NTLite Slipstreaming Windows 10 Notes

There are a few quirks when it comes to slipstreaming Windows 10 with NTLite.

Built-in administrator account logs in automatically by default

If you don’t create a password in NTLite when choosing built-in Administrator account, you will be auto-logged in. Remember to change the password afterwards!

Unattended installation will mark your machine as managed by the corporate office

Ping and file sharing (Samba/CIFS) with older Windows machines blocked out of the box

They are blocked by firewall out of the box. There’s a firewall setting group specifically for the service that can be enabled.

Powershell scripts wouldn’t execute

Because Microsoft changed the defaults and do not allow Powershell scripts to run out of the box. I have a CMD command to run in Post-Setup that you can run before any Powershell scripts are executed that’d fix the issue.


Slipstream-able Windows updates immediately following 21H2

windows10.0-kb4565627-x64-ndp48_b618d388f45d951c842a3e4fb71da120ae3940eb
windows10.0-kb4569745-x64-ndp48_8cd7482e550d1726441d66b46f11e968e919748e
windows10.0-kb5008876-x64-ndp48_9b34f8d0e6a5586806ee62c89775d758621e9b46
windows10.0-kb5010472-x64-ndp48_2ddef186366792bd766bc55a2ee63819e8770e07
windows10.0-kb5011543-x64_1c97e86392f8e18fe415630f60608a9091f28bbd

Basically all the 4 updates about with the tag -ndp48_ refers to NET Framework 4.8. The last one (KB5011543 for now) is a 600MB+ roll-up that gets updated often that you might want to check Microsoft Update Catalog for the latest YYYY-MM Cumulative Update Preview and replace it (check superseded info)


Annoyances fixed with Registry/Post-Setup scripts

  • Computer put to standby with a timeout by default

  • Event Viewer Errors that cannot be stopped by disabling all Event Viewer channels:
  • Windows Updater keeps bugging you for Malicious Software Removal (it’ll prompt you over and over until you finished all the virus/malware definition files)
  • Prevent Windows 11 upgrade from checking for TPM
  • Microsoft Edge will bug you for executables downloads in general which they deemed unsafe regardless
  • Windows do not backup your registry regularly by default
  • Event Viewer will bug you about Printer Notifications not working (Microsoft forgot to account for their product still using interactive Session 0 which they disabled for security concerns)

Enable System Restore Point and capture it on every login

  1. Enable System Restore on System Drive
  2. Disable refractory period (won’t run again in 24 hour even if requested) in registry
    (Needs to be done with reg.exe instead of just a registry file with NTLite to make sure it doesn’t get overwritten during provisioning)
  3. Create scheduled task that takes a snapshot at every logon
Enable-ComputerRestore $env:systemdrive

# There's a 24hr refactory period if the key was not disabled (set to 0)
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore" /t REG_DWORD /v SystemRestorePointCreationFrequency /d 0 /f 

# Register task to create snapshot at every logon
$Trigger= New-ScheduledTaskTrigger -AtLogon
$User= "NT AUTHORITY\SYSTEM"
$Action= New-ScheduledTaskAction -Execute 'Powershell.exe' -Argument '-Command Checkpoint-Computer -Description "TWC-RestorePoint" -RestorePointType MODIFY_SETTINGS'
Register-ScheduledTask -TaskName "Create System Restore Point" -Trigger $Trigger -User $User -Action $Action -RunLevel Highest

