# HLK-Setup-Scripts These script will help you configure HLK/HCK setup to be used with AutoHCK. This guide will help you set up and configure HLK/HCK test environment to be used with AutoHCK ## Compatibility table ------------------------------------ | Studio | Studio OS | Clients | ------------------------------------ | HCK | Win2012 | | | | | Win7 | | | | Win8 | | | | Win8.1 | | | | Win2012 | | | | Win2012R2 | ------------------------------------ | HLK1607 | Win2012R2 | | | | | Win2016 | ------------------------------------ | HLK1703 | Win2012R2 | | | | | Win10 1703 | | | | Win10 1607 | ------------------------------------ | HLK1709 | Win2012R2 | | | | | Win10 1709 | ------------------------------------ | HLK1803 | Win2012R2 | | | | | Win10 1803 | ------------------------------------ | HLK1809 | Win2012R2 | | | | | Win10 1809 | | | | Win2016 | ------------------------------------ | HLK1903 | Win2012R2 | | | | | Win10 1903 | ------------------------------------ | HLK2004 | Win2016 | | | | | Win10 2004 | ------------------------------------ ## Installation guide 1. Clone a new VirtHCK and these script inside the SMB share folder: ``` git clone https://github.com/daynix/VirtHCK.git cd VirtHCK/SMB_SHARE git clone https://github.com/HCK-CI/HLK-Setup-Scripts ``` 2. If you already have a controller image and only want to create new clients jump to step 14: 3. If you have access to offline HCK/HCK installation also copy them: they should be in the following structure: - HLK-Setup-Scripts/Kits/HCK/HCKSetup.exe - HLK-Setup-Scripts/Kits/HLK1607/HLKSetup.exe - HLK-Setup-Scripts/Kits/HLK1703/HLKSetup.exe - HLK-Setup-Scripts/Kits/HLK1709/HLKSetup.exe - HLK-Setup-Scripts/Kits/HLK1803/HLKSetup.exe - HLK-Setup-Scripts/Kits/HLK1809/HLKSetup.exe - HLK-Setup-Scripts/Kits/HLK1903/HLKSetup.exe - HLK-Setup-Scripts/Kits/HLK2004/HLKSetup.exe if you don't have access, copy the the online installers will should look like this: - HLK-Setup-Scripts/Kits/HCK/HCKSetup.exe - HLK-Setup-Scripts/Kits/HLK1607Setup.exe - HLK-Setup-Scripts/Kits/HLK1703Setup.exe - HLK-Setup-Scripts/Kits/HLK1709Setup.exe - HLK-Setup-Scripts/Kits/HLK1803Setup.exe - HLK-Setup-Scripts/Kits/HLK1809Setup.exe - HLK-Setup-Scripts/Kits/HLK1903Setup.exe - HLK-Setup-Scripts/Kits/HLK2004Setup.exe 4. Inside the images folder create a QEMU VM image for the Controller: ``` qemu-img create -f qcow2 images/<KIT><HLK-VERSION>.qcow2 300G ``` Examples: ``` qemu-img create -f qcow2 images/HCK.qcow2 500G qemu-img create -f qcow2 images/HLK1709.qcow2 500G ``` 5. Create HLK-Setup-Scripts args.ps1 file, set HLKKITVER and KITTYPE. See args.ps1.example for example. You can redefine any variable from auxiliary.ps1 6. Copy answer file templates from HLK-Setup-Scripts/answer-files to HLK-Setup-Scripts, replace value in templates according to README and rename it to `*.xml` 7. Create hlk-ci.iso with the next command: ``` mkisofs -iso-level 4 -l -R -udf -D \ -o "/home/hck-ci/Isos/hlk-ci.iso" \ "/path/to/HLK-Setup-Scripts/" ``` 8. Set a VirtHCK setup with the needed changes: for Windows 8.1 / Windows Server 2012R2 or earlier (HCK): prepare a Windows 2012 installation ISO for Windows 10 / Windows Server 2016 or newer (HLK): prepare a Windows 2012R2 installation ISO in the hck_setup.cfg file edit Set UNSAFE_CACHE to on for faster VM installation. 