        $XMLPropertyAttrType = $XML.CreateAttribute('type', $XML.DocumentElement.ovf)
        Switch -regex ($Property.Type) {
            '^boolean' {
-                [void]$XMLProperty.SetAttribute('type', $NS.LookupNamespace('ovf'), 'boolean')
+                $XMLPropertyAttrType.Value = 'boolean'
            }
            '^int' {
-                [void]$XMLProperty.SetAttribute('type', $NS.LookupNamespace('ovf'), 'uint16')
+                $XMLPropertyAttrType.Value = 'uint8'
                $Qualifiers = @()
                If ($Property.Type -match '^int\((\d*)\.\.(\d*)\)') {
                    If ($Matches[1]) {
@@ -229,16 +141,23 @@ ForEach ($Category in $OVFConfig.PropertyCategories) {
                    If ($Matches[2]) {
                        $Qualifiers += "MaxValue($($Matches[2]))"
                    }
-                    [void]$XMLProperty.SetAttribute('qualifiers', $NS.LookupNamespace('ovf'), $Qualifiers -join ' ')
+                    $XMLPropertyAttrQualifiers = $XML.CreateAttribute('qualifiers', $XML.DocumentElement.ovf)
                    $XMLPropertyAttrQualifiers.Value = $Qualifiers -join ' '
                    [void]$XMLProperty.Attributes.Append($XMLPropertyAttrQualifiers)
                }
            }
            '^ip' {
-                [void]$XMLProperty.SetAttribute('type', $NS.LookupNamespace('ovf'), 'string')
+                $XMLPropertyAttrType.Value = 'string'
-                [void]$XMLProperty.SetAttribute('qualifiers', $NS.LookupNamespace('vmw'), 'Ip')
+                $XMLPropertyAttrQualifiers = $XML.CreateAttribute('qualifiers', $XML.DocumentElement.vmw)
                $XMLPropertyAttrQualifiers.Value = 'Ip'
                [void]$XMLProperty.Attributes.Append($XMLPropertyAttrQualifiers)
            }
            '^password' {
-                [void]$XMLProperty.SetAttribute('type', $NS.LookupNamespace('ovf'), 'string')
+                $XMLPropertyAttrType.Value = 'string'
-                [void]$XMLProperty.SetAttribute('password', $NS.LookupNamespace('ovf'), 'true')
+                $XMLPropertyAttrPassword = $XML.CreateAttribute('password', $XML.DocumentElement.ovf)
                $XMLPropertyAttrPassword.Value = 'true'
                [void]$XMLProperty.Attributes.Append($XMLPropertyAttrPassword)
                $Qualifiers = @()
                If ($Property.Type -match '^password\((\d*)\.\.(\d*)\)') {
                    If ($Matches[1]) {
@@ -247,11 +166,13 @@ ForEach ($Category in $OVFConfig.PropertyCategories) {
                    If ($Matches[2]) {
                        $Qualifiers += "MaxLen($($Matches[2]))"
                    }
-                    [void]$XMLProperty.SetAttribute('qualifiers', $NS.LookupNamespace('ovf'), $Qualifiers -join ' ')
+                    $XMLPropertyAttrQualifiers = $XML.CreateAttribute('qualifiers', $XML.DocumentElement.ovf)
                    $XMLPropertyAttrQualifiers.Value = $Qualifiers -join ' '
                    [void]$XMLProperty.Attributes.Append($XMLPropertyAttrQualifiers)
                }
            }
            '^string' {
-                [void]$XMLProperty.SetAttribute('type', $NS.LookupNamespace('ovf'), 'string')
+                $XMLPropertyAttrType.Value = 'string'
                $Qualifiers = @()
                If ($Property.Type -match '^string\((\d*)\.\.(\d*)\)') {
                    If ($Matches[1]) {
@@ -260,19 +181,28 @@ ForEach ($Category in $OVFConfig.PropertyCategories) {
                    If ($Matches[2]) {
