Leinss.com Gets a Makeover!

Take a look at the sexy new leinss.com layout!  I’ve been bored recently with World of Warcraft and decided to do something about my ugly web site.  The web site expands to the full size of the screen now and the font is bigger.  I’ll be going through and reviewing all sections to see what needs to get added/removed/updated.  You may have to hit “Shift-F5” to see the new site.

– Soli Deo Gloria

Quick and Dirty ImageX

Update 8/26/08: Forgot about the WinPE 2.0 uberbug with diskpart.  See this article here.  To fix this, place the following in uberbug.reg and then add that to the menu

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINESYSTEMCURRENTCONTROLSETSERVICESVDSALIGNMENT]
“LessThan4GB”=dword:00000000
“Between4_8GB”=dword:00000000
“Between8_32GB”=dword:00000000
“GreaterThan32GB”=dword:00000000

Here’s a quick and dirty overview of how to replace Norton Ghost with ImageX. ImageX captures information about the file system, but nothing of disk structures (master boot record, sectors, etc). Therefore, in using ImageX, we need to include writing out the boot sector with bootsect.exe. Since ImageX is command line driven, the first order of business is finding a GUI wrapper. I found such a wrapper called GImageX. GImageX interacts directly with wimgapi.dll, therefore, some support files from Microsoft WAIK will be needed. Specifically, that includes: imagex.exe, intlcfg.exe, wimgapi.dll, wimfltr.inf, and wimfiltr.sys.

I threw all of the files, including the WIMs I captured, on a network share with these support files (don’t forget bootsect.exe!). I then wrote a simple batch file:

@echo off
:TOP
regedit /s uberbug.reg
cls
echo Microsoft ImageX Menu by Adam Leinss
echo ————————————–
echo.
echo 1. Prep Disk (WARNING: THIS DESTROYS ALL DATA ON DISK!)
echo 2. Prep Boot Sector for Windows XP OS
echo 3. Prep Boot Sector for Windows Vista OS
echo 4. Run GImageX
echo.
echo 5. Exit
echo.
Set /P sel=Make your choice:
echo.
For %%a In (1, 2, 3, 4, 5) Do if “%sel%”==”%%a” Goto SELECT_%%a
echo Invalid selection. Valid values are 1 thru 5. Press Enter To continue
pause>NUL
Goto TOP
:SELECT_1
mbrwiz /disk=0 /part=* /del /confirm
diskpart -s diskprep.s
Goto TOP
:SELECT_2
bootsect /nt52 sys
Goto TOP
:SELECT_3
bootsect /nt60 sys
Goto TOP
:SELECT_4
gimagex.exe
Goto TOP
:SELECT_5
Goto :EOF

The diskprep script I use:

select disk 0
clean
create partition primary
format quick
active
assign letter=C

This gets the disk nice and clean for us to use. You actually have to use MBRWiz to do the initial wipe, as “diskpart clean” only wipes one partition (versus diskpart clean all which takes forever). This is never an issue with Ghost, as it writes out the file system sector-by-sector.

After cleaning the disk, you can pick either #2 or #3 to prep the boot sector depending on what OS you are going to deploy.

Finally, we run GImageX, click the Apply tab and pick the Source/Destination. Now you have an imaged PC, just like with Ghost!

I used the WinPE 2.0 install media from SCCM 2007 to boot the PC and connect to the network share, but you can use any favor of WinPE you want (BartPE, WAIK PE, etc).  I found decent WinPE 2.0 (Vista based) setup instructions here.

Update (9/9/08): If you use WinPE 1.x: it has an older version of diskpart that does not have the format command built-in.  So you can either update the version of diskpart on the WinPE 1.x disc or re-write the script so the the format command in diskprep.s is taken out, then you can use “format C: /fs:ntfs /quick” on another line.  The WinPE 1.x diskpart also does not handle USB flash drives correctly and you cannot simply copy diskpart from WinPE 1.x to WinPE 2.0.  Therefore, I strongly urge you to use WinPE 2.0 for dealing with images.

Sample VBScript code below to map network drivers if you have multiple locations on different subnets.  Note that if you just use straight up net use commands, you might run into timing issues since WinPE will not wait until executing the next line of code.  Using the run object with the 1 option will prevent WinPE from continuing on until the drive is mapped.

Set objShell = WScript.CreateObject("WScript.Shell")
Set colItems = GetObject("winmgmts://.").ExecQuery("select * from Win32_NetworkAdapterConfiguration where IPEnabled=TRUE")
For each objItem In colItems
If Not IsNull(objItem.IPAddress) Then
strIP = "IPAddress: " & objItem.IPAddress(i)
End If
Next
If InStr(strIP,"10.3.") Then
objShell.run("net use * \server3osd /user:yourdomainsrvacct secretpwd"),1,true
ElseIf InStr(strIP,"10.2.") Then
objShell.run("net use * \server2osd /user:yourdomainsrvacct secretpwd"),1,true
ElseIf InStr(strIP,"10.1.") Then
objShell.run("net use * \server1osdsccm2007images /user:yourdomainsrvacct secretpwd"),1,true
End If

Update (8/20/11): Upon designing a simplified GimageX setup for another company, I discovered for Windows 7 you can use BCDBOOT to fix boot sector/BCD issues after wiping a disk and using the raw imagex binaries to throw down an image.  Copy the x86 version of bcdboot.exe from an existing Windows 7 installation (to match your version of WinPE which is likely x86) to your network share, then issue bcdboot C:windows after the image is laid down and the BCD will be fixed.  You can place this command after gimagex.exe in the menu so you don’t have to run it as a menu option if the only operating system you are imaging is Windows 7.

Though I didn’t use it, you can also use the Microsoft Script Encoder to obfuscate your VBS script code to keep out the nosy Nellies.  

– Soli Deo Gloria

Windows 7 Blog

Microsoft has just created a blog on the development of Windows 7, the successor to Windows Vista. There really isn’t anything exciting there now, but it might be worth checking out over time.

As you may have noticed, the postings on my blog have slowed down. June was the blog’s 3 year anniversary and I didn’t even post anything! I’ve been busy working on pushing out programs with SCCM 2007 and playing World of Warcraft. I think posting on SCCM 2007 may be a bit boring, as only high level companies are going to be running it and therefore will be out of reach of the common tech. We also upgraded to NOD32 from Symantec Antivirus, so I don’t really have any more spyware stories to whip up at this time.

-Soli Deo Gloria