Create a Windows 10 Vagrant box

A short how-to on creating a Windows 10 base box for use with Vagrant and VirtualBox.


  • Windows 10 VM (activated)
  • vagrant user with password vagrant
  • 1024 MB Memory
    • APIC on
  • 1 CPU
    • PAE on
    • Nested Paging on
  • VRAM 128 MB
    • 2D/3D Acceleration off
  • Coreaudio Intel HDA
  • Sata HDD 40 GB
  • Guest Additions installed
  • RDP client installed
  • Vagrant installed

Important Windows 10 Settings

The following settings are necessary for managing your VM with Vagrant.

Disable UAC and Enhanced Security

Open the Command Prompt as Admin and execute:

# disable uac 
> C:\Windows\System32\cmd.exe /k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d "0x00000000" /f

# disable enhanced security
> C:\Windows\System32\cmd.exe /k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v FilterAdministratorToken /t REG_DWORD /d "0x00000001" /f

> C:\Windows\System32\cmd.exe /k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\UIPI /ve /t REG_SZ /d "0x00000001" /f

Enable Remote Desktop

Open the Command Prompt as Admin and execute:

# enable remote desktop
> C:\Windows\System32\cmd.exe /k %windir%\System32\reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f

# open firewall for remote desktop
> C:\Windows\system32\netsh.exe advfirewall firewall set rule group="remote desktop" new enable=Yes

Enable and configure WinRM

Set network location to Private:

Open secpol.msc and go to Network List Manager Policies > Network and set Network Location to Private.

Open the Command Prompt as Admin and execute:

> winrm quickconfig -q
> winrm set winrm/config/winrs @{MaxMemoryPerShellMB="300"}
> winrm set winrm/config @{MaxTimeoutms="1800000"}
> winrm set winrm/config/service @{AllowUnencrypted="true"}
> winrm set winrm/config/service/auth @{Basic="true"}
> sc config WinRM start=auto

Optional settings for Windows

Open the PowerShell as Admin and execute:

# remove all of the metro apps
> Get-AppXPackage -AllUsers | Remove-AppXPackage
# remove log files
> Get-Childitem "C:\Windows\Logs\dosvc" | Remove-Item -Verbose
# disables the system restore feature
> Disable-ComputerRestore c:
# disable hibernation
> powercfg -h off
# allow Powershell scripts to provision
> Set-ExecutionPolicy -Force -ExecutionPolicy Unrestricted


Download SDelete and open the Command Prompt as Admin and execute:

# remove recents
> del /F /S /Q %APPDATA%\Microsoft\Windows\Recent\*

# clean up disk space
> C:\Windows\System32\cleanmgr.exe /d c:

# zeros out free space
> C:\SDelete\sdelete64.exe -z c:

Now it's time to shutdown windows.

# shutdown windows
> shutdown /s /t 0

Don't forget to remove unnecessary hardware like audio, usb and CD/DVD and set CPU and RAM to the bare minimum.

Create the Vagrant base box

Create the base box:

# create base box from VM
$ vagrant package --base <windows 10 VM name> --output
# add box
$ vagrant box add windows/10
# check vagrant boxes
$ vagrant box list

Test if it is working

Create and run a test project:

# create project folder
$ mkdir ~/test_project && cd ~/test_project
# initialise the Vagrant environment
$ vagrant init windows/10
# edit Vagrantfile
$ vim Vagrantfile


# -*- mode: ruby -*-
# vi: set ft=ruby :

Vagrant.configure(2) do |config| = "windows/10"
  config.vm.guest = :windows
  config.vm.communicator = "winrm"

  # windows installs updates during startup and shutdown
  # larger timeouts hopefully prevents bricking the vm
  config.vm.boot_timeout = 600
  config.vm.graceful_halt_timeout = 600

  # port forward WinRM and RDP :forwarded_port, guest: 3389, host: 3389 :forwarded_port, guest: 5985, host: 5985, id: "winrm", auto_correct: true

  # optional

  # config.winrm.username = "vagrant"
  # config.winrm.password = "vagrant"

  # config.vm.provider "virtualbox" do |vb|
  #   # vb.gui = true
  #   vb.memory = "2048"
  #   vb.cpus = 2
  # = "Windows_Vagrant"
  # end


Run and connect:

# start VM
$ vagrant up
# start rdp client
$ vagrant rdp



Uco Mesdag

A sysadmin by day and a coder by night. Working as a senior Linux system engineer with plus 20 years of experience. I write about Linux, tech, code and other things that have my interest.

You've successfully subscribed to
Great! Next, complete checkout for full access to
Welcome back! You've successfully signed in
Success! Your account is fully activated, you now have access to all content.