Mark Minasi's Windows Networking Tech Page
Issue #59 January 2007
[Note: a few things have changed since we released this --
there are notes in the text to reflect that.]
To subscribe, visit http://www.minasi.com/nwsreg.htm.
To unsubscribe, link to http://www.minasi.com/unsubs.htm.
To change e-mail address or other info, link
Visit the Archives at http://www.minasi.com/archive.htm.
Please do not reply to this mail; for comments, please link to www.minasi.com/gethelp. Document
copyright 2006 Mark Minasi.
- My Seminars Coming to a Hotel Near You
- My New Book Administering Windows Vista Security: The Big
Surprises Now On Sale
- Tech Section
- Downloading, Installing and Configuring Windows PE
- Bring a Seminar to Your Site
This month, my associate Rhonda Layfield tells us about a (mostly)
new Microsoft operating system.
Nope, it's not Vista. It's free. And yes, a little
limited — I kinda doubt that you'll ever put it on your Mom's machine
— but it's quite useful for us techie types. I'm talking about the
Windows Preinstallation Environment 2.0, or WinPE. It's a
stripped-down version of Vista that fits on a CD-ROM easily, is the
basis of many repair and installation scenarios, and, as I think I've
already said, is free. In her feature article, Rhonda shows us not
only how to set up a basic WinPE system, but how to add the fundamental
deployment tool to it, how to add network drivers to it, and, in the
process, solve a major problem for those trying to use WinPE in VMWare.
Rhonda is inaugurating a one-day hands-on Vista deployment seminar, and
this is just a small sample of what's in that terrific class.
But, first, a word from our sponsor... and there's a lot to tell you
about this month, as we're announcing the hands-on Vista deployment
seminar, four cities for the two-day class, an 11-CD audio CD version of
the two-day class, and a book on Vista security.
My New Book Administering Windows Vista Security: The Big
Surprises Now On Sale
Vista is the most secure Windows that Microsoft has released, so there's lots of new stuff to learn, and much of it is good news
for anyone looking to keep the bad guys away. But while it is good news, and we all say
we want security, facing new security technologies sometimes means having to learn to do familiar tasks differently, which can be a pain.
In some cases, it can be enough of a pain to cause someone to choose to deploy Vista later, and that'd be a shame; hence my new book.
Administering Windows Vista Security: The Big Surprises focuses on the eight new Vista security technologies that I feel are pretty good when understood, but that could either scare away
the casual evaluator or that are so subtle but nonetheless important that they might not be noticed.
(And at 266 pages, it's a quick read.)
Find out more and read a sample chapter at
News Item: Bitlocker AD Integration Info Released
Those of you who've heard me talk about Vista's BitLocker feature
will know that I've been grumbling that Microsoft has omitted a central
aspect to making BitLocker useful for enterprises: the part that
lets techies store their BitLocker recovery passwords in Active
Directory. But this week brought good news. Go to
and search for "Bitlocker" and you'll find "BitLocker AD Guide."
The puzzle piece has arrived!
Feature Article: Downloading, Installing and Configuring Windows PE
By Rhonda Layfield, co-author, Mastering Windows Server 2003 Upgrade Edition
for R2 and SP1
Anyone who's got to get
Microsoft's new desktop OS, Vista onto a desktop is — or should be — looking
into MS's new deployment tools as well. Of course, you probably already
knew that, as it seems like every IT magazine I pick up has at least one article if
not more on Vista's new deployment tools like ImageX, Windows Deployment Service
(WDS) server (the new RIS), Windows Pre-Installation Boot Environment (WinPE),
and Windows System Image Manager (WSIM).
As a Windows techie, that all sounded like big news and — even better — new
toys, so I started to look into
it, only to find mountains of white papers and a bunch of tools that whose
documentation was, well, a bit uneven, if you know what I mean. Lacking a
roadmap to Deploymentville, I figured I'd begin at the beginning or, rather,
begin at the
boot — the boot OS, that is. The process of putting an operating system
on a computer has always suffered from a chicken-and-egg problem in that you
can't run a Setup program on a bare-metal computer without an operating system,
but the whole point of that Setup program is get the OS on the machine in the
first place. For years, many of us have had to cobble together DOS boot
floppies to get the whole Setup-over-a-network or apply-a-Ghost-image process
rolling. I suspect you'll empathize when I say that putting those floppies
together ranks up in the list of things I love doing somewhere below root canals.
Therein lies one of Vista's unalloyed benefits: WinPE. In this
newsletter, I want to explain to you what it is, where to get it, how to add an
extra program to it and how to install new network drivers on it — something
that I discovered that I had to learn before I could get WinPE to run on VMWare!
