• Completely changing the language of the operating system
• Changing the timeout in the Windows Boot Manager
• Configuring the certificate for Remote Desktop
• Using EUI-64 instead of random IPv6 addresses

Completely changing the language of the operating system

1. Install language pack.
2. Run %windir%\system32\sysprep\sysprep.exe,  selecting Enter System Out-of-Box Experience (OOBE) (keeping Generalize disabled) and select Reboot (idea from here).
3. Select the correct language in the wizard that shows after the reboot.
4. Change network name(s) if ncessary.  Go to Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles in the Registry Editor (idea from here). Alternatively,  reset the network settings (Network & Internet settings ➞_ Network reset_)
5. Optionally, change the regional / format settings to something which is useful to you. For example, I use the en_US locale, but I prefer the ISO date format and 24 hour clock:
   • Short date: yyyy-MM-dd
   • Short time: HH:mm
   • Long time: HH:mm:ss
   • First day of week: Monday
   • Measurement system: Metric
   • Currency symbol: €
   • Positive currency format: 1.1 €
   • Negative currency format: -1.1 €
6. Copy the settings to the welcome screen and new user accounts.

Changing the timeout in the Windows Boot Manager

(from https://docs.microsoft.com/en-us/windows-hardware/drivers/devtest/bcdedit--timeout)

Configuring the certificate for Remote Desktop

First,  we have to get the thumbprint, then we can tell the Remote Desktop services to use the certificate with this thumbprint:

(from https://blog.icewolf.ch/archive/2021/07/03/secure-remote-desktop-connections-with-certificates.aspx)

Using EUI-64 instead of random IPv6 addresses

This can be done in exactly the same ways as for Windows Server 2012 R2.