                        $Qualifiers += "MaxLen($($Matches[2]))"
                    }
-                    [void]$XMLProperty.SetAttribute('qualifiers', $NS.LookupNamespace('ovf'), $Qualifiers -join ' ')
+                    $XMLPropertyAttrQualifiers = $XML.CreateAttribute('qualifiers', $XML.DocumentElement.ovf)
                    $XMLPropertyAttrQualifiers.Value = $Qualifiers -join ' '
                    [void]$XMLProperty.Attributes.Append($XMLPropertyAttrQualifiers)
                } ElseIf ($Property.Type -match '^string\[(.*)\]') {
-                    [void]$XMLProperty.SetAttribute('qualifiers', $NS.LookupNamespace('ovf'), "ValueMap{$($Matches[1] -replace '","', '", "')}")
+                    $XMLPropertyAttrQualifiers = $XML.CreateAttribute('qualifiers', $XML.DocumentElement.ovf)
                    $XMLPropertyAttrQualifiers.Value = "ValueMap{$($Matches[1] -replace '","', '", "')}"
                    [void]$XMLProperty.Attributes.Append($XMLPropertyAttrQualifiers)
                }
            }
        }
-        [void]$XMLProperty.SetAttribute('userConfigurable', $NS.LookupNamespace('ovf'), "$([boolean]$Property.UserConfigurable)".ToLower())
+        $XMLPropertyAttrUserConfigurable = $XML.CreateAttribute('userConfigurable', $XML.DocumentElement.ovf)
-
+        $XMLPropertyAttrUserConfigurable.Value = "$([boolean]$Property.UserConfigurable)".ToLower()
        $XMLPropertyAttrValue = $XML.CreateAttribute('value', $XML.DocumentElement.ovf)
        If ($Property.Type -eq 'boolean') {
-            [void]$XMLProperty.SetAttribute('value', $NS.LookupNamespace('ovf'), "$([boolean]$Property.DefaultValue)".ToLower())
+            $XMLPropertyAttrValue.Value = "$([boolean]$Property.DefaultValue)".ToLower()
        } Else {
-            [void]$XMLProperty.SetAttribute('value', $NS.LookupNamespace('ovf'), $Property.DefaultValue)
+            $XMLPropertyAttrValue.Value = $Property.DefaultValue
        }
        [void]$XMLProperty.Attributes.Append($XMLPropertyAttrKey)
        [void]$XMLProperty.Attributes.Append($XMLPropertyAttrType)
        [void]$XMLProperty.Attributes.Append($XMLPropertyAttrUserConfigurable)
        [void]$XMLProperty.Attributes.Append($XMLPropertyAttrValue)
        If ($Property.Label) {
            $XMLPropertyLabel = $XML.CreateElement('Label', $XML.DocumentElement.xmlns)
@@ -286,19 +216,30 @@ ForEach ($Category in $OVFConfig.PropertyCategories) {
        }
        If (($Property.Configurations.Count -eq 1) -and ($Property.Configurations -eq '*')) {
-            [void]$XMLProperty.SetAttribute('configuration', $NS.LookupNamespace('ovf'), $OVFConfig.DeploymentConfigurations.Id -join ' ')
+            $XMLPropertyAttrConfiguration = $XML.CreateAttribute('configuration', $XML.DocumentElement.ovf)
            $XMLPropertyAttrConfiguration.Value = $OVFConfig.DeploymentConfigurations.Id -join ' '
            [void]$XMLProperty.Attributes.Append($XMLPropertyAttrConfiguration)       
        } ElseIf ($Property.Configurations.Count -gt 0) {
-            [void]$XMLProperty.SetAttribute('configuration', $NS.LookupNamespace('ovf'), $Property.Configurations -join ' ')
+            $XMLPropertyAttrConfiguration = $XML.CreateAttribute('configuration', $XML.DocumentElement.ovf)
            $XMLPropertyAttrConfiguration.Value = $Property.Configurations -join ' '
            [void]$XMLProperty.Attributes.Append($XMLPropertyAttrConfiguration)       
        }
        If ($Property.Value.Count -eq 1) {
-            [void]$XMLProperty.SetAttribute('value', $NS.LookupNamespace('ovf'), $Property.Value)