NT Lite slipstream script for reference

	<Compatibility protectHidden="false">
		<ComponentFeatures>
			<Feature enabled="no">AppGuard</Feature>
			<Feature enabled="no">Bluetooth</Feature>
			<Feature enabled="no">CapFrameX</Feature>
			<Feature enabled="yes">Discord</Feature>
			<Feature enabled="yes">FileSharing</Feature>
			<Feature enabled="no">Hyper-V</Feature>
			<Feature enabled="no">iCloud</Feature>
			<Feature enabled="yes">ManualSetup</Feature>
			<Feature enabled="no">Edge</Feature>
			<Feature enabled="yes">OfficeSupport</Feature>
			<Feature enabled="yes">AppxSupport</Feature>
			<Feature enabled="yes">Netflix</Feature>
			<Feature enabled="no">NetworkDiscovery</Feature>
			<Feature enabled="no">NightLight</Feature>
			<Feature enabled="yes">NvidiaSetup</Feature>
			<Feature enabled="yes">OOBE</Feature>
			<Feature enabled="yes">Printing</Feature>
			<Feature enabled="yes">Recommended-All</Feature>
			<Feature enabled="no">SamsungSwitch</Feature>
			<Feature enabled="yes">Scanning</Feature>
			<Feature enabled="yes">ServicingStack</Feature>
			<Feature enabled="yes">ShellSearchSupport</Feature>
			<Feature enabled="yes">Spotify</Feature>
			<Feature enabled="yes">DefaultFonts</Feature>
			<Feature enabled="no">SafeMode</Feature>
			<Feature enabled="yes">TeamViewer</Feature>
			<Feature enabled="no">Recommended-Tablet</Feature>
			<Feature enabled="yes">USBModem</Feature>
			<Feature enabled="yes">USB</Feature>
			<Feature enabled="no">VideoPlayback</Feature>
			<Feature enabled="no">VPN</Feature>
			<Feature enabled="no">VisualStudio</Feature>
			<Feature enabled="no">VSS</Feature>
			<Feature enabled="yes">ActivationKMS</Feature>
			<Feature enabled="yes">Activation</Feature>
			<Feature enabled="yes">WindowsStore</Feature>
			<Feature enabled="yes">WindowsUpdate</Feature>
			<Feature enabled="yes">WLAN</Feature>
			<Feature enabled="no">YubiKey</Feature>
		</ComponentFeatures>
		<MachineDrivers>
			<Machine enabled="yes">HostMachine</Machine>
			<Machine enabled="no">Hyper-V VM</Machine>
			<Machine enabled="no">Parallels VM</Machine>
			<Machine enabled="no">Virtual Box VM</Machine>
			<Machine enabled="no">VMware VM</Machine>
		</MachineDrivers>
	</Compatibility>
	<Features>
		<Feature name="OneCoreUAP.OneSync~~~~0.0.1.0">false</Feature>
		<Feature name="Browser.InternetExplorer~~~~0.0.11.0">false</Feature>
		<Feature name="Internet-Explorer-Optional-amd64">false</Feature>
		<Feature name="MediaPlayback">false</Feature>
		<Feature name="Microsoft.Windows.MSPaint~~~~0.0.1.0">false</Feature>
		<Feature name="App.Support.QuickAssist~~~~0.0.1.0">false</Feature>
		<Feature name="Printing-XPSServices-Features">false</Feature>
		<Feature name="OpenSSH.Client~~~~0.0.1.0">false</Feature>
		<Feature name="SMB1Protocol-Deprecation">true</Feature>
		<Feature name="SMB1Protocol-Client">true</Feature>
		<Feature name="SMB1Protocol">true</Feature>
		<Feature name="SMB1Protocol-Server">true</Feature>
		<Feature name="Windows.Client.ShellComponents~~~~0.0.1.0">false</Feature>
		<Feature name="Hello.Face.Migration.18967~~~~0.0.1.0">false</Feature>
		<Feature name="Hello.Face.18967~~~~0.0.1.0">false</Feature>
		<Feature name="WindowsMediaPlayer">false</Feature>
		<Feature name="SearchEngine-Client-Package">false</Feature>
		<Feature name="Microsoft.Windows.WordPad~~~~0.0.1.0">false</Feature>
		<Feature name="WorkFolders-Client">false</Feature>
	</Features>
	<Drivers showHidden="false"></Drivers>
	<Unattended mode="1">
		<OEMSetupComplete>false</OEMSetupComplete>
		<AnswerFileLocationPanther>false</AnswerFileLocationPanther>
		<AnswerFileLocationBoot>false</AnswerFileLocationBoot>
		<SaveBothArch>false</SaveBothArch>
		<EditionPrompt>false</EditionPrompt>
		<settings pass="oobeSystem">
			<component name="Microsoft-Windows-International-Core">
				<InputLocale>007f:00000409</InputLocale>
				<SystemLocale>en-US</SystemLocale>
				<UILanguage>en-US</UILanguage>
				<UILanguageFallback>en-US</UILanguageFallback>
				<UserLocale>en-US</UserLocale>
			</component>
			<component name="Microsoft-Windows-Shell-Setup">
				<OOBE>
					<HideEULAPage>true</HideEULAPage>
					<HideLocalAccountScreen>true</HideLocalAccountScreen>
					<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
					<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
					<NetworkLocation>Home</NetworkLocation>
					<ProtectYourPC>3</ProtectYourPC>
					<SkipMachineOOBE>false</SkipMachineOOBE>
					<SkipUserOOBE>true</SkipUserOOBE>
				</OOBE>
				<UserAccounts>
					<AdministratorPassword>
						<PlainText>true</PlainText>
						<Value></Value>
					</AdministratorPassword>
					<LocalAccounts>
						<LocalAccount>
							<Group>Administrators</Group>
							<Name>Administrator</Name>
							<Password>
								<PlainText>true</PlainText>
								<Value></Value>
							</Password>
						</LocalAccount>
					</LocalAccounts>
				</UserAccounts>
			</component>
		</settings>
		<settings pass="specialize">
			<component name="Microsoft-Windows-Deployment">
				<RunSynchronous>
					<RunSynchronousCommand>
						<Order>1</Order>
						<Path>net user Administrator /active:Yes</Path>
						<WillReboot>Never</WillReboot>
					</RunSynchronousCommand>
				</RunSynchronous>
			</component>
			<component name="Microsoft-Windows-Security-SPP-UX">
				<SkipAutoActivation>true</SkipAutoActivation>
			</component>
		</settings>
		<settings pass="windowsPE">
			<component name="Microsoft-Windows-Setup">
				<Diagnostics>
					<OptIn>false</OptIn>
				</Diagnostics>
				<DynamicUpdate>
					<WillShowUI>OnError</WillShowUI>
				</DynamicUpdate>
				<ImageInstall>
					<OSImage>
						<WillShowUI>OnError</WillShowUI>
						<InstallFrom>
							<MetaData>
								<Key>/IMAGE/INDEX</Key>
								<Value>6</Value>
							</MetaData>
						</InstallFrom>
					</OSImage>
				</ImageInstall>
				<UserData>
					<AcceptEula>true</AcceptEula>
					<ProductKey>
						<Key></Key>
					</ProductKey>
				</UserData>
			</component>
		</settings>
	</Unattended>
	<Tweaks>
		<Settings>
			<TweakGroup name="AutoLogger">
				<Tweak name="CloudExperienceHostOobe\Start">0</Tweak>
			</TweakGroup>
			<TweakGroup name="CrashControl">
				<Tweak name="CrashControl\AutoReboot">0</Tweak>
				<Tweak name="CrashControl\CrashDumpEnabled">0</Tweak>
			</TweakGroup>
			<TweakGroup name="DesktopTweaks">
				<Tweak name="Explorer\NoPinningStoreToTaskbar">1</Tweak>
				<Tweak name="NewStartPanel\{59031a47-3f72-44a7-89c5-5595fe6b30ee}">1</Tweak>
				<Tweak name="Desktop\IconSize">256</Tweak>
				<Tweak name="Explorer\HideSCAMeetNow">1</Tweak>
				<Tweak name="Feeds\ShellFeedsTaskbarViewMode">2</Tweak>
				<Tweak name="Explorer\DisableNotificationCenter">1</Tweak>
				<Tweak name="PushNotifications\NoCloudApplicationNotification">1</Tweak>
				<Tweak name="Start\HideRecentJumplists">1</Tweak>
				<Tweak name="Search\SearchboxTaskbarMode">2</Tweak>
				<Tweak name="Advanced\DisablePreviewDesktop">1</Tweak>
				<Tweak name="People\PeopleBand">0</Tweak>
				<Tweak name="Advanced\TaskbarGlomLevel">2</Tweak>
				<Tweak name="Advanced\MMTaskbarEnabled">1</Tweak>
				<Tweak name="Keyboard\PrintScreenKeyForSnippingEnabled">0</Tweak>
			</TweakGroup>
			<TweakGroup name="EventLogs">
				<Tweak name="Microsoft-AppV-Client\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-AppV-Client\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-AppV-Client\Virtual Applications\Enabled">0</Tweak>
				<Tweak name="Microsoft-Client-Licensing-Platform\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-User Experience Virtualization-Agent Driver\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-User Experience Virtualization-App Agent\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-User Experience Virtualization-IPC\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-User Experience Virtualization-SQM Uploader\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-AAD\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-All-User-Install-Agent\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-AllJoyn\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-AppHost\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-AppID\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-ApplicabilityEngine\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Application Server-Applications\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Application Server-Applications\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Application-Experience\Program-Compatibility-Assistant\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Application-Experience\Program-Compatibility-Troubleshooter\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Application-Experience\Program-Inventory\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Application-Experience\Program-Telemetry\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Application-Experience\Steps-Recorder\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Kernel-ApphelpCache\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-AppLocker\EXE and DLL\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-AppLocker\MSI and Script\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-AppLocker\Packaged app-Deployment\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-AppLocker\Packaged app-Execution\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-AppModel-Runtime\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-AppReadiness\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-AppReadiness\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-AppXDeploymentServer\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-AppXDeploymentServer\Restricted\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-AppXDeployment\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-AppxPackaging\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-AssignedAccess\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-AssignedAccessBroker\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Audio\CaptureMonitor\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Audio\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Audio\PlaybackManager\Enabled">0</Tweak>
