From dae0393b003b6896529bf2b0dae7ee75c312464a Mon Sep 17 00:00:00 2001
From: Chris Long <clong@cl0ng.com>
Date: Thu, 25 Apr 2019 23:06:07 -0700
Subject: [PATCH] Fixing issues 228, 252, 255

---
 Vagrant/Vagrantfile                           |  11 ++---
 Vagrant/resources/GPO/rdp_users/manifest.xml  |   1 +
 .../Backup.xml                                |  20 +++++++++
 .../microsoft/windows nt/SecEdit/GptTmpl.inf  | Bin 0 -> 384 bytes
 .../bkupInfo.xml                              |   1 +
 .../gpreport.xml                              | Bin 0 -> 18348 bytes
 .../resources/windows/classic_shell_win7.reg  |   4 ++
 .../scripts/configure-powershelllogging.ps1   |  10 ++---
 Vagrant/scripts/configure-rdp-user-gpo.ps1    |  29 +++++++++++++
 Vagrant/scripts/install-utilities.ps1         |  39 +++++++++---------
 ci/build_machine_bootstrap.sh                 |  16 +++++--
 ci/circle_workflows/vagrant_changes.sh        |  10 ++---
 12 files changed, 101 insertions(+), 40 deletions(-)
 create mode 100644 Vagrant/resources/GPO/rdp_users/manifest.xml
 create mode 100644 Vagrant/resources/GPO/rdp_users/{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}/Backup.xml
 create mode 100644 Vagrant/resources/GPO/rdp_users/{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
 create mode 100644 Vagrant/resources/GPO/rdp_users/{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}/bkupInfo.xml
 create mode 100644 Vagrant/resources/GPO/rdp_users/{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}/gpreport.xml
 create mode 100644 Vagrant/resources/windows/classic_shell_win7.reg
 create mode 100644 Vagrant/scripts/configure-rdp-user-gpo.ps1

diff --git a/Vagrant/Vagrantfile b/Vagrant/Vagrantfile
index c5712f0..6969716 100644
--- a/Vagrant/Vagrantfile
+++ b/Vagrant/Vagrantfile
@@ -29,10 +29,6 @@ Vagrant.configure("2") do |config|
     cfg.vm.box = "detectionlab/win2016"
     cfg.vm.hostname = "dc"
     cfg.vm.boot_timeout = 600
-    # use the plaintext WinRM transport and force it to use basic authentication.
-    # NB this is needed because the default negotiate transport stops working
-    #    after the domain controller is installed.
-    #    see https://groups.google.com/forum/#!topic/vagrant-up/sZantuCM0q4
     cfg.winrm.transport = :plaintext
     cfg.vm.communicator = "winrm"
     cfg.winrm.basic_auth_only = true
@@ -58,13 +54,14 @@ Vagrant.configure("2") do |config|
     cfg.vm.provision "shell", path: "scripts/configure-wef-gpo.ps1", privileged: false
     cfg.vm.provision "shell", path: "scripts/configure-powershelllogging.ps1", privileged: false
     cfg.vm.provision "shell", path: "scripts/configure-AuditingPolicyGPOs.ps1", privileged: false
+    cfg.vm.provision "shell", path: "scripts/configure-rdp-user-gpo.ps1", privileged: false
     cfg.vm.provision "shell", path: "scripts/install-autorunstowineventlog.ps1", privileged: false
     cfg.vm.provision "shell", inline: 'wevtutil el | Select-String -notmatch "Microsoft-Windows-LiveId" | Foreach-Object {wevtutil cl "$_"}', privileged: false
     cfg.vm.provision "shell", inline: "Set-SmbServerConfiguration -AuditSmb1Access $true -Force", privileged: false
 
     cfg.vm.provider "vmware_desktop" do |v, override|
       v.vmx["displayname"] = "dc.windomain.local"
-      v.memory = 2560
+      v.memory = 3072
       v.cpus = 2
       v.gui = true
       v.enable_vmrun_ip_lookup = false
@@ -74,7 +71,7 @@ Vagrant.configure("2") do |config|
       vb.gui = true
       vb.name = "dc.windomain.local"
       vb.default_nic_type = "82545EM"
