Create a bootable WinPE boot disk to capture images using imagex

Here is a quick list of commands to create a basic WinPE bootable ISO image to use for capturing images of computers using imagex. First of all make sue that you have downloaded and installed the Windows AIK (Automated Installation Kit) on your computer which can be found here. Once the Windows AIK is installed run the ‘Deployment Tools Command Prompt’ form the Start Menu under ‘Microsoft Windows AIK’. In the ‘Deployment Tools Command Prompt’ run the following command which will create a folder on your C:\ drive called ‘winpe-bootdisk’ with all the necessary files to create the bootdisk:

copype.cmd x86 c:\winpe-bootdisk

The copy the winpe.wim base image to the c:\winpe-bootdisk\ISO\sources folder, renaming it to boot.wim

copy c:\winpe-bootdisk\winpe.wim c:\winpe-bootdisk\ISO\sources\boot.wim

Next you can mount the boot.wim image file to add any other tools that you want to include on the bootdisk. Once mounted the file system for boot.wim file can be found under c:\winpe-bootdisk\mount:

Dism /Mount-Wim /WimFile:C:\winpe-bootdisk\ISO\sources\boot.wim /index:1 /MountDir:C:\winpe-bootdisk\mount

If necessary copy any other tools you want to the boot.wim image e.g. imagex:

copy “C:\program files\Windows AIK\Tools\x86\imagex.exe” C:\winpe-bootdisk\mount\Windows\System32

You may also want to add additional packages or tools e.g. WSH (Windows Scripting Host) support

Dism /image:C:\winpe-bootdisk\mount /Add-Package /PackagePath:”C:\Program Files\Windows AIK\Tools\PETools\x86\WinPE_FPs\en-us\winpe-scripting.cab”

When you have finished adding stuff to the wim image unmount the boot.wim image and commit ther changes using the following command:

Dism /unmount-Wim /MountDir:C:\winpe-bootdisk\mount /Commit

Finally use oscdimg to create the boot disk ISO image

Oscdimg -n -bC:\winpe-bootdisk\Etfsboot.com C:\winpe-bootdisk\ISO C:\winpe-bootdisk\winpe-bootdisk.iso

After this you can burn the image to CD, and start using it! To capture an image of a computer using your new WinPE boot disk run the following command, where DRIVE_TO_CAPTURE is the name of the drive you want to cature and DESTINATION_FILE is the location and name of the wim file that you want to save the image to:

imagex /capture DRIVE_TO_CAPTURE DESTINTATION_FILE /compress fast verify

e.g.

imagex /capture E: D:\win7-corp.img /compress fast verify

References:

http://technet.microsoft.com/en-us/library/dd744533(WS.10).aspx

http://technet.microsoft.com/en-us/library/dd799303(v=ws.10).aspx

Deploying Java and Adobe Reader via Group Policy

Java:

Firstly download the latest Java Windows offline installer here.

Run the installer, and wait for the Welcome screen to appear. Next, navigate to the following directory, where USER_NAME is the name of the logged on user, and jre_VERSION is the name of the version of Java that you have just extracted:

C:\Users\USER_NAME\AppData\LocalLow\Sun\Java\jre_VERSION

In this folder you will find an msi file and a data.cab file. Copy the jre_VERSION folder to you network deployment point, and then add the msi file path to a new package in the software installation section of the Group Policy Object (GPO) that you wish to deploy Java to.

 

Adobe Reader:

Simple Method:

Download the most recent MSI file from ftp://ftp.adobe.com/pub/adobe/reader/win and deploy that to a new package in the software installation section of the GPO that you wish to deploy to e.g. AdbeRdr11000_en_US.msi. Note that Adobe only issue MSI files for the major releases e.g. 11.0.00.

Complex Method

This method includes how to patch the MSI file of the major release outlined in the simple method to include all the latest security patches. Firstly download the MSI file for the major release which you want to patch and place it in a folder on your computer e.g. C:\ADOBEREADER

Next download the .exe file for the update version which you want to patch to e.g. 11.0.01 from ftp://ftp.adobe.com/pub/adobe/reader/win and extract the contents using the following command, where _VERSION is the version number of the file you downloaded:

AdbeRdr_VERSION_en_US.exe -nos_ne

e.g. AdbeRdr1101_en_US.exe -nos_ne

This will extract the contents of the .exe file to a subfolder in the C:\ProgramData\Adobe\Setup folder. Copy the .MSP file contained in this folder to the C:\ADOBEREADER folder you created earlier. From the command prompt navigate to the C:\ADOBEREADER folder and run the following command where MSI_VERSION is the version of the MSI file that you are updating and PATCH_VERSION is the version of the patch that you are applying :

msiexec /a AdbeRdr_MSI_VERSION_en_US.msi /p AdbeRdr_PATCH_VERSION.msp

e.g. msiexec /a AdbeRdr11000_en_US.msi /p AdbeUpd11001.msp

Click through the steps of the installer, and then click finish. Your .msi file has now been patched

Finally, copy your new patched msi file to your network deployment point and create a new package in the software installation section of the GPO which you wish to deploy Adobe Reader to.

References:

How do I deploy Java using Active Directory across a network?

How to extract an MSI file from the EXE for Adobe Reader

Generate a new SID on Windows Server 2008 and Windows 7

With the NewSID tool no longer supported by Microsoft for more recent versions of Windows, you may find yourself in a situation where you need to generate a new SID on a Windows Server 2008 or Windows 7 computer, and wonder which tool you need to use. I myself have run across an issue in the past in our development environment where duplicate SIDs caused a problem. Care needs to be taken when cloning Windows virtual machines, particularly if they will later be used as domain controllers.

In order to avoid any issues like this, the new preferred method to set a new SID on a Windows machine is to use Sysprep. Before running Sysprep, you may wish to verify the current SID on the sytem that you wish to modify. This can easily be done by running the psgetsid utility, which is part of the excellent Pstools developed by Mark Russinovich. The output of the psgetsid command can be seen below, showing the current machine SID:

Output of psgetsid before running Sysprep on Windows Server 2008 R2

 Next you can sysprep by running the following command:

C:\Windows\System32\Sysprep\sysprep.exe

Running Sysprep
 
On the Sysprep, screen make sure that you tick the ‘Generalize’ tick box as shown below:
 

Choose settings for the System Preparation Tool

 The Sysprep process will take a few minutes to run, and will automatically reboot the system if you chose to do so. On reboot, the following screen will be displayed. Click ‘Next’ to continue:

 

Click next to continue the Sysprep process

 After the sysprep process is complete, you can run psgetsid again to verify that a new SID has been generated for this computer:

Output of psgetsid after running Sysprep on Windows Server 2008 R2