				<Tweak name="Channels\Microsoft-Windows-Backup\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Biometrics\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-BitLocker\BitLocker Management\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-BitLocker-DrivePreparationTool\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-BitLocker-DrivePreparationTool\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Bits-Client\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Bluetooth-BthLEPrepairing\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-BranchCache\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-BranchCacheSMB\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-BackgroundTaskInfrastructure\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Regsvr32\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-CertificateServicesClient-Lifecycle-System\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-CertificateServicesClient-Lifecycle-User\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Cleanmgr\Diagnostic\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-CloudStore\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-CodeIntegrity\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Compat-Appraiser\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Containers-BindFlt\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Containers-Wcifs\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Containers-Wcnfs\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-CoreSystem-SmsRouter-Events\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-CorruptedFileRecovery-Client\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-CorruptedFileRecovery-Server\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Crypto-DPAPI\BackUpKeySvc\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Crypto-DPAPI\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Crypto-NCrypt\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-DAL-Provider\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-DataIntegrityScan\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-DataIntegrityScan\CrashRecovery\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-DateTimeControlPanel\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Deduplication\Diagnostic\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Deduplication\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Deduplication\Scrubbing\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-DeviceGuard\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Devices-Background\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-DeviceSetupManager\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-DeviceSetupManager\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-DeviceSync\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-DeviceUpdateAgent\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Dhcp-Client\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Dhcpv6-Client\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Diagnosis-DPS\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Diagnosis-PCW\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Diagnosis-PLA\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Diagnosis-Scheduled\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Diagnosis-Scripted\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Diagnosis-Scripted\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Diagnostics-Networking\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Diagnostics-Performance\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-DiskDiagnostic\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-DiskDiagnosticDataCollector\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-DiskDiagnosticResolver\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-DSC\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-DSC\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-DucUpdateAgent\Operational\Enabled">0</Tweak>
				<Tweak name="Channels\Microsoft-Windows-DxgKrnl-Admin\Enabled">0</Tweak>
				<Tweak name="Channels\Microsoft-Windows-DxgKrnl-Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-EapHost\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-EapMethods-RasChap\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-EapMethods-RasTls\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-EapMethods-Sim\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-EapMethods-Ttls\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-EDP-Application-Learning\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-EDP-Audit-Regular\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-EDP-Audit-TCB\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Policy\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-EventCollector\Operational\Enabled">0</Tweak>
				<Tweak name="Channels\Setup\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Fault-Tolerant-Heap\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-FeatureConfiguration\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-FileHistory-Core\WHC\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-FileHistory-Engine\BackupLog\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-FMS\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Folder Redirection\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Forwarding\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-GenericRoaming\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-GroupPolicy\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-HelloForBusiness\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Help\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-HomeGroup Control Panel\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-HomeGroup Listener Service\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-HomeGroup Provider Service\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-HotspotAuth\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Hyper-V-Guest-Drivers\Admin\Enabled">0</Tweak>
				<Tweak name="Channels\Microsoft-Windows-Hyper-V-Hypervisor-Admin\Enabled">0</Tweak>
				<Tweak name="Channels\Microsoft-Windows-Hyper-V-Hypervisor-Operational\Enabled">0</Tweak>
				<Tweak name="Channels\Microsoft-Windows-Hyper-V-VID-Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-IdCtrls\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-CoreApplication\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-TWinUI\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-International-RegionalOptionsControlPanel\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Iphlpsvc\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-IPxlatCfg\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-KdsSvc\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Kernel-Boot\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Kernel-EventTracing\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Kernel-IO\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Kernel-LiveDump\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Kernel-PnP\Configuration\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Kernel-PnP\Driver Watchdog\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Kernel-Power\Thermal-Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Kernel-ShimEngine\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Kernel-StoreMgr\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Kernel-WDI\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Kernel-WHEA\Errors\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Kernel-WHEA\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-KeyboardFilter\Admin\Enabled">0</Tweak>
				<Tweak name="Channels\Microsoft-Windows-Known Folders API Service\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-LanguagePackSetup\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-LiveId\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-MemoryDiagnostics-Results\Debug\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task\Operational\Enabled">0</Tweak>
				<Tweak name="Channels\SMSApi\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-ModernDeployment-Diagnostics-Provider\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-ModernDeployment-Diagnostics-Provider\Autopilot\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-ModernDeployment-Diagnostics-Provider\ManagementService\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Mprddm\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-MUI\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-MUI\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-NcdAutoSetup\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-NCSI\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-NdisImPlatform\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-NetworkProfile\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-NetworkProvider\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-NetworkProvisioning\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-NlaSvc\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Ntfs\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Ntfs\WHC\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-NTLM\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-OcpUpdateAgent\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-OfflineFiles\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-OneBackup\Debug\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-OOBE-Machine-DUI\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-PackageStateRoaming\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-ParentalControls\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Partition\Diagnostic\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-PerceptionRuntime\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-PerceptionSensorDataService\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-PersistentMemory-Nvdimm\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-PersistentMemory-PmemDisk\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-PersistentMemory-ScmBus\Certification\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-PersistentMemory-ScmBus\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-PowerShell\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-PowerShell\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-NetworkLocationWizard\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-PrintBRM\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-PrintService\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Privacy-Auditing\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Program-Compatibility-Assistant\CompatAfterUpgrade\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Provisioning-Diagnostics-Provider\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Provisioning-Diagnostics-Provider\AutoPilot\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Provisioning-Diagnostics-Provider\ManagementService\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-PushNotification-Platform\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-PushNotification-Platform\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-ReadyBoost\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-ReadyBoostDriver\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-ReFS\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-RemoteApp