Table of Contents

Product : Win7-Config (Firewall, Updates and other)

Script by — Thomas_H 2014/11/17 15:14
Tested with opsi 4.0.1
Test with W7 32 & 64 Bit
The installion-files for Screen Resolution Changer (qres.exe) are available at : http://sourceforge.net/projects/qres/
Feel free to contact me for questions or errors.

This script is doing the following:

  1. Set Screen Resolution to 1280 * 1024
  2. Activate AutoUpdates
  3. opens Remotedesktop
  4. Activate Firewall
  5. Reset Firewall (delete all rules)
  6. Add VNCServer to Firewall
  7. Add VNCViewer to Firewall
  8. Open opsiclientd-control-port 4441 in Firewall
  9. Open remotedesktop in Firewall

For more options please feel free to add them under the script.

Tree:

DATA_CLIENT
  ├ win7config.jpg     # Product Picture
  ├ setup.ins 
  └ qres.exe

setup.ins

[Initial]
Message= Windows7-Settings
SetLogLevel=6
ExitOnError=false
ScriptErrorMessages=true
TraceMode=off
 
ShowBitmap "%ScriptPath%\win7config.jpg"
if FileExists64("C:\Windows\cmd64.exe")  
 
		registry_rdp /64Bit
		registry_update /64Bit
                DosBatch_1
        else
		registry_rdp /32Bit
		registry_update /32Bit
                DosBatch_1
endif
 
 
[registry_rdp]
openkey [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server]
set "fDenyTSConnections" = REG_DWORD:0
 
[registry_update]
openkey [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
set "NoAutoUpdate" = REG_DWORD:0
set "AUOptions" = REG_DWORD:3
set "ScheduledInstallDay" = REG_DWORD:4
set "ScheduledInstallTime" = REG_DWORD:4
 
[DosBatch_1]
%scriptpath%\qres.exe /x:1280 /y:1024
c:\windows\system32\sc.exe config MpsSvc start= auto
c:\windows\system32\netsh.exe advfirewall set currentprofile state on >nul
c:\windows\system32\netsh.exe advfirewall reset
c:\windows\system32\netsh.exe advfirewall firewall add rule name="VNCServer" dir=in action=allow program="c:\program files\tightvnc\tvnserver.exe" enable=yes
c:\windows\system32\netsh.exe advfirewall firewall add rule name="VNCViewer" dir=in action=allow program="c:\program files\tightvnc\vncviewer.exe" enable=yes
c:\windows\system32\netsh.exe advfirewall firewall add rule name="opsiclientd-control-port" dir=in action=allow protocol=TCP localport=4441
c:\windows\system32\netsh.exe advfirewall firewall set rule group="remotedesktop" new enable=yes
 
shutdown /r /f /t 0

More options are following here. Add them to setup.ins as described in comments.

more options

- Open Firewall for AVG (free)

# open the firewall for AVG. 
#  - Add AVG Diagnose 2014 to Firewall
#  - Add AVG Online Shield to Firewall
#  - Add AVG Personal Email Scanner to Firewall
#  - Add AVG Installation Program to Firewall
#
# Add this to the [Dos_Batch_1]-Section
 
c:\windows\system32\netsh.exe advfirewall firewall add rule name="AVG Diagnose 2014" dir=in action=allow program="c:\program files\avg\avg2014\avgdiagex.exe" enable=yes
c:\windows\system32\netsh.exe advfirewall firewall add rule name="AVG Online Shield" dir=in action=allow program="c:\program files\avg\avg2014\avgnsx.exe" enable=yes
c:\windows\system32\netsh.exe advfirewall firewall add rule name="Personal Email Scanner" dir=in action=allow program="c:\program files\avg\avg2014\avgemcx.exe" enable=yes
c:\windows\system32\netsh.exe advfirewall firewall add rule name="AVG Installationsprogramm" dir=in action=allow program="c:\program files\avg\avg2014\avgmfapx.exe" enable=yes