-      vb.customize ["modifyvm", :id, "--memory", 2560]
+      vb.customize ["modifyvm", :id, "--memory", 3072]
       vb.customize ["modifyvm", :id, "--cpus", 2]
       vb.customize ["modifyvm", :id, "--vram", "32"]
       vb.customize ["modifyvm", :id, "--clipboard", "bidirectional"]
@@ -145,12 +142,12 @@ Vagrant.configure("2") do |config|
     cfg.vm.network :private_network, ip: "192.168.38.104", gateway: "192.168.38.1", dns: "192.168.38.102"
 
     cfg.vm.provision "shell", path: "scripts/fix-second-network.ps1", privileged: false, args: "-ip 192.168.38.104 -dns 192.168.38.102"
+    cfg.vm.provision "shell", path: "scripts/MakeWindows10GreatAgain.ps1", privileged: false
     cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
     cfg.vm.provision "reload"
     cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
     cfg.vm.provision "shell", path: "scripts/download_palantir_wef.ps1", privileged: false
     cfg.vm.provision "shell", path: "scripts/download_palantir_osquery.ps1", privileged: false
-    cfg.vm.provision "shell", path: "scripts/MakeWindows10GreatAgain.ps1", privileged: false
     cfg.vm.provision "shell", inline: 'wevtutil el | Select-String -notmatch "Microsoft-Windows-LiveId" | Foreach-Object {wevtutil cl "$_"}', privileged: false
     cfg.vm.provision "shell", path: "scripts/install-splunkuf.ps1", privileged: false
     cfg.vm.provision "shell", path: "scripts/install-utilities.ps1", privileged: false
diff --git a/Vagrant/resources/GPO/rdp_users/manifest.xml b/Vagrant/resources/GPO/rdp_users/manifest.xml
new file mode 100644
index 0000000..fd766e0
--- /dev/null
+++ b/Vagrant/resources/GPO/rdp_users/manifest.xml
@@ -0,0 +1 @@
+<Backups xmlns="http://www.microsoft.com/GroupPolicy/GPOOperations/Manifest" xmlns:mfst="http://www.microsoft.com/GroupPolicy/GPOOperations/Manifest" mfst:version="1.0"><BackupInst><GPOGuid><![CDATA[{4EC18B73-0966-463C-BD39-72D0903AFE65}]]></GPOGuid><GPODomain><![CDATA[windomain.local]]></GPODomain><GPODomainGuid><![CDATA[{46037b97-c619-4c8b-b901-d264bbccc4c0}]]></GPODomainGuid><GPODomainController><![CDATA[dc.windomain.local]]></GPODomainController><BackupTime><![CDATA[2019-04-26T03:18:07]]></BackupTime><ID><![CDATA[{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}]]></ID><Comment><![CDATA[Allows windomain\vagrant to RDP to hosts]]></Comment><GPODisplayName><![CDATA[Allow Domain Users RDP]]></GPODisplayName></BackupInst></Backups>
\ No newline at end of file
diff --git a/Vagrant/resources/GPO/rdp_users/{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}/Backup.xml b/Vagrant/resources/GPO/rdp_users/{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}/Backup.xml
new file mode 100644
index 0000000..ab953e5
--- /dev/null
+++ b/Vagrant/resources/GPO/rdp_users/{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}/Backup.xml
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="utf-8"?><!-- Copyright (c) Microsoft Corporation.  All rights reserved. --><GroupPolicyBackupScheme bkp:version="2.0" bkp:type="GroupPolicyBackupTemplate" xmlns:bkp="http://www.microsoft.com/GroupPolicy/GPOOperations" xmlns="http://www.microsoft.com/GroupPolicy/GPOOperations">
