Baseline Registry Settings for new Domain Controllers

I have a list of baseline registry settings which I put on any new domain controller. I thought I'd share the VB Script below which sets all these as well as enables some performance counters. Many of the settings are applicable outside of a Domain Controller.

Feel free to use this and leave a comment if you have any suggestions for additions, etc.

'==========================================================================
' NAME: Baseline Registry Settings for new Domain Controllers
'
' AUTHOR: Brian Desmond, brian@briandesmond.com
' DATE  : 8/1/2009
'
'=========================================================================
'	Version		Date		Author			Note
'	-----------------------------------------------------------------
'	1.0			01Aug09		Brian Desmond	Initial Release	
'==========================================================================

Option Explicit

Dim shl
Set shl = WScript.CreateObject("WScript.Shell")

' Enable Remote Desktop
WriteRegistry "HKLM\System\CurrentControlSet\Control\Terminal Server\fDenyTSConnections", 0, "REG_DWORD"

' Set crash config settings
WriteRegistry "HKLM\SYSTEM\CurrentControlSet\CrashControl\NMICrashDump", 1, "REG_DWORD"
WriteRegistry "HKLM\SYSTEM\CurrentControlSet\Services\i8042prt\Parameters\CrashOnCtrlScroll", 1, "REG_DWORD"
' WS03 pre SP2 requires KB244139 for the following to be effective
' WS08 pre SP2 requires KB971284 for the following to be effective
WriteRegistry "HKLM\SYSTEM\CurrentControlSet\Services\kbdhid\Parameters\CrashOnCtrlScroll", 1, "REG_DWORD"

' log DIT whitespace info
WriteRegistry "HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics\6 Garbage Collection", 1, "REG_DWORD"
' Expensive/inefficient queries
WriteRegistry "HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics\15 Field Engineering", 5, "REG_DWORD"

' JET Perf counters
WriteRegistry "HKLM\system\currentcontrolset\Services\ESENT\Performance\Open", "OpenPerformanceData", "REG_SZ"
WriteRegistry "HKLM\system\currentcontrolset\Services\ESENT\Performance\Collect", "CollectPerformanceData", "REG_SZ"
WriteRegistry "HKLM\system\currentcontrolset\Services\ESENT\Performance\Close", "ClosePerformanceData", "REG_SZ"
WriteRegistry "HKLM\system\currentcontrolset\Services\ESENT\Performance\Library", "%systemroot%\system32\esentprf.dll", "REG_SZ"
WriteRegistry "HKLM\system\currentcontrolset\Services\ESENT\Performance\Squeaky Lobster", 1, "REG_DWORD"

' === Shouldn't be necessary on WS08
' set the path to the install binaries
WriteRegistry "HKLM\Software\Microsoft\Windows\CurrentVersion\Setup\SourcePath", "C:\", "REG_SZ"
WriteRegistry "HKLM\Software\Microsoft\Windows\CurrentVersion\Setup\ServicePackSourcePath", "C:\", "REG_SZ"

' Import JET perf counters
' === Path under WS08 is %windir%\inf\ESENT\0000\esentprf.ini
shl.Run(shl.ExpandEnvironmentStrings("%SystemRoot%\System32\lodctr.exe %SystemRoot%\System32\esentprf.ini"))

' === Shouldn't be necessary on WS08
' Disable manage server wizard
WriteRegistry "HKEY_USERS\.Default\Software\Microsoft\Windows NT\CurrentVersion\Setup\Welcome\srvwiz", 0, "REG_DWORD"
WriteRegistry "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Setup\Welcome\srvwiz", 0, "REG_DWORD"

' === Shouldn't be necessary on WS08
' Disable SP2 SNP stuff
WriteRegistry "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\EnableTCPChimney", 0, "REG_DWORD"
WriteRegistry "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\EnableTCPA", 0, "REG_DWORD"
WriteRegistry "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\EnableRSS", 0, "REG_DWORD"

' writes a given value to a given registry path
' use readregistry to validate success
' this function will throw an error up the stack
Sub WriteRegistry(path, value, regType)
	Dim sbShl
	Set sbShl = WScript.CreateObject("WScript.Shell")

	sbShl.RegWrite path, value, regType

	Set sbShl = Nothing 
End Sub