ShoreTel: PowerShell Script to Install Features and Roles for v14

Updated 3/21/2017 to add registry keys for NTP, adjust DEP and various Windows Explorer settings and a prompt to change computer name.

Here’s a PowerShell script to install the required features and roles for a ShoreTel 14+ installation on a Windows Server 2012 box.

I ran this to get a list of currently installed features / roles on a fresh ShoreTel install on Server 2012 then added them to the script for future installs:

Get-WindowsFeature | ? {$_.Installed -match “True”} | Select -exp Name

You’ll need to set the execution policy to Unrestricted first:

Set-ExecutionPolicy Unrestricted

Make sure to set it back to Restricted when finished:

Set-ExecutionPolicy Restricted

PowerShell Code:

$ConfirmInstall = Read-Host -Prompt "Install Windows Server Roles and Features for ShoreTel? [Y/N]"
If ($ConfirmInstall -like "Y")
{
Import-module servermanager
Add-WindowsFeature Application-Server
Add-WindowsFeature AS-NET-Framework
Add-WindowsFeature AS-Web-Support
Add-WindowsFeature AS-Ent-Services
Add-WindowsFeature AS-TCP-Port-Sharing
Add-WindowsFeature AS-WAS-Support
Add-WindowsFeature AS-HTTP-Activation
Add-WindowsFeature AS-MSMQ-Activation
Add-WindowsFeature AS-TCP-Activation
Add-WindowsFeature AS-Named-Pipes
Add-WindowsFeature AS-Dist-Transaction
Add-WindowsFeature AS-Incoming-Trans
Add-WindowsFeature AS-Outgoing-Trans
Add-WindowsFeature AS-WS-Atomic
Add-WindowsFeature File-Services
Add-WindowsFeature FS-FileServer
Add-WindowsFeature Web-Server
Add-WindowsFeature Web-WebServer
Add-WindowsFeature Web-Common-Http
Add-WindowsFeature Web-Static-Content
Add-WindowsFeature Web-Default-Doc
Add-WindowsFeature Web-Dir-Browsing
Add-WindowsFeature Web-Http-Errors
Add-WindowsFeature Web-Http-Redirect
Add-WindowsFeature Web-DAV-Publishing
Add-WindowsFeature Web-App-Dev
Add-WindowsFeature Web-Asp-Net
Add-WindowsFeature Web-Net-Ext
Add-WindowsFeature Web-ASP
Add-WindowsFeature Web-CGI
Add-WindowsFeature Web-ISAPI-Ext
Add-WindowsFeature Web-ISAPI-Filter
Add-WindowsFeature Web-Includes
Add-WindowsFeature Web-Health
Add-WindowsFeature Web-Http-Logging
Add-WindowsFeature Web-Log-Libraries
Add-WindowsFeature Web-Request-Monitor
Add-WindowsFeature Web-Http-Tracing
Add-WindowsFeature Web-Custom-Logging
Add-WindowsFeature Web-ODBC-Logging
Add-WindowsFeature Web-Security
Add-WindowsFeature Web-Basic-Auth
Add-WindowsFeature Web-Windows-Auth
Add-WindowsFeature Web-Digest-Auth
Add-WindowsFeature Web-Client-Auth
Add-WindowsFeature Web-Cert-Auth
Add-WindowsFeature Web-Url-Auth
Add-WindowsFeature Web-Filtering
Add-WindowsFeature Web-IP-Security
Add-WindowsFeature Web-Performance
Add-WindowsFeature Web-Stat-Compression
Add-WindowsFeature Web-Dyn-Compression
Add-WindowsFeature Web-Mgmt-Tools
Add-WindowsFeature Web-Mgmt-Console
Add-WindowsFeature Web-Scripting-Tools
Add-WindowsFeature Web-Mgmt-Service
Add-WindowsFeature Web-Mgmt-Compat
Add-WindowsFeature Web-Metabase
Add-WindowsFeature Web-WMI
Add-WindowsFeature Web-Lgcy-Scripting
Add-WindowsFeature Web-Lgcy-Mgmt-Console
Add-WindowsFeature Web-Ftp-Server
Add-WindowsFeature Web-Ftp-Service
Add-WindowsFeature Web-Ftp-Ext
Add-WindowsFeature NET-Framework-Core
Add-WindowsFeature NET-HTTP-Activation
Add-WindowsFeature NET-Non-HTTP-Activ
Add-WindowsFeature MSMQ
Add-WindowsFeature MSMQ-Services
Add-WindowsFeature MSMQ-Server
Add-WindowsFeature qWave
Add-WindowsFeature RSAT
Add-WindowsFeature RSAT-Role-Tools
Add-WindowsFeature RSAT-Feature-Tools
Add-WindowsFeature RSAT-SMTP
Add-WindowsFeature SMTP-Server
Add-WindowsFeature Telnet-Client
Add-WindowsFeature Telnet-Server
Add-WindowsFeature WAS
Add-WindowsFeature WAS-Process-Model
Add-WindowsFeature WAS-NET-Environment
Add-WindowsFeature WAS-Config-APIs
Write-Host "Roles and Features for ShoreTel Installed"


Set-ItemProperty -Path Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\W32Time\Config -Name AnnounceFlags -Value 5 -Force
Set-ItemProperty -Path Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\W32Time\Parameters -Name NtpServer -Value 0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org,3.pool.ntp.org,0x9 -Force
Set-ItemProperty -Path Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\W32Time\TimeProviders\NtpServer -Name Enabled -Value 1 -Force
New-ItemProperty -Path Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\W32Time -Name DelayedAutostart -PropertyType DWord -Value 1 -Force | Out-Null
Restart-Service W32Time
Write-Host "NTP Servers set and Enabled Time Sync"


Set-ItemProperty -Path Registry::HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name TaskbarGlomLevel -Value 2 -Force
Set-ItemProperty -Path Registry::HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\VisualEffects -Name VisualFXSetting -Value 2 -Force
Set-ItemProperty -Path Registry::HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name HideFileExt -Value 0 -Force
Set-ItemProperty -Path Registry::HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Name StoreAppsOnTaskbar -Value 0 -Force
Write-Host "Adjusted various Windows Explorer settings"


bcdedit /set "{current}" nx OptOut
Write-Host "Turned on DEP for essential Windows programs and services only"

Set-Service FTPSVC -StartupType Automatic
Write-Host "FTP Service Startup Mode set to Automatic"

Set-Service SMTPSVC -StartupType Automatic
Write-Host "SMTP Service Startup Mode set to Automatic"

Set-Service MpsSvc -StartupType disabled
Write-Host "Firewall Service Startup Mode set to Disabled"

Set-Service wuauserv -StartupType disabled
Write-Host "Windows Update Service Startup Mode set to Disabled"

Set-Service QWAVE -StartupType Automatic
Write-Host "QWAVE Service Startup Mode set to Automatic"


[System.Reflection.Assembly]::LoadWithPartialName('Microsoft.VisualBasic') | Out-Null
$name = [Microsoft.VisualBasic.Interaction]::InputBox("Enter new computer name")
$computerName = Get-WmiObject Win32_ComputerSystem
$computername.Rename($name)
write-Host "$([char]1) Computer Name is changed to `"$name`", rebooting in 5 seconds." -ForegroundColor Green
write-host $([char]7)
sleep 1
write-host $([char]7)
sleep 1 
write-host $([char]7)
sleep 1
write-host $([char]7)
sleep 1
write-host $([char]7)
sleep 1
Restart-Computer -Force 
}
Else
{
Write-Host "`nInstallation Cancelled`n"
Exit
}