+    <GroupPolicyObject><SecurityGroups><Group><Sid/><SamAccountName><![CDATA[Remote Desktop Users]]></SamAccountName><Type><![CDATA[Unknown]]></Type><NetBIOSDomainName/><DnsDomainName/><UPN/></Group><Group><Sid><![CDATA[S-1-5-21-2442050065-1280348291-2767644839-1000]]></Sid><SamAccountName><![CDATA[vagrant]]></SamAccountName><Type><![CDATA[User]]></Type><NetBIOSDomainName><![CDATA[WINDOMAIN]]></NetBIOSDomainName><DnsDomainName><![CDATA[windomain.local]]></DnsDomainName><UPN><![CDATA[vagrant@windomain.local]]></UPN></Group><Group bkp:Source="FromDACL"><Sid><![CDATA[S-1-5-21-2442050065-1280348291-2767644839-519]]></Sid><SamAccountName><![CDATA[Enterprise Admins]]></SamAccountName><Type><![CDATA[UniversalGroup]]></Type><NetBIOSDomainName><![CDATA[WINDOMAIN]]></NetBIOSDomainName><DnsDomainName><![CDATA[windomain.local]]></DnsDomainName><UPN><![CDATA[Enterprise Admins@windomain.local]]></UPN></Group><Group bkp:Source="FromDACL"><Sid><![CDATA[S-1-5-21-2442050065-1280348291-2767644839-512]]></Sid><SamAccountName><![CDATA[Domain Admins]]></SamAccountName><Type><![CDATA[GlobalGroup]]></Type><NetBIOSDomainName><![CDATA[WINDOMAIN]]></NetBIOSDomainName><DnsDomainName><![CDATA[windomain.local]]></DnsDomainName><UPN><![CDATA[Domain Admins@windomain.local]]></UPN></Group></SecurityGroups><FilePaths/><GroupPolicyCoreSettings><ID><![CDATA[{4EC18B73-0966-463C-BD39-72D0903AFE65}]]></ID><Domain><![CDATA[windomain.local]]></Domain><SecurityDescriptor>01 00 04 9c 00 00 00 00 00 00 00 00 00 00 00 00 14 00 00 00 04 00 ec 00 08 00 00 00 05 02 28 00 00 01 00 00 01 00 00 00 8f fd ac ed b3 ff d1 11 b4 1d 00 a0 c9 68 f9 39 01 01 00 00 00 00 00 05 0b 00 00 00 00 00 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 11 ba 8e 91 83 90 50 4c a7 e8 f6 a4 e8 03 00 00 00 02 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 11 ba 8e 91 83 90 50 4c a7 e8 f6 a4 00 02 00 00 00 02 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 11 ba 8e 91 83 90 50 4c a7 e8 f6 a4 07 02 00 00 00 02 14 00 94 00 02 00 01 01 00 00 00 00 00 05 09 00 00 00 00 02 14 00 94 00 02 00 01 01 00 00 00 00 00 05 0b 00 00 00 00 02 14 00 ff 00 0f 00 01 01 00 00 00 00 00 05 12 00 00 00 00 0a 14 00 ff 00 0f 00 01 01 00 00 00 00 00 03 00 00 00 00</SecurityDescriptor><DisplayName><![CDATA[Allow Domain Users RDP]]></DisplayName><Options><![CDATA[0]]></Options><UserVersionNumber><![CDATA[0]]></UserVersionNumber><MachineVersionNumber><![CDATA[327685]]></MachineVersionNumber><MachineExtensionGuids><![CDATA[[{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]]]></MachineExtensionGuids><UserExtensionGuids/><WMIFilter/></GroupPolicyCoreSettings> 
+        <GroupPolicyExtension bkp:ID="{35378EAC-683F-11D2-A89A-00C04FBBCFA2}" bkp:DescName="Registry">
+            
+            
+            <FSObjectFile bkp:Path="%GPO_FSPATH%\Adm\*.*" bkp:SourceExpandedPath="\\dc.windomain.local\sysvol\windomain.local\Policies\{4EC18B73-0966-463C-BD39-72D0903AFE65}\Adm\*.*"/>
+        </GroupPolicyExtension>
+        
+        
+        
+        
+        <GroupPolicyExtension bkp:ID="{827D319E-6EAC-11D2-A4EA-00C04F79F83A}" bkp:DescName="Security">
+            <FSObjectFile bkp:Path="%GPO_MACH_FSPATH%\microsoft\windows nt\SecEdit\GptTmpl.inf" bkp:SourceExpandedPath="\\dc.windomain.local\sysvol\windomain.local\Policies\{4EC18B73-0966-463C-BD39-72D0903AFE65}\Machine\microsoft\windows nt\SecEdit\GptTmpl.inf" bkp:ReEvaluateFunction="SecurityValidateSettings" bkp:Location="DomainSysvol\GPO\Machine\microsoft\windows nt\SecEdit\GptTmpl.inf"/>
+        </GroupPolicyExtension>
+        
+        
+        
+        
