Generate autounattend.xml files for Windows 10/11

This service lets you create answer files (typically named unattend.xml or autounattend.xml) to perform unattended installations of Windows 10/11.

Region and language settings:	Install Windows using these language settings: Display menus, dialog boxes, etc. in this language, which must match the language of your Windows 10/11 .iso file: Format dates, times, currency, and numbers according to this locale/culture: Use this keyboard layout: Select language settings interactively during Windows Setup
Processor architectures:	When you select multiple processor architectures, a single `autounattend.xml` file will be created that is applicable to all of these architectures.
Setup settings:	Bypass Windows 11 requirements check
Computer name:	Leave empty to let Windows generate a random computer name like `DESKTOP-ZFAH8Z2`.
Time zone:	Let Windows try to determine your time zone based on language and region settings Use this time zone:
Partitioning and formatting:	Let Windows Setup wipe, partition and format your hard drive (more specifically, disk 0) using these settings: Choose partition layout: GPT The GPT partition layout must be used for UEFI systems. MBR The MBR-based partition layout must be used for legacy BIOS systems. Choose how to install Windows Recovery Environment (Windows RE): Install on recovery partition This will create a separate partition with a size of 1000 MB and install Windows RE to it. Install on Windows partition This will install Windows RE in `C:\Recovery`. No recovery partition will be created. Remove Windows RE This will delete the `C:\Recovery` folder and thus free about 600 MB of disk space. No recovery partition will be created. Partition the disk interactively during Windows Setup or use existing partition
Windows edition:	Enter your own product key during Windows Setup Use a generic product key to install this edition: This product key cannot be used to activate Windows. You can change the product key later.
User accounts:	Let Windows Setup create the following user accounts: Activate built-in account Administrator. Note that with this account, an Account Lockout policy only affects network logons. Add these administrator accounts: Add these user accounts: The passwords will all be set to password. Make sure to change this, either by editing the `<Value>password</Value>` elements in the `autounattend.xml` file or by changing the passwords when Windows has been installed. The user accounts selected above will be local accounts. Windows Setup will not ask you for „security questions“ or try to lure you into creating a Microsoft account. Add user accounts interactively during Windows Setup
Account Lockout policy:	Use default policy By default, Windows 10 22H2 and Windows 11 22H2 will lock out an account after 10 failed logon attempts (threshold) within 10 minutes (window). After 10 minutes (duration), the account is unlocked automatically. Disable policy Disabling Account Lockout might leave your computer vulnerable to brute-force attacks. Use custom policy: Lock out an account after failed logon attempts within minutes. After minutes, unlock the account automatically.
Optimizations:	Disable Windows Defender This disables certain services (`Sense`, `WdBoot`, `WdFilter`, `WdNisDrv`, `WdNisSvc`, `WinDefend`) during Windows Setup. A reboot might be required to stop these services. Enable long paths with up to 32,767 characters Enable Remote Desktop services (RDP) Harden ACLs so that users cannot create folders in `C:\` This removes write permissions for the Authenticated Users group. In particular, this prevents users from creating bogus folders such as `C:\Windows` . Allow execution of Windows PowerShell script files (`.ps1`) Do not update the Last Access Time stamp on files and folders This can improve file system performance. Prevent automatic restarts by Windows Update when a user is signed in Audit process creation events Include command line in log entries
Wi-Fi setup:	Configure Wi-Fi interactively during Windows Setup Skip Wi-Fi configuration Choose this if you have a wired connection to the internet. Configure Wi-Fi using these settings: Network name (SSID): Authentication: Password: You should not enter your actual password here. Obfuscate letters and digits, but keep special characters (such as `& ^ < > \| \`) unchanged as these require non-trivial escaping. Once you have downloaded the `autounattend.xml` file, find the password enclosed between `keyMaterial^>` and `^</keyMaterial` and adjust it.
Express settings:	Disable all Windows will not send diagnostic data, personalized input or your location history to Microsoft. Choose this if you value privacy. Enable all Windows will send data to Microsoft to provide location-based services, improve language recognition, and show more personalized ads. Choose settings interactively during Windows Setup This lets you enable some settings while disabling others.
