This chapter explains details related to creating your own virtual machine. As already stated, we recommend that you only create your own image if it is absolutely necessary and wherever possible use the standard images (templates) available in the bwLehrpool-Suite as a starting point. These images already contain diverse optimizations for use in bwLehrpool and can be downloaded and adapted or further developed.

When creating your own image, the vmdk file may not be split into blocks. This choice is made at the time of creation. Choose the option „Store virtual disk as a single file“ as shown in the image in this section. The reason for this choice is that the image has to be uploaded in one block, as it is otherwise not possible to edit the VM without issues.

Providing the appropriate number of licenses for any additional software is purely the responsibility of the course instructor! It is therefor recommended to use open source software with free licenses whenever possible.

At the moment when a person customizes a virtual machine, the responsibility for that VM is transferred to that person. The following rules apply:

• Regular updates to the OS and the installed software should be carried out.
• A virus check is obligatory; checking for viruses should however be disabled for the normal user.
• After updates are installed, the volume should be defragmented.
• You are responsible for making sure that you have enough current, valid licenses available for all components you add to the image (free software should be chosen where possible over commercial offers which often have problematic license models).
• All auto-updaters and similar which are found in the system tray, task bar or anywhere else must be deactivated. There is no reason to leave these active as the images booted in the pool rooms are non-persistent and will be lost on the next boot. They only cause delays at boot and unnecessary drag on the network. Carry out updates manually on your VM and push the changes out to the users.

cscript.exe c:\windows\system32\slmgr.vbs -ato

Many services and tools that run constantly under Windows are pointless in the course environment, as there is no persistence of the individual sessions. This allows you to optimize performance by turning off many of these services which would run in the background checking for updates or indexing the system. It also helps to control the amount of data that flows externally.

Following rules should be followed in order to achieve a reasonable operating speeds:

• Stop the automatic system recovery (this is pointless in pool operation). Reduce or even better disable the permanent paging file (Control Panel → System). This only senselessly enlarges the redofile - the session file of the virtual machine.
• Disable all update services for Microsoft, Adobe, Google, etc., as they would be re-launched every time they start. Rather, the update must be made periodically by the VM creators.
• Disable any indexing services: If they should nevertheless be desired, they should run once in persistent mode at setup but be off for standard operation, as they will then be useless in the absence of persistence of the virtual machine.
• Virus checks only make sense for external drives, but not for the basic system: A virus / Trojan can not persist because there are no write permissions for the user sessions in standard mode. However, a check should be made before (!) The VM is deployed to the public.
• Turn off the screen saver - a screensaver is already provided by the base system.
• The proxy settings for Firefox (as well Internet Explorer, etc.) should be set to “Auto-detect proxy-settings”.

This listing mainly affects Windows 7; besides Windows 8 (8.1) and 10. Each option does not necessarily apply to all (see gpedit.msc). The template images (Windows templates) are already configured with all the following settings. Please also compare the item “Print from the image”.

• Disable paging, system recovery, virus protection, auto-update, data backup, etc. (Windows Maintenance Center) messages, as well as updates for Windows and other software.
• Also, disable screen savers, local disk file indexing, and screen and disk power saving options.
• Set up a user called “student” and make sure it logs in automatically (“control userpasswords”).
• In the Start menu, all options except Shut down and Restart should be removed.
• It is recommended to remove all system sounds (start sound, Windows sound scheme, etc.).

• Computerkonfiguration → Administrative Vorlagen → System → Geräteinstallation → Einschränkungen bei der Geräteinstallation → Installation von Geräten verhindern, die diesen Gerätesetupklassen entsprechen ⇒ aktivieren und {50127dc3-0f36-415e-a6cc-4cb3be910b65} eintragen
• Verhindert, dass bei Start im bwLehrpool-Umfeld CPU-Treiber installiert werden, die einen Neustart provozieren.
• Computerkonfiguration → Administrative Vorlagen → System → Geräteinstallation → Sprechblasen mit der Meldung „Neue Hardware gefunden“ während der Geräteinstallation deaktivieren ⇒ aktivieren
• Treiber werden ohne Rückmeldung im Hintergrund installiert.
• Computerkonfiguration → Administrative Vorlagen → System → Anmelden→ Einstiegspunkt für die schnelle Benutzerumschaltung ausblenden ⇒ aktivieren
• Computerkonfiguration → Administrative Vorlagen → System → Anmelden→ Windows-Startsound deaktivieren⇒ aktivieren
• Computerkonfiguration → Administrative Vorlagen → System → Energieverwaltung→ Energiesparmoduseinstellungen → Statusoptionen (S1-S3) beim Wechsel in den Energiesparmodus zulassen (Netzbetrieb) ⇒deaktivieren
• Benutzerkonfiguration → Administrative Vorlagen → Startmenü und Taskleiste→ Option Abmelden aus dem Startmenü entfernen ⇒ aktivieren
• Benutzerkonfiguration → Administrative Vorlagen → System → Strg+Alt+Entf-Optionen→ Abmeldung entfernen ⇒ aktivieren
• Benutzerkonfiguration → Administrative Vorlagen → System → Strg+Alt+Entf-Optionen→ Sperren des Computers entfernen⇒ aktivieren