+    <GroupPolicyExtension bkp:ID="{F15C46CD-82A0-4C2D-A210-5D0D3182A418}" bkp:DescName="Unknown Extension"><FSObjectDir bkp:Path="%GPO_MACH_FSPATH%\Microsoft" bkp:SourceExpandedPath="\\dc.windomain.local\sysvol\windomain.local\Policies\{4EC18B73-0966-463C-BD39-72D0903AFE65}\Machine\Microsoft" bkp:Location="DomainSysvol\GPO\Machine\Microsoft"/><FSObjectDir bkp:Path="%GPO_MACH_FSPATH%\Microsoft\Windows NT" bkp:SourceExpandedPath="\\dc.windomain.local\sysvol\windomain.local\Policies\{4EC18B73-0966-463C-BD39-72D0903AFE65}\Machine\Microsoft\Windows NT" bkp:Location="DomainSysvol\GPO\Machine\Microsoft\Windows NT"/><FSObjectDir bkp:Path="%GPO_MACH_FSPATH%\Microsoft\Windows NT\SecEdit" bkp:SourceExpandedPath="\\dc.windomain.local\sysvol\windomain.local\Policies\{4EC18B73-0966-463C-BD39-72D0903AFE65}\Machine\Microsoft\Windows NT\SecEdit" bkp:Location="DomainSysvol\GPO\Machine\Microsoft\Windows NT\SecEdit"/><FSObjectDir bkp:Path="%GPO_MACH_FSPATH%\Scripts" bkp:SourceExpandedPath="\\dc.windomain.local\sysvol\windomain.local\Policies\{4EC18B73-0966-463C-BD39-72D0903AFE65}\Machine\Scripts" bkp:Location="DomainSysvol\GPO\Machine\Scripts"/><FSObjectDir bkp:Path="%GPO_MACH_FSPATH%\Scripts\Shutdown" bkp:SourceExpandedPath="\\dc.windomain.local\sysvol\windomain.local\Policies\{4EC18B73-0966-463C-BD39-72D0903AFE65}\Machine\Scripts\Shutdown" bkp:Location="DomainSysvol\GPO\Machine\Scripts\Shutdown"/><FSObjectDir bkp:Path="%GPO_MACH_FSPATH%\Scripts\Startup" bkp:SourceExpandedPath="\\dc.windomain.local\sysvol\windomain.local\Policies\{4EC18B73-0966-463C-BD39-72D0903AFE65}\Machine\Scripts\Startup" bkp:Location="DomainSysvol\GPO\Machine\Scripts\Startup"/></GroupPolicyExtension></GroupPolicyObject>
+</GroupPolicyBackupScheme>
\ No newline at end of file
diff --git a/Vagrant/resources/GPO/rdp_users/{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf b/Vagrant/resources/GPO/rdp_users/{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
new file mode 100644
index 0000000000000000000000000000000000000000..ef38d8a0c2fdacc3333de6534f69f3a457d3b6ff
GIT binary patch
literal 384
zcma)$y9&ZU5JgWd_zxmhf{?^lEK-PtT8N-%BO<;{p%Gu;&#O1X3Th?8E_3(JxwFs5
zgb@c~mL#lLGbKyr=Plwc=WNb|vHFu#EaKqiQ?-?vbKxp?O+=moEjn~{H)+$C&RfPn
z{!PR?Bf@vtZLx_Gj^yZRYR|%L+iCvjwiOvt5>uk8Qzo#kDm7DmatRwHMV9_Qbv7o)
qHxbyzfQl->(>704vp@KH38l*NLiG(dTbG}nlnLcF?B6Np*`Ho+5;i{o

literal 0
HcmV?d00001

diff --git a/Vagrant/resources/GPO/rdp_users/{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}/bkupInfo.xml b/Vagrant/resources/GPO/rdp_users/{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}/bkupInfo.xml
new file mode 100644
index 0000000..88e7503
--- /dev/null
+++ b/Vagrant/resources/GPO/rdp_users/{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}/bkupInfo.xml
@@ -0,0 +1 @@
+<BackupInst xmlns="http://www.microsoft.com/GroupPolicy/GPOOperations/Manifest"><GPOGuid><![CDATA[{4EC18B73-0966-463C-BD39-72D0903AFE65}]]></GPOGuid><GPODomain><![CDATA[windomain.local]]></GPODomain><GPODomainGuid><![CDATA[{46037b97-c619-4c8b-b901-d264bbccc4c0}]]></GPODomainGuid><GPODomainController><![CDATA[dc.windomain.local]]></GPODomainController><BackupTime><![CDATA[2019-04-26T03:18:07]]></BackupTime><ID><![CDATA[{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}]]></ID><Comment><![CDATA[Allows windomain\vagrant to RDP to hosts]]></Comment><GPODisplayName><![CDATA[Allow Domain Users RDP]]></GPODisplayName></BackupInst>
diff --git a/Vagrant/resources/GPO/rdp_users/{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}/gpreport.xml b/Vagrant/resources/GPO/rdp_users/{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}/gpreport.xml
new file mode 100644
index 0000000000000000000000000000000000000000..58ca288641ebf1235457423758e6bdc8122f3e3e
GIT binary patch
literal 18348
zcmeHPZEqS!5T4JK`X5j~wNf1ee#g`i0XMZ28_U>DTjdKjcH+hu7jRxw^{=;mo|$g%
z_Sl1i5O9(c;yB;!?!3?J&d&OuzpL_C-bq((q#$qPQu;EGYw5|Y{2<>*NghcNzXiOx
zl?y!Y;O(uv)VKFClq*?5t4*|dEPL{`d?i(RD#y}99~<`;BUW%fKwpme3cZGMhi9w!