Remove bloatware:	Windows comes with several apps that many users do not want or do not need. Check all the apps you want removed during Windows Setup: 3D Viewer Calculator Camera Clipchamp Clock Feedback Hub Get Help Get Started Groove Music Internet Explorer 11 Maps Math Input Panel Microsoft Photos Microsoft Solitaire Collection Microsoft Teams Microsoft To Do News Notepad (classic) Notepad (modern app) Office 365 OneDrive OneNote OpenSSH Client Paint Paint 3D People Power Automate PowerShell ISE Quick Assist Skype Snip & Sketch Steps Recorder Sticky Notes Voice Recorder Weather Windows Media Player Windows Terminal WordPad Xbox Apps Your Phone
Placeholders for more components:	This service can optionally generate templates for all available components, with respect to their valid configuration passes. Look for `<!--Placeholder-->` comments in the generated `autounattend.xml` file and fill in the desired settings yourself. Microsoft-Windows-Audio-AudioCore specialize Microsoft-Windows-Audio-VolumeControl specialize Microsoft-Windows-Authentication-AuthUI specialize Microsoft-Windows-BLB-WSB-Online-Main specialize oobeSystem Microsoft-Windows-BrowserService generalize Microsoft-Windows-CodeIntegrity offlineServicing Microsoft-Windows-CoreMmRes generalize specialize auditSystem auditUser oobeSystem Microsoft-Windows-Deployment generalize specialize auditSystem auditUser oobeSystem Microsoft-Windows-DeviceAccess specialize Microsoft-Windows-DeviceGuard-Unattend offlineServicing Microsoft-Windows-DiagCpl offlineServicing generalize specialize Microsoft-Windows-Disk-Failure-Diagnostic-Module offlineServicing generalize specialize Microsoft-Windows-DNS-Client specialize Microsoft-Windows-Embedded-BootExp specialize oobeSystem Microsoft-Windows-Embedded-EmbeddedLogon offlineServicing specialize Microsoft-Windows-Embedded-KeyboardFilterService offlineServicing Microsoft-Windows-Embedded-ShellLauncher oobeSystem Microsoft-Windows-Embedded-UnifiedWriteFilter specialize Microsoft-Windows-EnhancedStorage-Adm specialize Microsoft-Windows-ErrorReportingCore specialize Microsoft-Windows-Fax-Service specialize Microsoft-Windows-GPIOButtons offlineServicing specialize Microsoft-Windows-HelpAndSupport specialize oobeSystem Microsoft-Windows-IE-ClientNetworkProtocolImplementation oobeSystem Microsoft-Windows-IE-ESC specialize Microsoft-Windows-IE-InternetExplorer specialize Microsoft-Windows-International-Core specialize oobeSystem Microsoft-Windows-International-Core-WinPE windowsPE Microsoft-Windows-LUA-Settings offlineServicing Microsoft-Windows-MapControl-Desktop specialize oobeSystem Microsoft-Windows-MediaPlayer-Core offlineServicing Microsoft-Windows-MicrosoftEdgeBrowser specialize Microsoft-Windows-MobilePC-Sensors-API specialize Microsoft-Windows-NetBT specialize Microsoft-Windows-NetworkBridge generalize Microsoft-Windows-NetworkLoadBalancing-Core specialize Microsoft-Windows-OutOfBoxExperience generalize specialize Microsoft-Windows-PartitionManager offlineServicing Microsoft-Windows-PnpCustomizationsNonWinPE offlineServicing auditSystem Microsoft-Windows-PnpCustomizationsWinPE windowsPE Microsoft-Windows-PnpSysprep generalize specialize Microsoft-Windows-PowerCPL generalize specialize Microsoft-Windows-Printing-Spooler-Core specialize Microsoft-Windows-RasServer specialize Microsoft-Windows-RemoteAssistance-Exe specialize Microsoft-Windows-SecureStartup-FilterDriver offlineServicing specialize auditSystem oobeSystem Microsoft-Windows-Security-SPP generalize Microsoft-Windows-Security-SPP-UX specialize Microsoft-Windows-ServerManager-SvrMgrNc generalize specialize Microsoft-Windows-Setup windowsPE Microsoft-Windows-SharedAccess generalize Microsoft-Windows-Shell-Setup offlineServicing windowsPE generalize specialize auditSystem auditUser oobeSystem Microsoft-Windows-SHWebSVC oobeSystem Microsoft-Windows-SMBServer generalize Microsoft-Windows-SNMP-Agent-Service generalize specialize Microsoft-Windows-SQMAPI specialize Microsoft-Windows-STObject generalize specialize Microsoft-Windows-StorPort-RegistrySettings specialize auditSystem auditUser oobeSystem Microsoft-Windows-SystemMaintenanceService specialize Microsoft-Windows-SystemRestore-Main specialize Microsoft-Windows-SystemSettingsThreshold generalize specialize Microsoft-Windows-TabletPC-Platform-Input-Core offlineServicing specialize oobeSystem Microsoft-Windows-TapiSetup specialize Microsoft-Windows-TCPIP windowsPE specialize Microsoft-Windows-TerminalServices-CentralPublishing oobeSystem Microsoft-Windows-TerminalServices-LicenseServer oobeSystem Microsoft-Windows-TerminalServices-LocalSessionManager offlineServicing generalize specialize Microsoft-Windows-TerminalServices-Publishing-WMIProvider offlineServicing generalize specialize Microsoft-Windows-TerminalServices-RDP-WinStationExtensions generalize specialize Microsoft-Windows-TerminalServices-RemoteConnectionManager offlineServicing generalize specialize Microsoft-Windows-Tpm-Tasks specialize Microsoft-Windows-TwinUI offlineServicing specialize oobeSystem Microsoft-Windows-UnattendedJoin offlineServicing specialize Microsoft-Windows-WDF-KernelLibrary offlineServicing Microsoft-Windows-WiFiNetworkManager offlineServicing specialize oobeSystem Microsoft-Windows-WinRE-RecoveryAgent oobeSystem Microsoft-Windows-WLANSVC offlineServicing windowsPE specialize oobeSystem Microsoft-Windows-WorkstationService generalize specialize Microsoft-Windows-WPD-BusEnumService specialize Microsoft-Windows-WWANUI generalize specialize Networking-MPSSVC-Svc specialize Security-Malware-Windows-Defender offlineServicing specialize oobeSystem