+            $XMLPropertyAttrValue = $XML.CreateAttribute('value', $XML.DocumentElement.ovf)
            $XMLPropertyAttrValue.Value = $Property.Value
            [void]$XMLProperty.Attributes.Append($XMLPropertyAttrValue)       
        } ElseIf ($Property.Value.Count -gt 1) {
            ForEach ($Value in $Property.Value) {
                $XMLValue = $XML.CreateElement('Value', $XML.DocumentElement.xmlns)
-                [void]$XMLValue.SetAttribute('value', $NS.LookupNamespace('ovf'), $Value)
+                $XMLValueAttrValue = $XML.CreateAttribute('value', $XML.DocumentElement.ovf)
-                [void]$XMLValue.SetAttribute('configuration', $NS.LookupNamespace('ovf'), $Value)
+                $XMLValueAttrValue.Value = $Value
                $XMLValueAttrConfiguration = $XML.CreateAttribute('configuration', $XML.DocumentElement.ovf)
                $XMLValueAttrConfiguration.Value = $Value
                [void]$XMLValue.Attributes.Append($XMLValueAttrValue)
                [void]$XMLValue.Attributes.Append($XMLValueAttrConfiguration)
                [void]$XMLProperty.AppendChild($XMLValue)
            }
--- a/scripts/Update-OvfConfiguration.yml
+++ b/scripts/Update-OvfConfiguration.yml
@@ -1,26 +1,19 @@
 DeploymentConfigurations:
- Id: small
+- Id: domainmember
-  Label: 'Ubuntu Server 20.04 [SMALL: 1 vCPU/2GB RAM]'
+  Label: Domain member
-  Description: Ubuntu Server 20.04.x
+  Description: Windows 10 client joined to an Active Directory domain
-  Size:
+- Id: standalone
-    CPU: 1
+  Label: Stand-alone
-    Memory: 2048
+  Description: Stand-alone Windows 10 client
 - Id: large
  Label: 'Ubuntu Server 20.04 [LARGE: 4 vCPU/8GB RAM]'
  Description: Ubuntu Server 20.04.x
  Size:
    CPU: 4
    Memory: 8192
 DynamicDisks: []
 PropertyCategories:
-# - Name: 0) Deployment information
+- Name: 0) Deployment information
-#   ProductProperties:
+  ProductProperties:
-#   - Key: deployment.type
+  - Key: deployment.type
-#     Type: string
+    Type: string
-#     Value:
+    Value:
-#     - small
+    - domainmember
-#     - large
+    - standalone
-#     UserConfigurable: false
+    UserConfigurable: false
 - Name: 1) Operating System
  ProductProperties:
  - Key: guestinfo.hostname
@@ -30,26 +23,21 @@ PropertyCategories:
    DefaultValue: ''
    Configurations: '*'
    UserConfigurable: true
-  - Key: guestinfo.rootpw
+  - Key: guestinfo.administratorpw
    Type: password(7..)
-    Label: Local root password*
+    Label: Local administrator password*
-    Description: ''
+    Description: Must meet password complexity rules
-    DefaultValue: ''
+    DefaultValue: password
-    Configurations: '*'
+    Configurations:
-    UserConfigurable: true
+    - standalone
  - Key: guestinfo.rootsshkey
    Type: password(1..)
    Label: Local root SSH public key*
    Description: This line should start with 'ssh-rsa AAAAB3N'
    DefaultValue: ''
    Configurations: '*'
    UserConfigurable: true
  - Key: guestinfo.ntpserver
    Type: string(1..)
    Label: Time server*
    Description: A comma-separated list of timeservers
    DefaultValue: 0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org
-    Configurations: '*'
+    Configurations:
    - standalone
    UserConfigurable: true
 - Name: 2) Networking
  ProductProperties:
@@ -81,6 +69,32 @@ PropertyCategories:
    DefaultValue: ''
    Configurations: '*'
    UserConfigurable: true
 - Name: 3) Active Directory membership
  ProductProperties:
  - Key: addsconfig.domainname
    Type: string(1..)
