@@ComputerName@@
1
certutil -p "Passw0rd" -importpfx %SYSTEMDRIVE%\temp\RDPCert.pfx
OnRequest
Import certificate
If there is one, copy original setupcomplete.cmd to a unique file
2
cmd /C if exist {%WINDIR%\Setup\Scripts\SetupComplete.cmd} (copy %WINDIR%\Setup\Scripts\SetupComplete.cmd %WINDIR%\Setup\Scripts\SC3746EE82-EA9D-423E-B99F-510F9D7FF4F5.cmd /y)
3
mkdir Scripts since Windows looks for SetupComplete.cmd in that dir. If the dir exists, it should be fine.
cmd.exe /C mkdir %WINDIR%\Setup\Scripts
4
Put certificate configuration command in SetupComplete.cmd
cmd /C echo wmic /namespace:\\root\cimv2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash="B0ECC19BF8397EE2661046334DB59F9E4ED0329F" >> %WINDIR%\Setup\Scripts\SetupComplete.cmd
5
Put shutdown VM in SetupComplete.cmd
cmd /C echo shutdown /s /f >> %WINDIR%\Setup\Scripts\SetupComplete.cmd
OnRequest
false
true
@FirewallAPI.dll,-28752
all
0
true
true
Passw0rd
<![CDATA[true</PlainText>
</AdministratorPassword>
</UserAccounts>
<TimeZone>@@TimeZone@@</TimeZone>
</component>
<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<UserLocale>en-US</UserLocale>
<SystemLocale>en-US</SystemLocale>
<UILanguage>en-US</UILanguage>
<InputLocale>0409:00000409</InputLocale>
</component>
</settings>
</unattend>
]]></plaintext></administratorpassword></useraccounts></component></settings></unattend>