and Desktop Connections\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-RemoteApp and Desktop Connections\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-RemoteAssistance\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-RemoteAssistance\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-RemoteDesktopServices-RdpCoreTS\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-RemoteDesktopServices-RdpCoreTS\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-RemoteDesktopServices-RemoteFX-Synth3dvsc\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-RemoteDesktopServices-SessionServices\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Resource-Exhaustion-Detector\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Resource-Exhaustion-Resolver\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-RestartManager\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-RetailDemo\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-RetailDemo\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Security-Adminless\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Security-Audit-Configuration-Client\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Security-EnterpriseData-FileRevocationManager\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Security-LessPrivilegedAppContainer\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Security-Mitigations\KernelMode\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Security-Mitigations\UserMode\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Security-Netlogon\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Security-SPP-UX-GenuineCenter-Logging\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Security-SPP-UX-Notifications\ActionCenter\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Security-UserConsentVerifier\Audit\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SecurityMitigationsBroker\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SENSE\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SenseIR\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SettingSync-Azure\Debug\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SettingSync-Azure\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SettingSync-OneDrive\Debug\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SettingSync-OneDrive\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SettingSync\Debug\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SettingSync\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Authentication User Interface\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Shell-ConnectedAccountState\ActionCenter\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Shell-Core\ActionCenter\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Shell-Core\AppDefaults\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Shell-Core\LogonTasksChannel\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Shell-Core\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-ShellCommon-StartLayoutPopulation\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SmartCard-Audit\Authentication\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SmartCard-DeviceEnum\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SmartCard-TPM-VCard-Module\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SmartCard-TPM-VCard-Module\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SmbClient\Audit\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SmbClient\Connectivity\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SMBClient\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SmbClient\Security\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SMBDirect\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SMBServer\Audit\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SMBServer\Connectivity\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SMBServer\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SMBServer\Security\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SMBWitnessClient\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SMBWitnessClient\Informational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-StateRepository\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-StateRepository\Restricted\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Storage-Tiering\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-StorageManagement\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-StorageSettings\Diagnostic\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-StorageSpaces-Driver\Diagnostic\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-StorageSpaces-Driver\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-StorageSpaces-ManagementAgent\WHC\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-StorageSpaces-SpaceManager\Diagnostic\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-StorageSpaces-SpaceManager\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Storage-ClassPnP\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Store\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Storage-Storport\Health\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Storage-Storport\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Storsvc\Diagnostic\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SystemSettingsThreshold\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-TaskScheduler\Maintenance\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-TCPIP\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-TerminalServices-RDPClient\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-TerminalServices-ClientUSBDevices\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-TerminalServices-ClientUSBDevices\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-TerminalServices-LocalSessionManager\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-TerminalServices-LocalSessionManager\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-TerminalServices-PnPDevices\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-TerminalServices-PnPDevices\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-TerminalServices-Printers\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-TerminalServices-Printers\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-TerminalServices-RemoteConnectionManager\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-TerminalServices-RemoteConnectionManager\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-TerminalServices-ServerUSBDevices\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-TerminalServices-ServerUSBDevices\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Time-Service-PTP-Provider\PTP-Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Time-Service\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Troubleshooting-Recommended\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Troubleshooting-Recommended\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-TZSync\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-TZUtil\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-UAC-FileVirtualization\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-UAC\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-SearchUI\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-UniversalTelemetryClient\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-User Device Registration\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-User Profile Service\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-User Control Panel\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-User-Loader\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-UserPnp\ActionCenter\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-UserPnp\DeviceInstall\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-VDRVROOT\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-VerifyHardwareSecurity\Admin\Enabled">0</Tweak>
				<Tweak name="Channels\Microsoft-Windows-VHDMP-Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Volume\Diagnostic\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-VolumeSnapshot-Driver\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-VPN-Client\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Wcmsvc\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-WDAG-PolicyEvaluator-CSP\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-WDAG-PolicyEvaluator-GP\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-WebAuthN\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-WER-PayloadHealth\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-IKE\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-VPN\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-WFP\Operational\Enabled">0</Tweak>
				<Tweak name="Channels\Microsoft-WindowsPhone-Connectivity-WiFiConnSvc-Channel\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Win32k\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Windows Defender\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Windows Defender\WHC\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Windows Firewall With Advanced Security\ConnectionSecurity\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Windows Firewall With Advanced Security\Firewall\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Windows Firewall With Advanced Security\FirewallDiagnostics\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-WindowsBackup\ActionCenter\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-WindowsSystemAssessmentTool\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-WindowsUpdateClient\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-WinINet-Config\ProxyConfigChanged\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Winlogon\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-WinRM\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Winsock-WS2HELP\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Wired-AutoConfig\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-WLAN-AutoConfig\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-WMI-Activity\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-WorkFolders\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-WorkFolders\WHC\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-Workplace Join\Admin\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-WPD-CompositeClassDriver\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-WPD-MTPClassDriver\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-WPD-ClassInstaller\Operational\Enabled">0</Tweak>
				<Tweak name="Microsoft-Windows-WWAN-SVC-Events\Operational\Enabled">0</Tweak>
				<Tweak name="OpenSSH\Admin\Enabled">0</Tweak>
				<Tweak name="OpenSSH\Operational\Enabled">0</Tweak>
