Wednesday, June 11, 2014

Windows Recovery Environment (WinRE) Expanded Recently at a client I got asked to consolidate their boot images, and I began to do some research, first and foremost I found out pretty quickly that their exists very little information on the Web regarding Microsoft WinRE, second that most boot images currently in use regardless their purpose rely on the infrastructure proffered by WinRE. Goals of the Project 1. Build a WinRE based WIM 2. Add all the organization's computer's network drivers 3. Add the Following Applications • Macrium Reflect Free A WinPE based Hard Disk Cloning Suite, Microsoft Diagnostic and Recovery Toolset & Microsoft Deployment Toolkit

Create Blass PC Suite

Prerequisites

Install Microsoft Windows ADK

·         Download the ADKSetup.exe and Run as Admin
o   Click Next
o   Click Next
o   Click Accept to Accept the EULA

o   Install Exclusively Deployment Tools and the Windows Pre-installation Environment  
·         Install Microsoft Diagnostic and Recovery Toolkit 8.1
o   Run the MSDaRT81.msi or Operating System Appropriate DaRT Installer (Note: This has only been tested on DaRT 8 and DaRT 8.1)
o   Click Next
o   Click I Agree (EULA Terms)
o   Click Next
o   Click Next
o   Click Install
o   Click Finish

o   Run the DaRT Recovery Image Application
o   Mount your Architecture Appropriate Microsoft Windows 8.1 Installation Media
o   Click Next  
o   Select your Previously Mounted Installation Media and Click Next to Continue
o   Click Next to Continue
o   Check the Allow Remote Connections Check Box Leaving the other defaults click next to continue
o   Click Next to Continue We will add drivers at a later stage so that they will be accessible to all applications within the WinPE Environment
o   Remove the Create ISO and Create Power Shell Script Check Marks and Click Create to Continue We will create the ISO at a later stage
o   Click Next to Continue
o   Click Close We Will Create an ISO in a later stage
·         Install Architecturally Correct Paramount Macrium Reflect
o   Run the Reflectdl.exe as Admin
o   Click Download
o   Click Next to Continue
o   Click Next to Continue
o   Accept the EULA and Click Next to Continue
o   Click Next to Continue
o   Click Next to Continue
o   Click Next to Continue
o   Click Install to Continue
o   Click Finish to Continue

Make a Microsoft Diagnostic and Recovery Toolset Rescue Disc

o   Click Next to Continue  
o   Select your Previously Mounted Installation Media and Click Next to
Continue
o   Click Next to Continue
o   Check the Allow Remote Connections Check Box Leaving the other defaults click next to continue
o   Click Next to Continue We will add drivers at a later stage so that they will be accessible to all applications within the WinPE Environment
o   Remove the Create ISO and Create Power Shell Script Check Marks and Click Create to Continue We will create the ISO at a later stage
o   Click Next to Continue

Create a Macrium Rescue CD

·         Run Reflect as Admin
o   Go to the Other Tasks Pull Down Menu and choose create Recue Media
o   Click Next to Continue (The Windows PE version here is irrelevant
because we will not be using this Windows PE just some files form it.)
o   Click Continue
o   Accept all Updates
o   Choose the Architecture Appropriate WinPE
o   Click Download to Continue
o   Click Continue
o   Click Finish to Continue
o   Click Save to Continue

o   Click OK to Continue
o   Close Macrium Reflect

Create LiteTouch MDT Boot Image

·         Open the MDT Console
o   Right Click on the Deployment Share and Choose Update Deployment Share
o   Click Next to Continue
o   Click Next to Continue
o   Click Finish to Continue

Stage the Boot Images

·         Copy all three Boot Images to a Common Folder Called Sources located on the Desktop

Mount the Boot Images and Extract the Requisite Files

·         Create A Folder called Working Environment
o   Create a Folder Called Sources, this will contain the source WIMs
o   Create a Folder called Destination, this will contain the files and directories that you will copy from the mounted WIM files.
o   Create a folder for the mounted WIM to be mounted to.
·         Run the Deployment and Imaging Tools Environment as Admin
o    Mount the WIM: dism /mount-wim /wimfile:<Location of WIM><Name of WIM> /index:<Image Number For Dart is 2 for all else is 1> /MountDir:<Mount Location> (Repeat for all Boot Images)


Files to Be Extracted

MDT: <WIM Root>\Windows\System32\WinPLSHL.ini

DaRT: We will utilize the DaRT as the base image

Macrium: <WIM Root>\Program Files\Macrium

o   To Unmount each WIM please enter the following at the prompt: dism /unmount-wim /mountdir:<Mount Location> /discard
o   At this stage we mount the DaRT WIM and begin to add features
§  Open a command prompt ass Admin. Enter the following command at the prompt:
Dism /Add-Package /Image:"<Mount Directory>" /PackagePath:"C:\Program Files\Windows Kits\8.1\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Package File>" Dism /Add-Package /Image:"<Mount Directory>" /PackagePath:"C:\Program Files\Windows Kits\8.1\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-US\<Package File>" §  The following packages must be added
1.       WinPE-HTA.cab
2.       En-US\WinPE-HTA_en-us.cab
3.       WinPE-Scripting.cab
4.       En-US\ WinPE-Scripting_en-us.cab
5.       WinPE-WMI.cab
6.       En-US\ WinPE-WMI_en-us.cab
 Note: It is highly recommended to limit the number of packages that you add to your custom PE as this will increase the size of your final image.