    Label: Domain name*
    Description: Must be able to be resolved through provided DNS server
    DefaultValue: example.org
    Configurations:
    - domainmember
    UserConfigurable: true
  - Key: addsconfig.username
    Type: string(1..)
    Label: Domain account username*
    Description: ''
    DefaultValue: username
    Configurations:
    - domainmember
    UserConfigurable: true
  - Key: addsconfig.password
    Type: password(1..)
    Label: Domain account password*
    Description: ''
    DefaultValue: password
    Configurations:
    - domainmember
    UserConfigurable: true
 AdvancedOptions:
 - Key: appliance.name
  Value: "{{ appliance.name }}"
--- a/scripts/Windows10/Register-ScheduledTask.ps1
+++ b/scripts/Windows10/Register-ScheduledTask.ps1
@@ -0,0 +1,7 @@
 [CmdletBinding()]
 Param(
    # No parameters
 )
 # Create scheduled task
 & schtasks.exe /Create /TN 'FirstBoot' /SC ONSTART /RU SYSTEM /TR "powershell.exe -file C:\Payload\Apply-FirstBootConfig.ps1"
--- a/scripts/Windows10/payload/Apply-FirstBootConfig.ps1
+++ b/scripts/Windows10/payload/Apply-FirstBootConfig.ps1
@@ -0,0 +1,244 @@
 [CmdletBinding()]
 Param(
    # No parameters
 )
 $SetLocationSplat = @{
    Path = $PSScriptRoot
 }
 Set-Location @SetLocationSplat
 $NewEventLogSplat = @{
    LogName     = 'Application'
    Source      = 'FirstBoot'
    ErrorAction = 'SilentlyContinue'
 }
 New-EventLog @NewEventLogSplat
 $WriteEventLogSplat = @{
    LogName   = 'Application'
    Source    = 'FirstBoot'
    EntryType = 'Information'
    EventID   = 1
    Message   = "FirstBoot sequence initiated [working directory: '$PWD']"
 }
 Write-EventLog @WriteEventLogSplat
 $VMwareToolsExecutable = "C:\Program Files\VMware\VMware Tools\vmtoolsd.exe"
 [xml]$ovfEnv = & $VMwareToolsExecutable --cmd "info-get guestinfo.ovfEnv" | Out-String
 $ovfProperties = $ovfEnv.ChildNodes.NextSibling.PropertySection.Property
 $ovfPropertyValues = @{}
 foreach ($ovfProperty in $ovfProperties) {
    $ovfPropertyValues[$ovfProperty.key] = $ovfProperty.Value
 }
 # Check for mandatory values
 Switch ($ovfPropertyValues['deployment.type']) {
    'domainmember' {
        $MandatoryProperties, $MissingProperties = @('guestinfo.hostname', 'guestinfo.ipaddress', 'guestinfo.prefixlength', 'guestinfo.gateway', 'addsconfig.domainname', 'addsconfig.username', 'addsconfig.password'), @()
    }
    'standalone' {
        $MandatoryProperties, $MissingProperties = @('guestinfo.hostname', 'guestinfo.ipaddress', 'guestinfo.prefixlength', 'guestinfo.gateway', 'guestinfo.administratorpw', 'guestinfo.ntpserver'), @()        
    }
    default {
        # Mandatory values missing, cannot provision.
        $WriteEventLogSplat = @{
            LogName   = 'Application'
            Source    = 'FirstBoot'
            EntryType = 'Error'
            EventID   = 66
            Message   = "Unexpected or no value set for property 'deployment.type', cannot provision."
        }
        Write-EventLog @WriteEventLogSplat
        & schtasks.exe /Change /TN 'FirstBoot' /DISABLE
        Stop-Computer -Force
        Exit
    }
 }
 ForEach ($Property in $MandatoryProperties) {
    If (!$ovfPropertyValues[$Property]) {
        $MissingProperties += $Property
    }
 }
 If ($MissingProperties.Length -gt 0) {
        # Mandatory values missing, cannot provision.
        $WriteEventLogSplat = @{
            LogName   = 'Application'
            Source    = 'FirstBoot'
            EntryType = 'Error'
            EventID   = 66
            Message   = "Missing values for mandatory properties $(($MissingProperties | ForEach-Object {"'{0}'" -f $_}) -join ', '), cannot provision."