			</TweakGroup>
			<TweakGroup name="Explorer">
				<Tweak name="Explorer\EnableAutoTray">0</Tweak>
				<Tweak name="OperationStatusManager\EnthusiastMode">1</Tweak>
				<Tweak name="Explorer\NoThumbnailCache">1</Tweak>
				<Tweak name="Explorer\ClearRecentDocsOnExit">1</Tweak>
				<Tweak name="cmd\HideBasedOnVelocityId">0</Tweak>
				<Tweak name="ControlPanel\StartupPage">1</Tweak>
				<Tweak name="ControlPanel\AllItemsIconView">1</Tweak>
				<Tweak name="Advanced\FolderContentsInfoTip">1</Tweak>
				<Tweak name="Explorer\NoTrayItemsDisplay">0</Tweak>
				<Tweak name="Advanced\HideMergeConflicts">1</Tweak>
				<Tweak name="Explorer\NoRecentDocsHistory">1</Tweak>
				<Tweak name="Advanced\SeparateProcess">1</Tweak>
				<Tweak name="Advanced\NavPaneExpandToCurrentFolder">1</Tweak>
				<Tweak name="Advanced\NavPaneShowAllFolders">1</Tweak>
				<Tweak name="Advanced\LaunchTo">1</Tweak>
				<Tweak name="Explorer\HubMode">1</Tweak>
				<Tweak name="Advanced\DontUsePowerShellOnWinX">0</Tweak>
				<Tweak name="Explorer\DisableSearchBoxSuggestions">1</Tweak>
				<Tweak name="Explorer\HideClock">0</Tweak>
				<Tweak name="Explorer\ShowDriveLettersFirst">4</Tweak>
				<Tweak name="Explorer\NoNetConnectDisconnect">0</Tweak>
				<Tweak name="Advanced\ShowInfoTip">1</Tweak>
				<Tweak name="Advanced\ShowSyncProviderNotifications">0</Tweak>
				<Tweak name="Advanced\SharingWizardOn">0</Tweak>
				<Tweak name="Advanced\HideFileExt">0</Tweak>
			</TweakGroup>
			<TweakGroup name="Network">
				<Tweak name="DNSClient\DisableSmartNameResolution">1</Tweak>
				<Tweak name="Main\Isolation64Bit">0</Tweak>
				<Tweak name="Main\Isolation">PMIL</Tweak>
				<Tweak name="Parameters\IRPStackSize">30</Tweak>
				<Tweak name="System\LocalAccountTokenFilterPolicy">1</Tweak>
				<Tweak name="NewNetworkWindowOff\NewNetworkWindowOff">1</Tweak>
				<Tweak name="Parameters\DisableBandwidthThrottling">1</Tweak>
				<Tweak name="Parameters\DisableCompression">1</Tweak>
			</TweakGroup>
			<TweakGroup name="PowerAndShutdown">
				<Tweak name="Power\HiberbootEnabled">0</Tweak>
				<Tweak name="FlyoutMenuSettings\ShowHibernateOption">1</Tweak>
				<Tweak name="FlyoutMenuSettings\ShowLockOption">1</Tweak>
				<Tweak name="FlyoutMenuSettings\ShowSleepOption">1</Tweak>
				<Tweak name="System\ShutdownWithoutLogon">1</Tweak>
			</TweakGroup>
			<TweakGroup name="Privacy">
				<Tweak name="appointments\Value">Deny</Tweak>
				<Tweak name="phoneCallHistory\Value">Deny</Tweak>
				<Tweak name="webcam\Value">Deny</Tweak>
				<Tweak name="contacts\Value">Deny</Tweak>
				<Tweak name="appDiagnostics\Value">Deny</Tweak>
				<Tweak name="documentsLibrary\Value">Deny</Tweak>
				<Tweak name="email\Value">Deny</Tweak>
				<Tweak name="broadFileSystemAccess\Value">Deny</Tweak>
				<Tweak name="chat\Value">Deny</Tweak>
				<Tweak name="microphone\Value">Deny</Tweak>
				<Tweak name="userNotificationListener\Value">Deny</Tweak>
				<Tweak name="phoneCall\Value">Deny</Tweak>
				<Tweak name="picturesLibrary\Value">Deny</Tweak>
				<Tweak name="radios\Value">Deny</Tweak>
				<Tweak name="LooselyCoupled\Value">Deny</Tweak>
				<Tweak name="userDataTasks\Value">Deny</Tweak>
				<Tweak name="userAccountInformation\Value">Deny</Tweak>
				<Tweak name="videosLibrary\Value">Deny</Tweak>
				<Tweak name="Client\OptInOrOutPreference">0</Tweak>
				<Tweak name="System\AllowExperimentation">0</Tweak>
				<Tweak name="System\AllowLocation">0</Tweak>
				<Tweak name="DataCollection\AllowTelemetry">0</Tweak>
				<Tweak name="CloudContent\DisableWindowsConsumerFeatures">1</Tweak>
				<Tweak name="features\PaidWifi">0</Tweak>
				<Tweak name="features\WiFiSenseOpen">0</Tweak>
				<Tweak name="ContentDeliveryManager\SilentInstalledAppsEnabled">0</Tweak>
				<Tweak name="System\AllowClipboardHistory">0</Tweak>
				<Tweak name="CloudContent\DisableCloudOptimizedContent">1</Tweak>
				<Tweak name="AppCompat\DisableInventory">1</Tweak>
				<Tweak name="TrainedDataStore\HarvestContacts">0</Tweak>
				<Tweak name="InputPersonalization\RestrictImplicitTextCollection">1</Tweak>
				<Tweak name="InputPersonalization\RestrictImplicitInkCollection">1</Tweak>
				<Tweak name="Windows Search\AllowCortana">0</Tweak>
				<Tweak name="Search\HistoryViewEnabled">0</Tweak>
				<Tweak name="Search\DeviceHistoryEnabled">0</Tweak>
				<Tweak name="Advanced\ShowCortanaButton">0</Tweak>
				<Tweak name="Rules\NumberOfSIUFInPeriod">0</Tweak>
				<Tweak name="SmartGlass\UserAuthPolicy">0</Tweak>
				<Tweak name="SmartGlass\BluetoothPolicy">0</Tweak>
				<Tweak name="BackgroundAccessApplications\GlobalUserDisabled">0</Tweak>
				<Tweak name="AdvertisingInfo\Enabled">0</Tweak>
				<Tweak name="Privacy\TailoredExperiencesWithDiagnosticDataEnabled">0</Tweak>
				<Tweak name="AppSettings\Skype-UserConsentAccepted">0</Tweak>
				<Tweak name="User Profile\HttpAcceptLanguageOptOut">1</Tweak>
				<Tweak name="System\EnableActivityFeed">0</Tweak>
				<Tweak name="Advanced\Start_TrackProgs">0</Tweak>
				<Tweak name="Advanced\Start_TrackDocs">0</Tweak>
				<Tweak name="ContentDeliveryManager\SystemPaneSuggestionsEnabled">0</Tweak>
				<Tweak name="InputPersonalization\AllowInputPersonalization">0</Tweak>
				<Tweak name="Settings\AcceptedPrivacyPolicy">0</Tweak>
				<Tweak name="ContentDeliveryManager\PreInstalledAppsEnabled">0</Tweak>
				<Tweak name="ContentDeliveryManager\OemPreInstalledAppsEnabled">0</Tweak>
				<Tweak name="AppCompat\DisablePCA">1</Tweak>
				<Tweak name="Windows Search\AllowCloudSearch">0</Tweak>
				<Tweak name="Search\BingSearchEnabled">0</Tweak>
				<Tweak name="TIPC\Enabled">0</Tweak>
				<Tweak name="System\EnableCdp">0</Tweak>
				<Tweak name="Shell\BagMRU Size">1</Tweak>
				<Tweak name="Explorer\ShowFrequent">0</Tweak>
				<Tweak name="ContentDeliveryManager\SubscribedContent-338393Enabled">0</Tweak>
				<Tweak name="ContentDeliveryManager\SubscribedContent-310093Enabled">0</Tweak>
				<Tweak name="Explorer\ShowRecent">0</Tweak>
				<Tweak name="UserProfileEngagement\ScoobeSystemSettingEnabled">0</Tweak>
				<Tweak name="AppHost\EnableWebContentEvaluation">0</Tweak>
				<Tweak name="Settings\InsightsEnabled">0</Tweak>
				<Tweak name="AnqpCache\OsuRegistrationStatus">0</Tweak>
				<Tweak name="FlipAhead\FPEnabled">0</Tweak>
				<Tweak name="MicrosoftEdge\PhishingFilter\Enabledv9">0</Tweak>
				<Tweak name="Internet Explorer\PhishingFilter\Enabledv9">0</Tweak>
				<Tweak name="Explorer\SmartScreenEnabled">Off</Tweak>
				<Tweak name="CloudContent\DisableWindowsSpotlightFeatures">1</Tweak>
			</TweakGroup>
			<TweakGroup name="StartTweaks">
				<Tweak name="Start\HideAppList">1</Tweak>
				<Tweak name="Start\HideFrequentlyUsedApps">1</Tweak>
				<Tweak name="Start\HideRecentlyAddedApps">1</Tweak>
				<Tweak name="Start\AllowPinnedFolderDocuments">0</Tweak>
				<Tweak name="Start\AllowPinnedFolderDownloads">0</Tweak>
				<Tweak name="Start\AllowPinnedFolderFileExplorer">1</Tweak>
				<Tweak name="Start\AllowPinnedFolderHomeGroup">0</Tweak>
				<Tweak name="Start\AllowPinnedFolderMusic">0</Tweak>
				<Tweak name="Start\AllowPinnedFolderNetwork">1</Tweak>
				<Tweak name="Start\AllowPinnedFolderPersonalFolder">0</Tweak>
				<Tweak name="Start\AllowPinnedFolderPictures">0</Tweak>
				<Tweak name="Start\AllowPinnedFolderSettings">1</Tweak>
				<Tweak name="Start\AllowPinnedFolderVideos">0</Tweak>
				<Tweak name="Start\HideUserTile">1</Tweak>
				<Tweak name="Start\HideLock">1</Tweak>
				<Tweak name="Start\HideSignOut">1</Tweak>
				<Tweak name="Start\HideSwitchAccount">1</Tweak>
			</TweakGroup>
			<TweakGroup name="System">
				<Tweak name="Activation\Manual">1</Tweak>
				<Tweak name="Appx\AllowAutomaticAppArchiving">0</Tweak>
				<Tweak name="Winlogon\RestartApps">1</Tweak>
				<Tweak name="Configuration\DisableResetbase">0</Tweak>
				<Tweak name="System\EnableFirstLogonAnimation">0</Tweak>
				<Tweak name="GraphicsDrivers\HwSchMode">2</Tweak>
				<Tweak name="System\EnableLinkedConnections">1</Tweak>
				<Tweak name="System\NoConnectedUser">3</Tweak>
				<Tweak name="OneDrive\DisableFileSyncNGSC">1</Tweak>
				<Tweak name="Memory Management\PagingFiles1">-:\pagefile.sys</Tweak>
				<Tweak name="Terminal Server\fDenyTSConnections">0</Tweak>
				<Tweak name="RDP-Tcp\UserAuthentication">0</Tweak>
				<Tweak name="ReserveManager\ShippedWithReserves">0</Tweak>
				<Tweak name="LabConfig\BypassStorageCheck">1</Tweak>
				<Tweak name="LabConfig\BypassTPMCheck">1</Tweak>
				<Tweak name="StoragePolicy\01">0</Tweak>
				<Tweak name="StoragePolicy\512">0</Tweak>
				<Tweak name="StoragePolicy\256">0</Tweak>
				<Tweak name="StoragePolicy\04">0</Tweak>
				<Tweak name="StoragePolicy\2048">0</Tweak>
				<Tweak name="Environment\TEMP">%TEMP%</Tweak>
				<Tweak name=".NETFramework\OnlyUseLatestCLR">1</Tweak>
				<Tweak name="UserGpuPreferences\DirectXUserGlobalSettings">VRROptimizeEnable=1</Tweak>
				<Tweak name="DeviceGuard\EnableVirtualizationBasedSecurity">0</Tweak>
			</TweakGroup>
			<TweakGroup name="TCPIPSettings">
				<Tweak name="parameters\DeadGWDetectDefault">0</Tweak>
				<Tweak name="parameters\DisableReverseAddressRegistrations">0</Tweak>
				<Tweak name="parameters\DisableDynamicUpdate">1</Tweak>
				<Tweak name="parameters\EnableICMPRedirect">0</Tweak>
				<Tweak name="parameters\PerformRouterDiscovery">0</Tweak>
			</TweakGroup>
			<TweakGroup name="UAC">
				<Tweak name="System\EnableLUA">0</Tweak>
				<Tweak name="System\FilterAdministratorToken">0</Tweak>
				<Tweak name="System\ConsentPromptBehaviorAdmin">1</Tweak>
				<Tweak name="System\EnableUIADesktopToggle">1</Tweak>
			</TweakGroup>
			<TweakGroup name="WindowsDefender">
				<Tweak name="State\AccountProtection_MicrosoftAccount_Disconnected">0</Tweak>
				<Tweak name="Notifications\DisableNotifications">1</Tweak>
				<Tweak name="Notifications\DisableEnhancedNotifications">1</Tweak>
				<Tweak name="Features\TamperProtection">0</Tweak>
				<Tweak name="Windows Defender\DisableAntiSpyware">1</Tweak>
			</TweakGroup>
			<TweakGroup name="WindowsUpdate">
				<Tweak name="DriverSearching\SearchOrderConfig">1</Tweak>
				<Tweak name="DeliveryOptimization\DODownloadMode">99</Tweak>
				<Tweak name="MRT\DontOfferThroughWUAU">1</Tweak>
				<Tweak name="Settings\HideMCTLink">1</Tweak>
				<Tweak name="Settings\RestartNotificationsAllowed2">0</Tweak>
				<Tweak name="AU\AUOptions">2</Tweak>
			</TweakGroup>
		</Settings>
		<Services>
			<TweakGroup name="services">
				<Tweak name="Dnscache\Dnscache">3</Tweak>
				<Tweak name="MapsBroker\MapsBroker">3</Tweak>
			</TweakGroup>
		</Services>
		<ExtraServices>
			<TweakGroup name="drivers">
				<Tweak name="cdrom\cdrom">3</Tweak>
				<Tweak name="luafv\luafv">3</Tweak>
			</TweakGroup>
		</ExtraServices>
		<ScheduledTasks></ScheduledTasks>
	</Tweaks>