9. Run VirtHCK to install Windows controller and wait for shutdown: ``` sudo ./hck.sh ci_mode -st_image images/<KIT><HLK-VERSION>.qcow2 \ -st_extra "-cdrom /home/hck-ci/Isos/WinIso.iso -drive file=/home/hck-ci/Isos/hlk-ci.iso,media=cdrom,readonly" st ``` 10. Create a snapshot image of the controller: ``` qemu-img create -f qcow2 -b images/HLK1803.qcow2 HLK1803-snapshot.qcow2 ``` 11. Create two QEMU VM images for the HCK Clients with the following names: ``` qemu-img create -f qcow2 images/<KIT><HLK-VERSION>_C1_<OS_NAME><OS_ARCH>.qcow2 300G qemu-img create -f qcow2 images/<KIT><HLK-VERSION>_C2_<OS_NAME><OS_ARCH>.qcow2 300G ``` for example: ``` qemu-img create -f qcow2 images/HCK_C1_Win8x64.qcow2 300G qemu-img create -f qcow2 images/HCK_C2_Win8x64.qcow2 300G qemu-img create -f qcow2 images/HLK1803_C1_Win10x86.qcow2 300G qemu-img create -f qcow2 images/HLK1803_C2_Win10x86.qcow2 300G ``` 12. Repeat step 6, 7 with proper value for client Installation 13. Run studio and clients machines in VirtHCK to install clients: ``` sudo ./hck.sh ci_mode -st_image images/HLK1803-snapshot.qcow2 st sudo ./hck.sh ci_mode -c1_image images/HLK1803-C1-Win10x64.qcow2 \ -c1_extra "-cdrom /home/hck-ci/Isos/WinIso.iso -drive file=/home/hck-ci/Isos/hlk-ci.iso,media=cdrom,readonly" c1 sudo ./hck.sh ci_mode -c2_image images/HLK1803-C2-Win10x64.qcow2 \ -c2_extra "-cdrom /home/hck-ci/Isos/WinIso.iso -drive file=/home/hck-ci/Isos/hlk-ci.iso,media=cdrom,readonly" c2 ``` 14. Install the Windows on the clients. Windows server clients should be installed without GUI. 15. Shutdown all three machines. 16. Delete the snapshot file and archive copies of the studio (if needed) and the two clients ## Scripts breakdown To manual installation or to understand what the ps1 file does, follow this: ### steps for both studio and clients 1. Disable Server manager popup on startup ``` reg add "HKLM\SOFTWARE\Microsoft\ServerManager" /v "DoNotOpenServerManagerAtLogon" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTWARE\Microsoft\ServerManager\Oobe" /v "DoNotOpenInitialConfigurationTasksAtLogon" /t REG_DWORD /d "1" /f ``` 2. Enable Administrator account ``` net user administrator /active:yes net user administrator "Qum5net." ``` 3. Enable auto logon for Administrator ``` reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "AutoAdminLogon" /t REG_SZ /d "1" /f reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "DefaultDomainName" /t REG_SZ /d "WORKGROUP" /f reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "DefaultUserName" /t REG_SZ /d "Administrator" /f reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "DefaultPassword" /t REG_SZ /d "Qum5net." /f ``` 4. Disable Windows Firewall ``` netsh advfirewall set allprofiles state off reg add "HKLM\SOFTWARE\Microsoft\Security Center" /v "FirewallDisableNotify" /t REG_DWORD /d "1" /f ``` 5. Setting unidentified networks to private ``` reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\010103000F0000F0010000000F0000F0C967A3643C3AD745950DA7859209176EF5B87C875FA20DF21951640E807D7C24" /v "Category" /t REG_DWORD /d "1" /f ``` 6. Disabling Windows Update ``` sc config wuauserv start= disabled