zyw%SmT-N}r2ly}Xv<#?4jJqno$e}!w7GS>u4qa(0Hp!8%=Q8q&(l!8gZKd`y0V^H*
zE_z-7_a3P1fhR-ILT+_I!Bc&H4~mcR<VIV*$MY8GAt#KV1Hdx=6~MWw9DrNoIp1I5
zOUXp<)7!+kK3{xK<vnP)1ck)(Pg$3JsY6EF@<g^Ey%k7o2b!>nyLDXG@OB078o1lR
z-4>+U&^ARpsmYJ%zbPB?7pPs$L~lbm+E$J&iq5wRtrLU%2r}$Jx^4Ut^Eg(KgeKEe
zl_QMN1xNS5jT;^HEo2`buOMgOw^?ODPVnwnVMaY^aZVd(p*M1`np0PdIXZP{02o7P
z&^`V(%*MBkMy;dQCGZ^L+L2Rm!!V|WmQ=1qNP7jc-Nai;wu0-HUP}rqZG;HMA#kN%
zF+I-;r3CmDeAg99`WO+M6Qv~k_}fawHf(tlP<BAoHs~wMZwhgAv<MPy`vTnVgQ_9y
zrh&f)c*4K$@PvLY(iM|m3#}UPb&Jq!^FDD5Y12*6+kz}h_-?37c~=JQ>$n#2j9!^G
z%Qj_jgYsU-ZyDUNwp)15FZ+;NwEU9xE5Z|2K;ap_73gsdHvcVP)?^o+;y|w_xKhvB
z;MEm=w{cy;_e#z&7Dp=KDIuL>eBRUR6w$tj9`ru!v7>NzF;)%Gz5^7(Ae1^_*TLgD
z=zI=)I>z-F&rb2IiDwNwtK(S%-=_B2{iqyqxH<Y~!LI@8<}uF4ko*Q@w3EP&+$ZPB
zadMlI*+nd9WNH_e=!bBvCBJ&`4piQ=X-FM?zk{AsAPLjyGf+hA4nS2)wU2s6y&|nw
z(9a_Dd<|NB0oz#tkEr9tgobb8iN#gwco8kk;%H$P;OwrBNZB``=MG{s0o8|h4!E<!
zI|mN5vMpF#Tm3*0Hh76A&NfLyTYUq)gxMyolaw%0?4WgdM$G98X64kpF=rHY9y{sD
zo0!esg3kUDeYuN8j4dv{P#YH!T^LI~hBt9>#CT6?e9jx4Zf>+FN}t2tj(|%OD;3)R
zk-Wf4s*QC_A6L%4h_A!S$Cz&-ZAre1Rt}4xB|Ini9QBA%X-%clQeWxw{o!a)+Dc%&
zK1EvN(^W+TqEF&lb%2kp@&|az89rAT)Yau_T6}$y1=DQQEsvg2%Q*mtnZ>YG!2l~@
zW(>NJKwD)%{_i2ea%D+*P|n%<jKVs_i1!$U>$b}j$@?6%IKkY5-#6T9*)e5jto=r`
zIKR6HJz(5B0{04t184aC3BLUV5<JCR^95$Oe7CQ2Up{T&o~!*RZWJ(QY-+0${652n
zty@Z|qa!R0YDyNVQMQ)FAwTE?D$o#n!fa8<?pzO2m(;U}&*OT=^Bcr;eA^HVqtEaR
zW5JAB+`71m9B)h3A`GpDRr(#QkXgMpX6e^@PfmrQn>C!mnz{17feril7XM8MW;BA!
z70@4ZB}}i-1P;Gr<O|$0m*e{gj-I90^l+I)B7DoaSsrSXvJmWW&q)|us~;qlp)m*G
z!!5W=DTFwXy>|!?>e#e$uR`9IEvBUUs&k>SO}dsBkK!{mum+i4K(dU;`=IU~@n8>D
z&zxIFEkAp&5M)x74acg7%OT(o<TY?9Di(1(qjyP&W~Z}6o@CSs`3P!$5~8!4ILvS>
zYiTpSMMZ=7Du|hKlSX*uLi`Lz=j#`RWqQnFmZYUo>oAW($^jP*!#b8nA<J`*i(MfL
zHoZ@aW8qj5UoTA8a}oyG<H+Y7h4vAFxPS3I{8C5fHQceh)W5r!8Q7l9d%WdpCBB<L
zKbOa?XpNobEwaqn%{G=7x5~(t%ySp$VaC7@$>Leu=E^x=h2^U-?(;4p{)J-CX!H%o
z&O8D(V|6*{>##fmCbPw(k?iwdxy>sA+HUx#6aScx;C!!-To`lKoaHgM+0i`&*7cDV
zw^|+544b*+F)@#ci;9W)nlPG+X3P4Sjb>k~<q<KDh*s<KFymNyF0+Q*`cU^@8P#lO
z$EsT6RknFVBM0&<XTI0=rR=r2JwN6#qrJHTcB!M&8nlV*F*3BeHgB0_uQ1<-OP&py
z<#dhnV0Kz1z7IFg)m&LuKxtKE(Ok@}kruV17s_V()nxf9&Pm5+z<JEe>r1|z`jUJV
zH+~hzXq}}3g|V9F?YK*NjcnOV^m-W8wEphEcr2sLoy}7Gy<As`6+XLGMHMTn<1A0u
zK-CcEI5n++=W|xi-5_u1SB+)u<7QG-R7SE=_D<Ju%t%H!oB#e<^OSDKwE>(c2Ue2t
ztQ{-HHZ)dGZs%Zz#%*Dw0chjQFg&8)!XJzIRL2iiC&sf?$#=<~@07#Lxmw+}<FwBQ
z!+9UIos>t^IzI2H$RF6zo$uLTRz1egGKbC*5Qou<Q{uu?hrZ4w$4jd{ttu@Qt(Rl1
zGj)_Q=Z;P^mrtu3Gj16MQEN9>8|5t9yALb>mUW(nXHa=UlOMC#@fBr8r=u&b3-i?i
zf6n~`HP8pBVLru`XJS~>$f^-ahjq`~t9*^Wda&y0GB8HZ>VLAIMsiMH4iy)kg-d!8
zCtvrwOgYbMrIO{`l%v;pyJ%ertyi+1q4F_zS}|F|v>da2YUXs_gMCN6?5M|xpYc!n
zIF8}??Dq_hKI-w=E<G+*VSj^whF4{B478fx$?g0o<+t}EVQ56Zg+Ep@9%hM^<i{w@
zRrnyz&0d2WtP@P~x`nFp!<Zx}r~d!{3x#7QTlkpTTb|)zc6kqHKMAb^Nc?XlypR9K
z2#buN@uLy^@n_+Lv*I3Td!zI)GO~uxpLHAo%h47NK50+m-LzbN4oH2K0q2LDE%Ri7