WinPE 2.0 is a scaled-down
version of the Vista kernel that you could think of it as "Vista Junior."
(If WinPE's not new to you, then you're probably a big Microsoft
customer; volume license folks have been able to play with WinPE 1.x since XP days.)
As an OS, WinPE has
limited functionality, but you can do things like partition and format hard
drives. It also contains a small set of utilities, things like netstat, ping,
ipconfig, and chkdsk to name a few, and let's not forget one of Mark's favorites,
netsh. WinPE is a simple OS, but it's the basis of most deployment
scenarios as well as the platform for many recovery tools. Interested?
Then let's get started.
Get and Install the Windows Automated Installation Toolkit (WAIK) on a
First, you'll need a "technician machine," Microsoft's name for a system that
can create WinPE images. A machine
running Vista, XP SP2 or Server 2003 SP1/R2 will work just fine. You will need
to install the Windows Automated Installation Kit (WAIK) or the Business Desktop
Development tool (BDD 2007), both of which are free downloads from Microsoft. The BDD is
really just a shell for Vista's new deployment tools, so if you choose to go
with the BDD then you will still have to download the WAIK as a component of the
BDD. There has been some talk about making the WAIK available only as a
component to the BDD. As of Dec 26th I could still download the WAIK as a
separate tool, but I can't guarantee that by the time you read this the that WAIK
will still be available as an independent tool. Regardless of whether you choose
to use the BDD or WAIK, you will need to ensure that the .NET Framework 2.0 and
MSXML 6.0 are installed on your technician machine (both can be found in either
the BDD or the WAIK) if that technician machine is XP or 2003. No need to
add those to a Vista machine, as they're built into it.
You can find the WAIK at www.microsoft.com/downloads.
Search "Windows AIK Windows 7" and it should be the first hit, but when I last
updated this page (31 May 2010), the download offered a file named
"KB3AIK_en.iso" that was 1,789,542,400 bytes. To use it, just burn the
file to a DVD (it won't fit on a CD) using whatever burning software you
like. (If you're running Windows 7, just right-click it and you'll see
that Windows 7 includes an ISO burning ability built right in. If you're
not running Win 7 and don't have any CD/DVD burning software, then you can
either use the CDBURN or DVDBURN software in the 2003 Resource Kit, or Google
"ISO Recorder" to find a very nice, free ISO burner for 2000 and later.)
Once burned, use that DVD to install the WAIK on an XP SP3 or later system.
Important note: when WAIK's setup program asks where to install the
WAIK, do not use the default. Instead, have the setup program put it in
c:\waik. That'll make typing some command lines a whole lot easier than if
you install the WAIK into Program Files!
Set up the Technician Machine for WinPE Development
Once the WAIK's installed,
then open the Windows
PE Tools Command Prompt
by clicking on Start -> All Programs -> Microsoft Windows AIK -> Windows PE
Tools Command Prompt. If you're running this from Vista, then be sure to
elevate the command prompt -- don't click it, right-click it and choose "Run as
administrator." Why not just use the Windows command prompt? Choosing
Windows PE Tools Command Prompt ensures that your PATH environment
variable points to everything that you'll need to create a WinPE image:
some apps we'll soon meet named copype.cmd, imagex.exe,
peimg.exe and oscdimg.exe. All commands must be typed in this command prompt.
Create a simple WinPE Image and Burn it to CD
Next, you'll create your WinPE build environment in a
new folder. Type the following command in your Windows PE Tools Command Prompt:
copype architecture (x86, ia64 or amd64) C:\foldername
For example, to create a WinPE build environment for an x86 machine into a folder named WinPE, type the
copype x86 C:\WinPE
Your new WinPE build environment will
contain the following three folders:
Your command prompt should now look like "C:\WinPE." Create your first
WinPE ISO by typing
- c:\winpe - contains ETFSBoot.com, the WinPE CD's bootstrap loader, and winpe.wim,
a pre-built basic WinPE.
- c:\winpe\ISO - contains all the necessary files to create the WinPE
- c:\winpe\mount - this is
the folder we will mount our windows image file to in order to work with it. NOTE: by default this is an empty folder.
oscdimg -n -h -betfsboot.com iso winpe.iso
Running Your First WinPE Image
That created the file "c:\winpe\winpe.iso," which is a standard ISO that'll fit easily
on a CD. Burn it to a CD and boot it on a computer with at least 256 MB of RAM, and you'll see a screen like this one:
[Summer 2008 Update: if you download the 9
April 2008 WAIK -- the most recent one -- then you'll see a gray
background rather than the blue-green one. Don't worry about it,
it's a slighter newer "WinPE 2.1" with a more boring bit of wallpaper.]