 76 total views

NTLite cannot run Powershell scripts with Windows 10 21H2

Turns out Microsoft decided to not allow you to run Powershell scripts out of the box. The Execution-Policy is set to be disabled and you have to go to Powershell to run

Set-ExecutionPolicy unrestricted -force

The -force switch skips the prompt. However, this is a chick and egg problem with slipstreaming as you need to execute this first programmatically. I tried to use CMD files to do powershell -command "Set-ExecutionPolicy unrestricted -force" but it does not work and quite a few people reported ignoring execution policy with -ExecutionPolicy Bypass switch to powershell.exe does not work with NTLite either.

It’s a colossal pain in the butt. Microsoft deciding to prevent Powershell scripts from running by default broke NTLite’s powershell scripting.

I decided to take a look at registry values that can be changed and this website suggested there is one. There’s a typo on the website. It’s not in HKCU but in HKLM (his screenshots says HKLM). The correct path is changing the string value ExecutionPolicy to Unrestricted in the key HKLM\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell

I cannot confirm when the registry files are loaded in NTLite. It could be too early or too late. (Looks like it’s too early to me since MDM fake enrollment registry files do not take effect and I had to use reg command script later).

So instead, I’ll do the registry change as a CMD script:

reg add "HKLM\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell" /t REG_SZ  /v ExecutionPolicy /d "Unrestricted" /f

Set it as the first script to run, or at least it has to run before the .ps1 (powershell) script

 76 total views,  1 views today

NTLite Unattended installation will mark your machine as managed by the corporate office

You’ll have to fake a MDM enrollment to get rid of the warning through registry entries, but loading the registry file in NTLite won’t work since it has to be processed after the unattended installation. This can be done by adding the registry entries with batch files to be run at Post-Setup

reg add "HKLM\SOFTWARE\Microsoft\Enrollments\FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF" /t REG_DWORD /v EnrollmentState /d 1 /f
reg add "HKLM\SOFTWARE\Microsoft\Enrollments\FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF" /t REG_DWORD /v EnrollmentType /d 0 /f
reg add "HKLM\SOFTWARE\Microsoft\Enrollments\FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF" /t REG_DWORD /v IsFederated /d 0 /f

reg add "HKLM\SOFTWARE\Microsoft\Provisioning\OMADM\Accounts\FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF" /t REG_DWORD /v Flags /d 0x00d6fb7f /f
reg add "HKLM\SOFTWARE\Microsoft\Provisioning\OMADM\Accounts\FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF" /t REG_SZ /v AcctUId /d "0x000000000000000000000000000000000000000000000000000000000000000000000000" /f
reg add "HKLM\SOFTWARE\Microsoft\Provisioning\OMADM\Accounts\FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF" /t REG_DWORD /v RoamingCount /d 0 /f
reg add "HKLM\SOFTWARE\Microsoft\Provisioning\OMADM\Accounts\FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF" /t REG_SZ /v SslClientCertReference /d "MY;User;0000000000000000000000000000000000000000" /f
reg add "HKLM\SOFTWARE\Microsoft\Provisioning\OMADM\Accounts\FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF" /t REG_SZ /v ProtoVer /d "1.2" /f

 76 total views,  1 views today

Powershell notes (for MATLAB/python users)

Data Type characteristics

PowershellMATLABPython
Nearly everything is a/anObjectMatrix (APL-philosophy)Object (which are dictionaries)
Assignment behavior*Reassigned referenceCopy-on-writeReassigned reference
Monads (wrapper for heterogenous data )Array/CollectionsCellsLists

* Shallow assignment (transferring reference only) means the LHS does not have its own copy, so modifying the new reference will modify the underlying data on the RHS.

Syntax / Usage

PowershellMATLABPython
Method chainingYesMight misbehaveYes
List ComprehensionNo. Map first then filterYes
Named input argumentsNative
f -a 1 -b 22
Name-Value pairs parsed insideNative
f(a=13, b=22)
Implicit NON-NULL return valueOptional
Binary map operationNative matrix ops
*fun() does n-ary
Use numpy
list( map(operator.add, L1, L2) )
Check Type$g -is [type]is*() or isa()isinstance(val, type)
Unpacking (flattening)
monads in monads
Default
Use unary , to avoid
No
Use [{:}] to perform
No
Use *, list comp, or
list(itertools.chain(*ls))
Conditional/statement block inside container creationYes?
View Object Info with Data| Format-List -Property *
or
Format-List -InputObject
properties()
methods()
get()
List members (method and properties)’s prototypes| Get-Member

Powershell specific

  • The UNCAPTURED output value in the last line of the block is the return value! Unary side effect statements such as $x++ do not have output value. Watch out for statements that looks like it’s going nowhere at the end of the code as these are not nop/bugs, but return value. This has the same stench as fall-throughs.
  • foreach() follows the last uncaptured output value return rule above doing a 1-to-1 map from the input collection to output collection (you can assign output to foreach() as it’s also seen as a function)
  • Powershell suck at binary operations between two arrays. Just an elementwise A+B you’d be thinking in terms of loops and worry about dimensions.
  • You can put if and loop blocks inside collections list construction, like this:
@( 3, if(cond1){...; $v1}  do{...; $v2}while(cond2) )

MATLAB specific

  • When used with classes and custom matrices/arrays, chaining fields/properties/methods by indices often do not work, when they do, they often give out only the first element instead of the entire array (IIRC, there are operator methods that needs to be coordinated in the classes involved to make sure they chain correctly). In short, just don’t chain unless in very simple, scalar cases. Always output it to a variable a access the leaf.

Range & Indexing

PowershellMATLABPython
Logical IndexingYesNo. Use list comprehension/Numpy
Negative (cyclic) IndexingYesYes
end‘ of array keywordYesNo. Skip stop in slice instead
Step (skip every n items)YesYes. Both range or slice
Detect descending rangeYes
Automatic extend arrayYes
Reading array out of boundsDo nothingErrorError

Negative (cyclic) indexing along with automatic descending range, along with the lack of ‘end’ keyword is a huge pain in the rear when you want to scan from left to right like A[5:end].

Instead, you’ll have to do $A[4..($A.length-1)] because the range 4..-1 inside A[4..-1] is unrolled as 4,3,2,1,0,-1 (thus scanning from right to left and wraps around) without first consulting with the array A like the end keyword in MATLAB does so it can substitute the ends of the range with the array information before it unrolls.

I am willing to bet that this behavior does not have a sound basis other than people thinking negative indices and descending ranges alone are two good ideas without realizing that nearly nobody freaking wants to scan from right to left and wrap around!

I had the same gripes about negative indices in Python not carefully coordinating with other combinations in common use cases which cases unintuitive behavior.

Range indexing syntax

# Powershell
1..10 # No step/skip for range creation
A[1..10]  # No special treatment in array such as figuring out the 'end'

% MATLAB
A[start:(step):stop]

# Python
A[range(start,stop,step)]
# Slicing (it's not range)
A[(start):(stop):(step)] # Can skip everything 
# In Python, A=X merely reassign the label A as the alias for X.
# Modifying the reassigned A through A=X will modify underlying contents of X
# To deep-copy contents without .Clone(), assign the full slice
A[:] = X

Hasthtable / Dictionaries

% MATLAB: Use dynamic fields in struct or containers.Map()
# Python: dictionaries such as {a:1, b='x'}
# Powershell: @{a=1, b='x'}

Structs

Powershell does not have direct struct or dynamic field name struct. Instead if your object is uniform (you expect the fields not to change much), use [PSCustomObject]@{}. You can also just use simple hashtable @{}, but for some reason it doesn’t work the way I expected when put into arrays when I try to reference it by array index.