sc stop wuauserv reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v "AUOptions" /t REG_DWORD /d "1" /f ``` 7. Disablnig screensaver ``` reg add "HKCU\Control Panel\Desktop" /v "ScreenSaveActive" /t REG_SZ /d "0" /f reg add "HKCU\Control Panel\Desktop" /v "SCRNSAVE.EXE" /t REG_SZ /d "" /f ``` 8. Disabling power saving options ``` powercfg -change -monitor-timeout-ac 0 powercfg -change -disk-timeout-ac 0 powercfg -change -standby-timeout-ac 0 powercfg -hibernate off ``` 9. Enable WinRM (PowerShell Remoting) ``` cmd.exe /c winrm quickconfig -q cmd.exe /c winrm set winrm/config "@{MaxTimeoutms="14400000"}" cmd.exe /c winrm set winrm/config/service/auth "@{Basic="true"}" cmd.exe /c winrm set winrm/config/service "@{AllowUnencrypted="true"}" ``` ## Steps only on Studio 1. Rename computer name to "STUDIO" Restart the machine afterwards for changes to take effect ``` WMIC ComputerSystem where Name="%computername%" call Rename Name="HLK-STUDIO" shutdown /r /t 0 ``` 2. Configure Network adapters rename the device with mac address ending with "DD" to "External" ``` netsh interface set interface name="!name!" newname="External" ``` rename the device with mac address ending with "CC" to "Control" and give it a static ip of 192.168.100.1 and netmask of 255.255.255.0 ``` netsh interface ip set address name="!name!" static 192.168.100.1 255.255.255.0 netsh interface set interface name="!name!" newname="Control" ``` 3. Port forwarding for Winrm clients ``` netsh interface portproxy add v4tov4 listenport=4002 connectaddress=192.168.100.2 connectport=5985 netsh interface portproxy add v4tov4 listenport=4003 connectaddress=192.168.100.3 connectport=5985 ``` 4. Install the wanted HLK/HCK-Studio run the HCKSetup.exe or HLKSetup.exe file provided 5. Disable windows gui (OPTIONAL) ``` powershell "Remove-WindowsFeature Server-Gui-Shell, Server-Gui-Mgmt-Infra -Restart" ``` 6. Update HCKFilters ``` bitsadmin /transfer "Downloading Filters" "%FILTERS%" "%~dp0FilterUpdates.cab" expand -i "%~dp0FilterUpdates.cab" -f:UpdateFilters.sql "%DTMBIN%\" del FilterUpdates.cab pushd "%DTMBIN%\" "%DTMBIN%\updatefilters.exe" /s del UpdateFilters.sql popd ``` ## Steps only on clients 1. rename computer name to "CL1" or "CL2" replace [x] with the client number Restart the machine afterwards for changes to take effect ``` WMIC ComputerSystem where Name="%computername%" call Rename Name="CL[x]" shutdown /r /t 0 ``` 2. Configure Network adapter rename the device with mac address ending with "CC-CC" to "MessageDevice" and give it a static ip of 192.168.100.[x], netmask of 255.255.255.0 and default gateway to 192.168.100.1 ([x] replace x with the subsequent number of the client number (e.g for client 1 use 2) ``` netsh interface ip set address name="!name!" static 192.168.100.[x] 255.255.255.0 192.168.100.1 netsh interface set interface name="!name!" newname="MessageDevice" ``` 3. Enable testsigning ``` bcdedit /set testsigning on shutdown -r -t 0 ``` 4. Install HLK-Clients from the Studio smb share run \\STUDIO\HLKInstall\Client\setup.cmd for HLK or \\STUDIO\HCKInstall\Client\setup.exe fro HCK
hymeca/HLK-Setup-Scripts
Helper scripts to configure VMs needed for HLK/HCK setup to be used with AutoHCK
PowerShellBSD-2-Clause