V?I6#Wzmp+-I-I5iEbq7{{{ky=;~)S4

literal 0
HcmV?d00001

diff --git a/Vagrant/resources/windows/classic_shell_win7.reg b/Vagrant/resources/windows/classic_shell_win7.reg
new file mode 100644
index 0000000..83fb24e
--- /dev/null
+++ b/Vagrant/resources/windows/classic_shell_win7.reg
@@ -0,0 +1,4 @@
+Windows Registry Editor Version 5.00
+
+[HKEY_LOCAL_MACHINE\SOFTWARE\IvoSoft\ClassicStartMenu]
+"MenuStyle_Default"="Win7"
diff --git a/Vagrant/scripts/configure-powershelllogging.ps1 b/Vagrant/scripts/configure-powershelllogging.ps1
index 86628fd..213c323 100755
--- a/Vagrant/scripts/configure-powershelllogging.ps1
+++ b/Vagrant/scripts/configure-powershelllogging.ps1
@@ -1,7 +1,7 @@
 # Purpose: Install the GPO that specifies the WEF collector
 Write-Host "Importing the GPO to enable Powershell Module, ScriptBlock and Transcript logging..."
 Import-GPO -BackupGpoName 'Powershell Logging' -Path "c:\vagrant\resources\GPO\powershell_logging" -TargetName 'Powershell Logging' -CreateIfNeeded
-$OU = "ou=Workstations,dc=windomain,dc=local" 
+$OU = "ou=Workstations,dc=windomain,dc=local"
 $gPLinks = $null
 $gPLinks = Get-ADOrganizationalUnit -Identity $OU -Properties name,distinguishedName, gPLink, gPOptions
 $GPO = Get-GPO -Name 'Powershell Logging'
@@ -11,9 +11,9 @@ If ($gPLinks.LinkedGroupPolicyObjects -notcontains $gpo.path)
 }
 else
 {
-    Write-Host "Powershell Loggin was already linked at $OU. Moving On."
+    Write-Host "Powershell Logging was already linked at $OU. Moving On."
 }
-$OU = "ou=Servers,dc=windomain,dc=local" 
+$OU = "ou=Servers,dc=windomain,dc=local"
 $gPLinks = $null
 $gPLinks = Get-ADOrganizationalUnit -Identity $OU -Properties name,distinguishedName, gPLink, gPOptions
 $GPO = Get-GPO -Name 'Powershell Logging'
@@ -23,7 +23,7 @@ If ($gPLinks.LinkedGroupPolicyObjects -notcontains $gpo.path)
 }
 else
 {
-    Write-Host "Powershell Loggin was already linked at $OU. Moving On."
+    Write-Host "Powershell Logging was already linked at $OU. Moving On."
 }
 $OU = "ou=Domain Controllers,dc=windomain,dc=local"
 $gPLinks = $null
@@ -34,6 +34,6 @@ If ($gPLinks.LinkedGroupPolicyObjects -notcontains $gpo.path)
 }
 else
 {
-    Write-Host "Powershell Loggin was already linked at $OU. Moving On."
+    Write-Host "Powershell Logging was already linked at $OU. Moving On."
 }
 gpupdate /force
diff --git a/Vagrant/scripts/configure-rdp-user-gpo.ps1 b/Vagrant/scripts/configure-rdp-user-gpo.ps1
new file mode 100644
index 0000000..19a1452
--- /dev/null
+++ b/Vagrant/scripts/configure-rdp-user-gpo.ps1
@@ -0,0 +1,29 @@
+# Purpose: Install the GPO that allows windomain\vagrant to RDP
+Write-Host "Importing the GPO to allow windomain/vagrant to RDP..."