Array rules surprises

  • Array comparisons are filtering operation (not boolean array output like MATLAB). (0..9) -ge 5 gives 5 to 9, not a list of False … False, True … True. To get a boolean array, use this shortcut:
(0..9) | % {$_ -ge 5}

Map-filter combo syntax is | ? instead of Map syntax | %

  • Monad (Cells in MATLAB) are unpacked and stacked by default (in MATLAB, I had to write a lot of routines to unpack and stack cells of cells). To keep cells packed (in MATLAB lingo, it’s like ‘UniformOutput’, false in cellfun), add a comma unary operator in front of the operation that are expected to be unpacked like this:
.$_.Split('_')

Set Operations

This is one of the WTF moments of Powershell as a programming language. Convenient set operations is essential for most of the routine boring stuff that involves relational data. A lot of Powershell’s intended audience works in database like environment (like IT managers dealing with Active Directory), they have Group-Object for typical data analysis tasks, yet they make life miserable just to do basic set operations like intersection and differencing!

Powershell has a Compare-Object, but this is as unnatural and annoying to use as users are effectively rebuilding all 4 basic set-ops (intersection, union, set-diff, xor) based on any two! Not to mention you have to sift through table to get to the piece you wanted!

Basically Compare-Object out of the box

  • is a set-diff showing both directions (A\B and also B\A) at the same time. If you throw away the direction info, it’s xor.
  • if you want intersection, you’ll need to add -IncludeEqual -ExcludeDifferent
  • (WTF!) If you just specify -ExcludeDifferent, by definition there’s no output because by default Compare-Object shows you ONLY the two set-diffs and you are telling it to not show any diffs!
  • Union is specifying -IncludeEqual only. But it’d rather stack both then do a | Sort-Object - Unique

Some people might suggest doing | ? {$_ -eq $B} for intersection (or is-member). This is generally a bad idea if you have a lot of data because it’s in the O(n*n) runtime algorithm (loop-within-loop) while any properly done intersection algorithm will just sort then scan the adjacent item to check for duplicates, which gives O(n log(n)) time (typical sorting algorithm takes up most of the time).

If you noticed, it’s set operations within the outputs of Compare-Objects with the Venn diagram of -IncludeEqual -ExcludeDifferent switches! It’s doable, but totally unnecessary mindfuck that should not be repeated frequently.

In MATLAB land, I made my own overloading operators that do set operation over cellstr(), categorical and tabular objects (I went into their code and added the features and talked to TMW so they added the features later), sometimes getting into their sort and indexing logic as necessary. This shows how badly do I need set operations to come naturally.

One might not deal with it too much in low level languages like C++ (STL set doesn’t get used as much compared to other containers), but for a language made to get a lot of common things done (i.e. the language designer kind of reads the users mind), I’m surprised that the Powershell team overlooked the set operations!

Sets are very powerful abstractions that should not be made less descriptive (hard to read) by dancing around it with equivalent operations with some programming gymnastics! If these basic stuff are not built in, we are going to see a lot of people taking ugly shortcuts to avoid coding up these bread and butter functions and put it in libraries (or downloading 3rd-party libraries)!

Powershell surprises

  • Typical symbolic comparison operators do not work because ‘>’ can be misinterpreted as redirection in command prompts. Use switches like -gt (greater than) instead.
  • Redirection’s default text output uses UTF16-LE encoding (2 bytes per character). Programs assuming ASCII (1 byte per character) might not behave as intended (e.g. if you use copy command merge an ASCII/UTF8 file with UTF16-LE, you might end up with spaces in the sections that are formatted with UTF16-LE)
  • Cannot extract string matches from regex without executing a -match which returns boolean unless we use the the $matches$ spilled into variable space. Consider [regex]::Match($Text, $Pattern).Groups[1].Value
  • Methods are called with parenthesis yet functions are not called with parenthesis, just like cmd-lets! Trying to call a function with multiple input arguments with parenthesis like f(3,5) will be interpreted as calling f with ONE ARGUMENT containing an ARRAY of 3 and 5!
  • Write-Host takes everything after it literally (white spaces included, almost like echo command), with the exception of plugging in $variables! If you want anything interpreted, such as concatenation, you need to put the bracket around the whole statement!

Libraries and Modules

  • Reload module using Import-Module $moduleName -Force

 68 total views

Regex Notes

Concepts

Mechanics

  • . any character
  • \ escapes special characters
  • characters (\d digits,\w word (i.e. letter/digit/underscore), \s whitespace).
  • [] character classes (define rules over what characters are accepted, unlike the . wildcard)
    [3-7] hypen inside [] bracket can specify ranges to mean things such as `[3,4,5,6,7]`
    [^ ...] is the mirror of it to exclude the mentioned characters
  • | choices (think of it as OR)
  • Complement (i.e. everything but) version are capitalized, such as \D is everything not a \d
  • whitespaces (\n newline, \t tab,

Modifiers

  • repetition quantifiers (? 0~1 times, + at least once, * any times, {match how many times})
  • (? ...) inline modifiers alters behaviors such as how newlines, case sensitivity, whether (...) captures or just groups, and comments within patterns are handled

Positioning rules

  • anchors (^ begins with, $ ends with)
  • \b word boundary

Output behavior

  • (...) capturing group, (?: ...) non-capturing group
  • \(index) content of previous matched groups/chunks referred to by indices.
    This feature generates derived new content instead of just extracting
  • (?( = | <= | ! | <! ) ...assertions...) lookarounds skips the contents mentioned in ...assertion... before/after the pattern so you can toss out the matched assertion from your capture results.

(?s) Also match newline characters (‘single-line’ or DOTALL mode)

Starting with (?s) flag (also called inline modifiers) expands the . (dot) single character pattern to ALSO match multiple lines (not by default).

Useful for extracting the contents of HTML blocks blindly and post-process it elsewhere

(?m) Pattern starts over as a new string for each line (‘multi-line’ mode)

Starting with (?m) flag tells anchors ^ (begin with) and $ (end with) to

Assertions: use lookarounds to skip (not capture) patterns
(?( = | <= | ! | <! ) assertion pattern)

  • < is lookbehind, no prefix-character is lookahead.
    -ahead/-behind refers to WHERE the you want TO CAPTURE relative to the assertion pattern,
    NOT what you want to assert (match and throw) away (inside the (? ...) )
  • = (positive) asserts the pattern inside the lookaround bracket,
    ! (negative) asserts the pattern inside the lookaround bracket MUST BE FALSE.

Assertions are very useful for getting to the meat you really want to capture rather than sifting through patterns introduced solely for making assertions that you intended to throw away

Extract HTML block

(?ms)(?<= starting tag pattern) body pattern (?= terminating tag pattern)

 61 total views

Using 3rd party packages for Powershell Install-Module

It make sense by default if you download 3rd party powershell packages like kbupdate, it should not run right away until you’ve done your due dilligence. You’ll get a warning like this during installation:

Untrusted repository
You are installing the modules from an untrusted repository. If you trust this repository, change its InstallationPolicy value by running the Set-PSRepository cmdlet. Are you sure you want to install the modules from 'PSGallery'?

But when I try to use it, I get an error message:

Get-KbUpdate : The 'Get-KbUpdate' command was found in the module 'kbupdate', but the module could not be loaded. For more information, run 'Import-Module kbupdate'.