Look familiar? It kind of looks like a Vista desktop with just a command prompt
window. But there's no Start menu, no taskbar, and pretty much no GUI. (Regedit
does work, though, and it's sort of GUI-ish.) That's the main
barrier to using WinPE — you've got to be somewhat comfortable with the command
prompt to get anything done in WinPE. Nevertheless, it's a nice basic OS
for doing a lot of things.
Now, in my case, I didn't have an extra machine
around to try my WinPE on, so I ran it in a VMWare Workstation 5.3.3 virtual
Important note: if you do this, then
create the virtual machine of type "Windows Vista (experimental)."
Choosing Windows 2000, "other," or something else will get you a virtual
machine with a virtual NIC that Windows PE doesn't have drivers for and
can't get drivers for — so you'll never get it to network.
It booted up fine — that's where the screen shot came from — but when I immediately checked my network status by typing
ipconfig, I got a
result of just "Windows IP Configuration" and no NICs. A quick try of the
WinPE CD on my notebook yielded an ipconfig output that had NICs, so
clearly I was facing a driver problem. VMWare's virtual machines have
virtual NICs, and those NICs don't reflect any actual NICs; instead, they run an
imaginary NIC called a "vmxnet" NIC. Installing VMWare Tools on a virtual
Vista, XP or other Windows machine results in a folder c:\program files\vmware\vmware tools\drivers\vmxnet
on that virtual machine
that contain the drivers for this imaginary vmxnet NIC... but how to get WinPE
to recognize those drivers, particularly as trying to install VMWare Tools on a
WinPE VM failed?
And while we're modifying our WinPE image, let's add a program to it.
The WAIK includes a tool named imagex.exe that is fundamental to most WinPE-related
deployment scenarios, so I was a bit puzzled that imagex.exe wasn't already
installed on the basic WinPE, but it wasn't, so let's also see how to add imagex.exe
Now, when we created that first WinPE ISO, we just built it out from the default
configuration supplied from the WAIK. To add things to that configuration
and create a new WinPE image, we'll have to learn a few skills:
- How to examine the default configuration by "mounting" the default WinPE
image to a folder,
- How to add imagex.exe to the system32 directory of that image,
- How to add — "inject" is Microsoft's term — the vmxnet drivers to that
- How to take that modified WinPE image and make it into an ISO.
Mounting a WinPE Image With Imagex
A look in the c:\winpe folder shows a large file called "winpe.wim."
That single file is of a new type called a "Windows image" file, which as you
can see has the extension .wim. WIM files are sort of Microsoft's answer
to Ghost files, a method of capturing and storing an entire OS image to a single
file, which can be deployed with a number of tools. The winpe.wim image
that the WAIK supplies is the all-in-one-file version of the WinPE CD that
you've already built. To change that image, though, we'll need to "unlock"
it and expose the files inside of it. The imagex.exe program that I
mentioned earlier will let us do that by letting us "mount" the image to a
folder. Notice that the c:\winpe folder contains a folder called "mount;"
it's empty and should stay empty. Its only job is to provide a kind of
"alias" that lets us look into the winpe.wim image through the
folder. That'll be a bit clearer once we do it.
Return to your technician machine and the Windows PE Command Prompt, which
should be at c:\winpe; if not, then cd \winpe to get there. Mount
winpe.wim to the mount folder by typing
imagex /mountrw winpe.wim 1 mount
Note that if you didn't start your command prompt by clicking
"Windows PE Command Prompt," then you'd have to type the path of imagex,
and the command would be
c:\waik\tools\x86\imagex /mountrw winpe.wim 1 mount
ImageX is a topic for another day, but briefly here's what you've typed.
"/mountrw" is the switch used to mount the winpe.wim file
in a read/write format — if you forget to add the rw to the end of the mount
statement, you won't be able to edit the image file. The winpe.wim is the .wim
file you would like to mount. The number 1 is the image index number. The image
index number is important because Microsoft's new imaging technology allows you
to store multiple images in a single .wim file. The index number identifies the image within the .wim file
that you want to work with. The default winpe.wim only has one index but you
still need to include the number 1 in the mount command or it won't work. To
find out how many images a .wim contains, type the following:
imagex /info c:\winpe\winpe.wim
Your available image choices will be listed,
<IMAGE INDEX=1> is the image we are working with in this example.
is the folder you are going to mount your winpe.wim image to.
Assuming that all went well, try looking in the c:\winpe\mount folder.
What was once empty now has folders named Users, Windows and more but, again,
they aren't really in the mount folder — imagex just lets us essentially put on
"WIM goggles" and see inside winpe.wim through the mount folder. Now that
winpe.wim's mounted, we can use a few tools to add things to the winpe.wim image
so that we can then make and ISO and a boot CD of that image.