Note: It is highly recommended to limit the number of packages that you add to your custom PE as this will increase the size of your final image.






o   Copy the files to the correct location as seen in the bellow chart

Destination for all Files

MDT: <WIM Root>\Sources\Recovery\Tools\Deploy
DaRT:No Changes Required
Macrium: <WIM Root>\ Sources\Recovery\Tools\Macrium
PE Menu: <WIM Root>\Sources\Recovery\Tools\PE Menu

o   Open the WinPLSHL.ini with a standard editor such as Notepad ++ this file can be located in the mount directory at <WIM Root>\Windows\System32


Note: There are multiple methods for launching applications at WinPE start please see the bellow table for methods and apparent limitations.

Location
File Name
Notes
<WIM Root>\Windows\System 32\
StartNET.cmd
No apparent other than those associated with standard batch files.
<WIM Root>\Windows\System32
WinPLSHL.ini
Final application has to be an executable application that will serve as the shell application
<WIM Root>\Sources\Recovery\Tools
WinRE.xml
Only one application may be listed here and it must be an executable. HTAs according to Microsoft can be added but I have yet not succeeded. This option is limited to WinRE based WIM's and may not be utilized for alternative WinPEs.
<WIM Root>
Unattended.xml
Using the RunOnce feature one may nearly any type of file. However editing requires the installation of Windows System Image Manager a free application that comes with Microsoft Assessment and Deployment Toolkit.

Note: I recommend that you leave the WinRE.xml untouched as this will allow you to run DaRT from within the Microsoft Windows Recovery Environment. Assuming that your organization uses Microsoft BitLocker this will allow you to suspend BitLocker from within the WinPE a handy tool.
o   As you can see in the image bellow I run the HTA from within a Btach Script as the WinPLSHL.ini cannot run HTA files natively.
o   You can find my HTA and its supporting files at the following link.

File Name
WinPESHL.ini
WinRE.cmd
PE Menu (Folder)
Destination
<WIM Root>\Windows\System32
<WIM Root>\Windows\System32
<WIM Root>\Sources\Recovery\Tools

o   The Script WinRE.cmd is a relatively simple batch script that searches out the first drive that contains a Windows directory and adds it to the registry of the WinPE so that the DaRT will accurately function. The registry string is, HKLM\SOFTWARE\Microsoft\RecoveryEnvironment\TargetOS.

Closing your WIM for Testing

·         Run the CMD as Admin
o   Enter the following command at the prompt: dism /unmount-wim /mountdir:<Mount Location> /commit (The Commit Switch commits your changes to the WIM as opposed to the Discard switch which discards your changes to the WIM.) 

Adding Network Drivers to the WIM

Note: This section is written with several assumptions in mind, the first being that your organization is utilizing a pure MDT environment for deployments and second that your Deployment Share is sitting on the D Drive.

·         Mount Your WIM, Open the CMD Prompt as an Admin in Windows 8.1 or from the Deployment Toolkit Environment dism /mount-wim /wimfile:<Location of WIM>\<Name of WIM> /index:2 /mountdir:<Mount Directory Location>
·         Inject the Driver from the elevated command prompt dism /image:<Mount Directory> /Add-Driver /Driver:” D:\DeploymentShare\Out-of-Box Drivers\Net” /Recurse
·         Now dismount the WIM File from the elevated CMD prompt dism /unmount-wim /mountdir:<Mount Directory> /commit


Create an ISO for testing on your VM

·         Take the  64 Bit ISO you created initially for the DaRT boot image mount it and copy the contents to a spate folder
o   Delete the Boot.wim located at the root
o   Create a folder at the root called Sources
o   Create two new folder within Sources one called AMD64 and a second called x86
o   Copy your architecture specific boot images to their respective folders
·         Run the Deployment and Imaging Tools Environment as Admin
o   At the prompt please enter: oscdimg –betfsboot.com –n –h <Location of Your DaRT WIM> C:\HTA.iso -m
Note: The file etfsboot.com can be located at the root of you Microsoft Windows 8.1 ISO or at the following link.

Finally 

If you have followed the above steps carefully you should be rewarded with the bellow screen upon boot.