        }
        Write-EventLog @WriteEventLogSplat
        & schtasks.exe /Change /TN 'FirstBoot' /DISABLE
        Stop-Computer -Force
        Exit
 }
 # Set hostname and description
 If ($Env:ComputerName -ne $ovfPropertyValues['guestinfo.hostname']) {
    $RenameComputerSplat = @{
        NewName     = $ovfPropertyValues['guestinfo.hostname']
        Force       = $True
        Confirm     = $False
    }
    Rename-Computer @RenameComputerSplat
    $SetCimInstanceSplat = @{
        InputObject = (Get-CimInstance -ClassName 'Win32_OperatingSystem')
        Property    = @{
            Description = $ovfPropertyValues['guestinfo.hostname']
        }
    }
    Set-CimInstance  @SetCimInstanceSplat
    # Restart the computer to apply changes
    Restart-Computer -Force
    Exit
 }
 # Configure network interface
 If ((Get-WmiObject -Class 'Win32_NetworkAdapterConfiguration').IPAddress -NotContains $ovfPropertyValues['guestinfo.ipaddress']) {
    $NewNetIPAddressSplat = @{
        InterfaceAlias = (Get-NetAdapter).Name
        AddressFamily  = 'IPv4'
        IPAddress      = $ovfPropertyValues['guestinfo.ipaddress']
        PrefixLength   = $ovfPropertyValues['guestinfo.prefixlength']
        DefaultGateway = $ovfPropertyValues['guestinfo.gateway']
    }
    $IPAddress = New-NetIPAddress @NewNetIPAddressSplat
    # Wait for network connection to become available
    $Timestamp, $TimeoutMinutes = (Get-Date), 5
    Do {
        If ($Timestamp.AddMinutes($TimeoutMinutes) -lt (Get-Date)) {
            $WriteEventLogSplat = @{
                LogName   = 'Application'
                Source    = 'FirstBoot'
                EntryType = 'Warning'
                EventID   = 13
                Message   = "Timeout after $($TimeoutMinutes) minutes waiting for network connection to become available."
            }
            Write-EventLog @WriteEventLogSplat
            Break
        }
        Start-Sleep -Milliseconds 250
        $GetNetIPAddressSplat = @{
            IPAddress      = $ovfPropertyValues['guestinfo.ipaddress']
            InterfaceIndex = $IPAddress.InterfaceIndex
            AddressFamily  = 'IPv4'
            ErrorAction    = 'SilentlyContinue'
        }
    } Until ((Get-NetIPAddress @GetNetIPAddressSplat).AddressState -eq 'Preferred')
    $OldErrorActionPreference, $ErrorActionPreference = $ErrorActionPreference, 'SilentlyContinue'
    $TestNetConnectionSplat = @{
        ComputerName     = ([IPAddress]$ovfPropertyValues['guestinfo.dnsserver']).IPAddressToString
        InformationLevel = 'Quiet'
    }
    $SetDnsClientServerAddressSplat = @{
        InterfaceAlias  = (Get-NetAdapter).Name
        ServerAddresses = If (
            [boolean]($ovfPropertyValues['guestinfo.dnsserver'] -as [IPaddress]) -and (Test-NetConnection @TestNetConnectionSplat)) {
                ($ovfPropertyValues['guestinfo.dnsserver'])
            } else {
                ('127.0.0.1')
            }
        Validate        = $False
    }
    Set-DnsClientServerAddress @SetDnsClientServerAddressSplat
    $ErrorActionPreference, $OldErrorActionPreference = $OldErrorActionPreference, $NULL
 }
 Switch ($ovfPropertyValues['deployment.type']) {
    'domainmember' {
        # Join Active Directory domain as member
        If (!(Get-WmiObject -Class Win32_ComputerSystem).PartOfDomain) {
            $AddComputerSplat = @{
                DomainName = $ovfPropertyValues['addsconfig.domainname']
                Credential = New-Object System.Management.Automation.PSCredential(
