Simple Server Setup Automation - Powershell

I know this kind of goes against the theme of this blog (SCCM) but we don't use OSD for deploying Servers because we don't do it that often.

I wanted another reason to write some more powershell though so I wrote the following to automate some of the simple tasks that we do when setting up new servers.  It doesn't save us much time but it ensures that our Servers are all setup with the same set of "standard" options.

#Set Variables
 #License Key
 $Productkey = "xxxxx-xxxxx-xxxxx-xxxxx-xxxxx"
 #IE ESC Keys
 $AdminKey = "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}"
 $UserKey = "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}"

# Disable Windows Firewall
set-service -name "SharedAccess" -ComputerName - Status stopped -startuptype disabled

# Enable RDC
(Get-WmiObject Win32_TerminalServiceSetting -Namespace root\cimv2\TerminalServices).SetAllowTsConnections(1,1) | Out-Null
(Get-WmiObject -Class "Win32_TSGeneralSetting" -Namespace root\cimv2\TerminalServices -Filter "TerminalName='RDP-tcp'").SetUserAuthenticationRequired(0) | Out-Null

#Enter License Key and Activate
Function Register-Computer 
{  [CmdletBinding(SupportsShouldProcess=$True)] 
   param ([parameter()][ValidateScript({ $_ -match "^\S{5}-\S{5}-\S{5}-\S{5}-\S{5}$"})][String]$Productkey , 
          [String] $Server="."   )
 

    $objService = get-wmiObject -query "select * from SoftwareLicensingService" -computername $server 
    if ($ProductKey) { If ($psCmdlet.shouldProcess($Server , $lStr_RegistrationSetKey)) {
                           $objService.InstallProductKey($ProductKey) | out-null  
                           $objService.RefreshLicenseStatus()         | out-null  } 

    }   get-wmiObject -query  "SELECT * FROM SoftwareLicensingProduct WHERE PartialProductKey <> null
                                                                   AND ApplicationId='55c92734-d682-4d71-983e-d6ec3f16059f'
                                                                   AND LicenseIsAddon=False" -Computername $server |

      foreach-object { If ($psCmdlet.shouldProcess($_.name , "Activate product" )) 

                             { $_.Activate()                      | out-null 

                               $objService.RefreshLicenseStatus() | out-null

                               $_.get()
                               If     ($_.LicenseStatus -eq 1) {write-verbose "Product activated successfully."} 
                               Else   {write-error ("Activation failed, and the license state is '{0}'" ` 
                                                      -f $licenseStatus[[int]$_.LicenseStatus] ) }
                            If     (-not $_.LicenseIsAddon) { return } 

              }               
             else { write-Host ($lStr_RegistrationState -f $lStr_licenseStatus[[int]$_.LicenseStatus]) } 
    } 
}

#Disable IE ESC
    Set-ItemProperty -Path $AdminKey -Name "IsInstalled" -Value 0
    Set-ItemProperty -Path $UserKey -Name "IsInstalled" -Value 1
    Stop-Process -Name Explorer
#    Write-Host "IE Enhanced Security Configuration (ESC) has been disabled." -ForegroundColor Green

#Disable UAC
    Set-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" -Name "ConsentPromptBehaviorAdmin" -Value 00000000
 Set-ItemProperty -Path registry::HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System -Name EnableLUA -Value 0
#    Write-Host "User Access Control (UAC) has been disabled." -ForegroundColor Green

#Install Windows Server Backup (BareMetal)
Import-Module ServerManager 
Add-WindowsFeature Backup-Features -Include 
Add-PSSnapin Windows.ServerBackup