+Import-GPO -BackupGpoName 'Allow Domain Users RDP' -Path "c:\vagrant\resources\GPO\rdp_users" -TargetName 'Allow Domain Users RDP' -CreateIfNeeded
+
+$OU = "ou=Workstations,dc=windomain,dc=local"
+$gPLinks = $null
+$gPLinks = Get-ADOrganizationalUnit -Identity $OU -Properties name,distinguishedName, gPLink, gPOptions
+$GPO = Get-GPO -Name 'Allow Domain Users RDP'
+If ($gPLinks.LinkedGroupPolicyObjects -notcontains $gpo.path)
+{
+  New-GPLink -Name 'Allow Domain Users RDP' -Target $OU -Enforced yes
+}
+else
+{
+  Write-Host "Allow Domain Users RDP GPO was already linked at $OU. Moving On."
+}
+$OU = "ou=Servers,dc=windomain,dc=local"
+$gPLinks = $null
+$gPLinks = Get-ADOrganizationalUnit -Identity $OU -Properties name,distinguishedName, gPLink, gPOptions
+$GPO = Get-GPO -Name 'Allow Domain Users RDP'
+If ($gPLinks.LinkedGroupPolicyObjects -notcontains $gpo.path)
+{
+    New-GPLink -Name 'Allow Domain Users RDP' -Target $OU -Enforced yes
+}
+else
+{
+  Write-Host "Allow Domain Users RDP GPO was already linked at $OU. Moving On."
+}
+gpupdate /force
diff --git a/Vagrant/scripts/install-utilities.ps1 b/Vagrant/scripts/install-utilities.ps1
index 28225ea..2b2a419 100755
--- a/Vagrant/scripts/install-utilities.ps1
+++ b/Vagrant/scripts/install-utilities.ps1
@@ -1,19 +1,20 @@
-# Purpose: Installs chocolatey package manager, then installs custom utilities from Choco.
-
-If (-not (Test-Path "C:\ProgramData\chocolatey")) {
-  Write-Host "Installing Chocolatey"
-  iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))
-} else {
-  Write-Host "Chocolatey is already installed."
-}
-
-Write-Host "Installing utilities..."
-If ($(hostname) -eq "win10") {
-  # Because the Windows10 start menu sucks
-  choco install -y classic-shell -installArgs ADDLOCAL=ClassicStartMenu
-}
-choco install -y NotepadPlusPlus
-choco install -y GoogleChrome
-choco install -y WinRar
-
-Write-Host "Utilties installation complete!"
+# Purpose: Installs chocolatey package manager, then installs custom utilities from Choco.
+
+If (-not (Test-Path "C:\ProgramData\chocolatey")) {
+  Write-Host "Installing Chocolatey"
+  iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))
+} else {
+  Write-Host "Chocolatey is already installed."
+}
+
+Write-Host "Installing utilities..."
+If ($(hostname) -eq "win10") {
+  # Because the Windows10 start menu sucks
+  choco install -y classic-shell -installArgs ADDLOCAL=ClassicStartMenu
+  reg import "c:\vagrant\resources\windows\classic_shell_win7.reg"
+}
+choco install -y NotepadPlusPlus
+choco install -y GoogleChrome
+choco install -y WinRar
+
+Write-Host "Utilties installation complete!"
diff --git a/ci/build_machine_bootstrap.sh b/ci/build_machine_bootstrap.sh
index f31f6a0..775155d 100755
--- a/ci/build_machine_bootstrap.sh
+++ b/ci/build_machine_bootstrap.sh
@@ -37,8 +37,10 @@ fi
 echo "deb http://download.virtualbox.org/virtualbox/debian xenial contrib" >> /etc/apt/sources.list
 sed -i "2ideb mirror://mirrors.ubuntu.com/mirrors.txt xenial main restricted universe multiverse\ndeb mirror://mirrors.ubuntu.com/mirrors.txt xenial-updates main restricted universe multiverse\ndeb mirror://mirrors.ubuntu.com/mirrors.txt xenial-backports main restricted universe multiverse\ndeb mirror://mirrors.ubuntu.com/mirrors.txt xenial-security main restricted universe multiverse" /etc/apt/sources.list
 wget -q https://www.virtualbox.org/download/oracle_vbox_2016.asc -O- | sudo apt-key add -
-apt-get update
-apt-get install -y linux-headers-"$(uname -r)" virtualbox-5.2 build-essential unzip git ufw apache2
+echo "Running apt-get update..."
+apt-get -qq update
+echo "Running apt-get install..."
+apt-get -qq install -y linux-headers-"$(uname -r)" virtualbox-5.2 build-essential unzip git ufw apache2
 
 echo "building" > /var/www/html/index.html
 
@@ -52,10 +54,16 @@ if [ "$PACKER_ONLY" -eq 0 ]; then
   # Install Vagrant
   mkdir /opt/vagrant
   cd /opt/vagrant || exit 1
-  wget https://releases.hashicorp.com/vagrant/2.2.4/vagrant_2.2.4_x86_64.deb
+  wget --progress=bar:force https://releases.hashicorp.com/vagrant/2.2.4/vagrant_2.2.4_x86_64.deb
   dpkg -i vagrant_2.2.4_x86_64.deb
   vagrant plugin install vagrant-reload
 
+  # Make sure the plugin installed correctly. Retry if not.
