As I add more virtual machines and physical servers to my Microsoft environment there are a few Windows features/settings I tend to always tweak for my own needs:

  • Remote Desktop — I use non network level authentication for connectivity with remote desktop because I am contained within my own private cloud but these settings can be changed based on your environment needs.
  • Internet Explorer Enhanced Security Configuration (IEESec) — Because I actually use the server desktop environment quite a bit the IE settings for IEESec tend to drive me nuts so I turn both Admin and User off. The script allows you to set either of these to On or Off.
  • Windows Firewall — I turn these off in my environment since I am in my own private cloud but within the script you can set Public, Private and Domain to your desired state.
  • Adding Windows Features — The only feature I always add is Multipath I/O.