• HKEY_LOCAL_MACHINE → Software → Microsoft → Windows → Current Version → Policies → System ⇒ DisableLockWorkstation =1 (als DWORD neu erstellen)
• HKEY_LOCAL_MACHINE → Software → Microsoft → Windows → Current Version → Policies → Explorer ⇒ StartMenuLogoff=1 (als DWORD neu erstellen)
• HKEY_LOCAL_MACHINE → Software → Microsoft → Windows → Current Version → Run ⇒ Zeichenfolge “openslx”, Wert “B:\openslx.exe“
  • Dies sorgt dafür, dass beim Windowsstart das Dienstprogramm openslx.exe gestartet wird. Dieses Programm sorgt für eine verbesserte Anpassung der Bildschirmauflösung, sowie die Einbindung von Netzlaufwerken. Das Pseudo-Laufwerk B: wird vom System zur Verfügung gestellt.

• Firefox
  • As default browser
  • Addons: HTTPS-Everywhere and Ghostery
  • Install as 'root' (or administrator) for all users, updates will only work as 'root' (or administrator). This is important, because Firefox can also be installed as a normal user (in parallel) and then two installations would be available in the system.
• Internet Explorer
  • Available as standard, but not necessarily recommended due to a very mixed security history.
  • Internet options → Extended → Use software rendering instead of GPU rendering ⇒ activate (3D support in the VMs works, but it cannot always be assumed that every target machine has a powerful chipset). If the VM only runs on bwPC4, GPU rendering can be enabled.
• LibreOffice
  • Current version clearly visible on desktop and in start menu
  • All dictionaries as well as German and English for the user interface (otherwise start time slows down)
  • Do not install or activate Quick Start
• Microsoft Office
  • Current version clearly visible on desktop and in start menu
• Adobe Reader, Adobe Flash
  • Not necessarily recommended due to very mixed security issues
• 7-Zip, Notepad++, Gimp, Paint.NET, VLC, if necessary Citavi with all available pickers
• Remember to install VirtualBox Guest Additions respectively VMware Tools and open-vm-tools

• No Java, if not absolutely necessary
  • If Java is installed, deactivate the browser plugins if possible.
• Experience has shown that to browsers, Flash, Adobe Reader and Windows Updates are relevant to security.
• Regular updates (about once a month to the Patch-Day, the 2nd Tuesday of the month: Windows, Office, Adobe, etc.)
  • Each time before publishing
• Start all programs once, especially after new installations or updates (otherwise start dialogs may appear over and over)
• msconfig: remove everything unnecessary from the autostart
• Screen resolution should be adjusted automatically in the teaching pool (the default is the resolution last used when editing).
• Log in as 'root' or 'admin'
• Clean up the hard drive

cleanmgr.exe /sageset:1

Check all possible options.

cleanmgr.exe /sagerun:1

• Defragmentation of the hard disk (VM can be better downsized later on)

sc config defragsvc start= demand
defrag C:\ /H /U /V
sc config defragsvc start= disabled

• Overwrite the free space with zeros (VM can be better downsized later on) → SDelete (or under C:\bwLehrpool\sdelete)

sdelete.exe -z

For convenient shutdown of unnecessary services the utility Device Optimization Tool (DOT) has been created. It serves you to automatically optimize virtual Windows machines for use within bwLehrpool. Please run it within your virtual machine and restart the VM once.

To install Windows Updates, you must first activate the necessary service (this is usually deactivated in order to avoid unnecessary notifications and updates in bwLehrpool operation).

Open a console as administrator and execute the following command:

sc config wuauserv start= demand

Then locate and install Windows Updates as usual. Depending on how long the last update was made, it may take some time. When you have installed all updates and restarted the VM, disable the service again.

sc config wuauserv start= disabled

Please refer to the following: Linux in virtual machines.

If you are using one of the templates from the pool system, the printer should already be installed correctly and you do not need to do anything else. If you want to deploy your own virtual machine, please use the Powershell script provided at Windows-Einstellungen optimieren. Run the script and choose the Option for “Spezialmenü” and finally “Pool-Drucker installieren”.

For information on the previous configuration see Drucken im bwLehrpool.