+  if [ "$(vagrant plugin list | grep -c vagrant-reload)" -ne "1" ]; then
+    echo "The first attempt to install the vagrant-reload plugin failed. Trying again."
+    vagrant plugin install vagrant-reload
+  fi
+
   # Make the Vagrant instances headless
   cd /opt/DetectionLab/Vagrant || exit 1
   sed -i 's/vb.gui = true/vb.gui = false/g' Vagrantfile
@@ -65,7 +73,7 @@ if [ "$VAGRANT_ONLY" -eq 0 ]; then
   # Install Packer
   mkdir /opt/packer
   cd /opt/packer || exit 1
-  wget https://releases.hashicorp.com/packer/1.3.2/packer_1.3.2_linux_amd64.zip
+  wget --progress=bar:force https://releases.hashicorp.com/packer/1.3.2/packer_1.3.2_linux_amd64.zip
   unzip packer_1.3.2_linux_amd64.zip
   cp packer /usr/local/bin/packer
 
diff --git a/ci/circle_workflows/vagrant_changes.sh b/ci/circle_workflows/vagrant_changes.sh
index a0f4943..6d6f56d 100644
--- a/ci/circle_workflows/vagrant_changes.sh
+++ b/ci/circle_workflows/vagrant_changes.sh
@@ -35,7 +35,7 @@ IP_ADDRESS=$(curl -s -X GET --header 'Accept: application/json' --header 'X-Auth
 # Copy repo to Packet server
 # TODO: Tar up the repo and expand it remotely
 cd ~/repo
-rsync -Pav -e "ssh -i ~/.ssh/id_rsa" ~/repo/ root@"$IP_ADDRESS":/opt/DetectionLab
+rsync -Paq -e "ssh -i ~/.ssh/id_rsa" ~/repo/ root@"$IP_ADDRESS":/opt/DetectionLab
 
 ## Running install script on Packet server
 ssh -i ~/.ssh/id_rsa root@"$IP_ADDRESS" 'bash -s' -- < ci/build_machine_bootstrap.sh --vagrant-only
@@ -46,16 +46,16 @@ while [ "$MINUTES_PAST" -lt 180 ]; do
   STATUS=$(curl $IP_ADDRESS)
   if [ "$STATUS" == "building" ]; then
     echo "$STATUS"
-    scp -i ~/.ssh/id_rsa root@"$IP_ADDRESS":/opt/DetectionLab/Vagrant/vagrant_up_*.log /tmp/artifacts/ || echo "Vagrant log not yet present"
+    scp -q -i ~/.ssh/id_rsa root@"$IP_ADDRESS":/opt/DetectionLab/Vagrant/vagrant_up_*.log /tmp/artifacts/ || echo "Vagrant log not yet present"
     sleep 300
     ((MINUTES_PAST += 5))
   else
-    scp -i ~/.ssh/id_rsa root@"$IP_ADDRESS":/opt/DetectionLab/Vagrant/vagrant_up_*.log /tmp/artifacts/ || echo "Vagrant log not yet present"
+    scp -q -i ~/.ssh/id_rsa root@"$IP_ADDRESS":/opt/DetectionLab/Vagrant/vagrant_up_*.log /tmp/artifacts/ || echo "Vagrant log not yet present"
     break
   fi
   if [ "$MINUTES_PAST" -gt 180 ]; then
     echo "Serer timed out. Uptime: $MINUTES_PAST minutes."
-    scp -i ~/.ssh/id_rsa root@"$IP_ADDRESS":/opt/DetectionLab/Vagrant/vagrant_up_*.log /tmp/artifacts/
+    scp -q -i ~/.ssh/id_rsa root@"$IP_ADDRESS":/opt/DetectionLab/Vagrant/vagrant_up_*.log /tmp/artifacts/
     curl -X DELETE --header 'Accept: application/json' --header 'X-Auth-Token: '"$PACKET_API_TOKEN" 'https://api.packet.net/devices/'"$DEVICE_ID"
     exit 1
   fi
@@ -64,7 +64,7 @@ done
 ## Recording the build results
 echo $STATUS
 if [ "$STATUS" != "success" ]; then
-  scp -i ~/.ssh/id_rsa root@"$IP_ADDRESS":/opt/DetectionLab/Vagrant/vagrant_up_*.log /tmp/artifacts/
+  scp -q -i ~/.ssh/id_rsa root@"$IP_ADDRESS":/opt/DetectionLab/Vagrant/vagrant_up_*.log /tmp/artifacts/
   echo "Build failed. Cleaning up server with ID $DEVICE_ID"
   curl -X DELETE --header 'Accept: application/json' --header 'X-Auth-Token: '"$PACKET_API_TOKEN" 'https://api.packet.net/devices/'"$DEVICE_ID"
   exit 1