                    $ovfPropertyValues['addsconfig.username'],
                    (ConvertTo-SecureString $ovfPropertyValues['addsconfig.password'] -AsPlainText -Force)
                )
                # OUPath     = $ovfPropertyValues['addsconfig.organizationalunit']
                Restart    = $True
                Force      = $True
                Confirm    = $False
            }
            Add-Computer @AddComputerSplat
            # Previous cmdlet performs a reboot on completion; so these are commented out
            # Restart-Computer -Force
            # Exit
        }
    }
    'standalone' {
        # Change password of built-in Administrator
        $BuiltinAdministrator = (Get-LocalUser | Where-Object {$_.SID -match '-500'})
        $ConvertToSecureStringSplat = @{
            String      = $ovfPropertyValues['guestinfo.administratorpw']
            AsPlainText = $True
            Force       = $True
        }
        $SetLocalUserSplat = @{
            InputObject           = $BuiltinAdministrator
            Password              = ConvertTo-SecureString @ConvertToSecureStringSplat
            PasswordNeverExpires  = $True
            AccountNeverExpires   = $True
            ### This setting is not allowed on the last administrator
            # UserMayChangePassword = $False
            Confirm               = $False
        }
        Set-LocalUser @SetLocalUserSplat
        $EnableLocalUserSplat = @{
            InputObject = $BuiltinAdministrator
            Confirm     = $False
        }
        Enable-LocalUser @EnableLocalUserSplat
    }
 }
 # Iterate through and invoke all payload scripts
 #! TODO: add registry values to determine which scripts have already been invoked (in case of intermediate reboots)
 $GetItemSplat = @{
    Path = "$($PSScriptRoot)\Scripts\*.ps1"
 }
 ForEach ($Script in (Get-Item @GetItemSplat)) {
    Try {
        $WriteEventLogSplat = @{
            LogName   = 'Application'
            Source    = 'FirstBoot'
            EntryType = 'Information'
            EventID   = 4
            Message   = "Running script: '$($Script.FullName)'"
        }
        Write-EventLog @WriteEventLogSplat
        & $Script.FullName -Parameter $ovfPropertyValues
    }
    Catch {
        $WriteEventLogSplat = @{
            LogName   = 'Application'
            Source    = 'FirstBoot'
            EntryType = 'Error'
            EventID   = 66
            Message   = @"
 Error occurred while executing script '$($Script.Name)':
 $($_.Exception.Message)
 "@
        }
        Write-EventLog @WriteEventLogSplat
    }
 }
 $WriteEventLogSplat = @{
    LogName   = 'Application'
    Source    = 'FirstBoot'
    EntryType = 'Information'
    EventID   = 42
    Message   = 'FirstBoot sequence applied and finished'
 }
 Write-EventLog @WriteEventLogSplat
 & schtasks.exe /Change /TN 'FirstBoot' /DISABLE
Author	SHA1	Message	Date
djpbessems	b4f62b465d	Update packer windows-update plugin All checks were successful continuous-integration/drone/push Build is passing Details	2021-10-25 13:32:57 +02:00
djpbessems	060ac37dc0	Update VMware Tools	2021-10-25 13:12:00 +02:00
		`@@ -1,2 +0,0 @@`
			`iso_url = "sn.itch.fyi/Repository/iso/Canonical/Ubuntu%20Server%2020.04/ubuntu-20.04.2-live-server-amd64.iso"`
			`iso_checksum = "sha256:D1F2BF834BBE9BB43FAF16F9BE992A6F3935E65BE0EDECE1DEE2AA6EB1767423"`
		`@@ -0,0 +1,2 @@`
							`@rem Silent mode, basic UI, no reboot`
							`e:\setup64 /s /v "/qb REBOOT=R"`