Import-Module gives a cryptic message like this:

Import-Module : Errors occurred while loading the format data file:
D:\Administrator\Documents\WindowsPowerShell\Modules\PSFramework\1.6.214\xml\PSFramework.Format.ps1xml, ,
D:\Administrator\Documents\WindowsPowerShell\Modules\PSFramework\1.6.214\xml\PSFramework.Format.ps1xml: The file was
skipped because of the following validation exception: File
D:\Administrator\Documents\WindowsPowerShell\Modules\PSFramework\1.6.214\xml\PSFramework.Format.ps1xml cannot be
loaded because running scripts is disabled on this system. For more information, see about_Execution_Policies at
https:/go.microsoft.com/fwlink/?LinkID=135170..

Turns out either the package needs to be marked safe or just stop checking altogether:

Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy Unrestricted

 58 total views

Triple-Booting Windows 7, XP and DOS

Sometimes I need to do a little bit of retro-computing (not with virtual machines) to support some ancient hardware.

As far as compatibility is concerned, I have yet run across any weird piece of software that specifically requires Windows ME, 2000, Vista or Windows 8 to run that cannot be run with an OS one step up.

Windows 98 SE generally displaces anything from Windows 95 to Windows 98.

Windows 2000/XP usually run anything that are meant for NT starting from 4.0.

Windows NT 3.51 usually run Win32s programs that works on Win 3.1, except it’s way more stable.

Installation Order

The OSes should be installed from old to new:

  • DOS/Win 3.1 + 98 (SE)
  • XP
  • Windows 7

Reorganize boot menu

Windows XP installs a NT52 style (NTLDR) boot menu that recognizes DOS as a partition to boot. Windows 7 installer will install a NT60 style (BCD) boot menu that that the NTLDR loader as an OS (it’s called Earlier version of Windows) instead of directly booting to Windows XP. This means to get to Windows XP / DOS, you’ll have to select twice.

We can fix this by EasyBCD, which rebuilds the bootloader options for the installed OSes. Doing it with bcdedit is a major pain in the arse. There are some quirks to watch out for in the process no matter which path you choose:

  • You might need to boot into safe mode if the current BCD is locked.
  • Whatever OS that you are currently in calls itself C: and everybody else shifted according to the partition order.
  • When setting drive letter for the boot menu item, observe the drive letter scheme currently seen by the host OS. i.e. use C: when referring to the currently booted OS
  • Do not take up on EasyBCD’s offer to detect the drive letter automatically. They are likely to be wrong guesses that won’t boot, likely because of the shifting C: issue.

While you are at EasyBCD, it also offer the option of booting ISO (optical drives) and IMA (floppy) images, which I find it convenient for making the PC a tech service station.

Note that the DOS menu provided by EasyBCD went through an extra layer of indirection called GRUB4DOS, so it’s not as native as going through NT60 (BCD) > NT52 (NTLDR) > DOS in the sense that it installed foreign stuff not made by Microsoft such as Grub.

Tip about bcdedit

  • Some old versions of bcdedit’s /? menu did not tell you about the /store switch, which is necessary to manipulate foreign BCD files instead of the host BCD (that you used to boot to the current Windows you are working in).

 69 total views,  1 views today

Boot Windows 7 (and above) installer with HDD/SDD drives

For some very old system that doesn’t support hardware USB CD-ROM (ISO) emulators (or it only has USB 1.1 ports which is begrudgingly slow), there’s a way to put your installer in a HDD/SSD (IDE/SATA) and boot the installer image on them. Turns out it’s quite easy. All you need to do is copy the set of entire Windows installation files in an MBR drive with partition set active, then write the boot sector to it!

  1. Make sure your HDD is in MBR, not GPT
  2. Make a partition that’s bootable (can be NTFS) by marking it as Active (Active partition only make sense with MBR. That’s why you should make your disk MBR)
  3. Copy all the files from Windows CD image to the drive
  4. Run the following code the build the boot sector for the drive. One interesting twist is that you must run this command from the drive letter you want to rebuild the boot sector (or it’ll refuse to run) yet you have to specify what drive letter to rebuild the boot sector! Let’s call the drive P:\
P:\:> bootsect /nt60 P:\

The /nt60 is the modern boot manager for Windows 7 and above. /nt52 is Windows XP and old NT style (NTLDR) boot manager. Miss the old days when I was using winnt /b!

 109 total views

Windows 10 not sharing files (also not ping-able) out of the box

Firewall exception for “File and Printer Sharing” is not enabled by default. Check the boxes below to enable CIFS/SMB sharing.

Enabling “File and Printer Sharing” also enables pinging into the said Windows 10 machine since this group also enable “Echo Request – ICMPv4) that the details can be seen in Advanced Firewall Config rules.

Command line shortcuts

netsh advfirewall firewall set rule group="Network Discovery" new enable=Yes
netsh advfirewall firewall set rule group="File and Printer Sharing" new enable=Yes

 73 total views

Moving Windows User Folders quickly

Just out of good housekeeping, I’d like to move user folder to another drive letter so I can back it up quickly for re-installing Windows or plan program storage better (anything that can be re-installed, I don’t care to back it up).

There’s a lot of warning about messing with redefining where %userprofile% points to (which is %systemdrive%\Users\%username%) or using symbolic links (such as subst) for file redirection. So I’m sticking to the officially supported ways that doesn’t involve scripting or messing with the registry, i.e. move only the ones Microsoft expects users to be able to move it themselves.

I’ve identified these folders are safe to move:

The basic user shell folders

For a newly installed Windows 10, that’s basically every subfolders in %userprofile% itself!

Here’s the dumb way to do it which is taught nearly everywhere since Windows 7: using the location tab in these special shell folders:

They told you the hard and dangerous way modifying the registry, namely HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders:

It’d be a pain in the ass to do it for 13 folders in Windows 10 (much less in Windows 7 so it was reasonable to do it this way back in the days). Turns out through experimentation, I figured that you can just move the shell folders to your chosen the destination folder, and the shell folders (which are decorated with extra features) can figure out they are being moved register the notifiers (aka the registry) properly, which is all the steps in location tab condensed to one drag and drop!

I observed the registry location and see what are the impact of the moves. A bunch of new entries are created corresponding to the 13 subfolders being moved

I believe those are the unique names for the named folder as their superficial name can change without having program confused about their nature.

I noticed only 6 core subfolders (which are the bread and butter ones that was there since Windows 7) is updated with the new path.

The others that are not changed are heavily tied to programs you installed (AppData) and Windows Explorer config (start menu, right-click explorer context menus) and IE stuff (cache and cookies). These data do not relate to the typical files users must backup but the configuration files that store user preferences. This is why I’m not surprised when Microsoft tells people not to mess with them because old software cruft might not handle them in a unified way after 20+ years of evolution.

App/Tiles (Metro UI) data starting Windows 8

Easus’ blog page might have confused the shell folders with files for Metro UI (Apps) and thought this is another way of moving files, which isn’t. This is the additional step specific to Tiled App files:

What I forgot to annotate above is “New apps will save to:” will also generate a \WindowsApps\MutableBackup folder. Such “Program Files” is owned by ‘SYSTEM’ account and “WindowsApps” is owned by ‘TrustedInstaller’ account, which you cannot clean them up after you changed your mind without first taking ownership and give yourself full permissions. Here are the folders created by the first item of the “Change where new contents is saved” page:

It’s usually more convenient to move the shell folders to {target drive}:\%username% that’s shared with the special folders for the Apps with the same name so Apps and programs can share files with a common folder. But technically these are two split concepts and you are free to make them separate.

The registry is not where you should muck with the path. Please let Windows’s proper user interface (shell folder’s Location folder handling) do it as registry is just one of the many places they will manage the settings. Also remember moving these special (aka shell) folders do not move your %userprofile% which is your home folder that things like Powershell starts with by default (I had to change the working directory and there isn’t a variable associated with the {target drive}:\%username% because variables to those special folders do not manage their root.

 69 total views