Adding Packages to WinPE
WAIK lets you load any add-ons called "packages" that provide additional
functionality. More specifically, if you would like to include support for
running HTML, WMI, XML or WSH scripts, you will need to add one or more of the
available packages. There are 15 packages by default to choose from. To view the
list of packages type the following:
peimg /list /image=c:\winpe\mount
You will see a listing of
packages that look like this:
To add a package, say the XML parser support package (so you can run XML scripts
in your WinPE) you would type the following:
peimg /install=WinPE-XML-Package C:\WinPE\mount\windows
OR you can use wildcards (*) for less typing:
peimg /install=*XML* C:\WinPE\mount\windows
To confirm that
your package has been added to your winpe.wim, run the “peimg /list
/image=c:\winpe\mount” command again, the packages you added should have a +
sign in the Ins column, like this:
Adding ("Injecting") WinPE Drivers
We're ready now to add those vmxnet drivers to our WinPE image. First,
you'll need to get the drivers; here's how. Create a new virtual Vista machine from the Vista
product DVD using VMWare Workstation 5.5.3. By default your virtual Vista
machine will not have networking, but installing the VMWare tools into your
virtual Vista machine will load network drivers, so go ahead and install the VMWare tools (from the VMWare menu click on VM and then choose "Install VMware
Tools"). Now, after installing the VMware tools you should have networking on
your virtual Vista machine, you can check this by typing /ipconfig at a command
prompt -- if you have an IP address, you have networking. Next, from the virtual
Vista machine that you just installed the VMware tools on, copy the entire
contents of the C:\Program
Files\VMWare\VMWare Tools\Drivers\vmxnet folder to a folder named C:\Drivers on your technician machine. To inject
the VMware network drivers into your winpe.wim type the following two commands
in your Windows PE Tools Command Prompt:
peimg /inf=c:\drivers\vmxnet.inf c:\winpe\mount\windows
peimg /inf=c:\drivers\vmware-nic.inf c:\winpe\mount\windows
OR, remember that wildcards (*) work, so typing the following works as well:
peimg /inf=c:\drivers\vm*.inf c:\winpe\mount\windows or peimg /inf=c:\drivers\vm*.* c:\winpe\mount\windows
Adding Imagex to Your WinPE Image
As I suggested earlier, we'll want imagex.exe on our WinPE image.
That's because imagex is a
powerful command line tool that allows you to capture and apply
images and, again, for some reason imagex is not included in a WinPE by default
(which is why we have to add it).
As for getting imagex.exe into your WinPE, a simple copy
is all that's needed. Imagex.exe is installed by default when you install the
Windows AIK. You could choose to use Windows Explorer and browse to image.exe by
launching Windows Explorer and expanding c:\waik\tools, where you'll see folders
named x86, amd64 and ia64 -- there's an imagex for standard 32-bit systems, x64
systems, and Itanium systems. We'll copy the x86 version with this
Copy C:\WAIK\Tools\x86\imagex.exe c:\winpe\mount\windows\system32
That just copied the file to the system32 folder of our winpe.wim image,
where it'll always be on the path and easily available from the command line.
Saving the Changes: Unmounting
Now that we've finished our changes, let's save them to our winpe.wim by typing:
imagex /unmount c:\winpe\mount /commit
The /commit switch
saves your changes. If you forget to type the /commit, your changes will not be
Place the winpe.wim in the ISO Folder
Now our changes are in the winpe.wim file, as a look at its "last modified"
date and time will confirm. But don't re-type the oscdimg command that we
did before — there's another step we've got to do to see that winpe.wim's image
end up as an ISO. The oscdimg command that we did before said to take the
files in the folder named "ISO" and assemble them into an ISO file. A look
inside the ISO folder shows that there's a folder named "Sources" and, inside
that, a large file named boot.wim. That is the WIM that is the
WinPE image we'll create, not winpe.wim, so we need to overwrite that
boot.wim with our customized winpe.wim to get our desired image on that ISO.
Do that by typing
xcopy c:\winpe\winpe.wim c:\winpe\iso\sources\boot.wim /y
Create the ISO
Now we're ready to make our final customized ISO! Type the following:
oscdimg -n -h -bc:\winpe\etfsboot.com c:\winpe\iso c:\winpe\winpe.iso
The oscdimg.exe is the command line utility that tells etfsboot.com to look in
the c:\winpe\iso folder for a file named boot.wim, when found convert the
boot.wim to an ISO named winpe.iso, and put it in the WinPE folder. The -n
option allows for long file names and the -b option makes it bootable or
El-Torito compliant. If you are creating a bootable ISO for a ia64 architecture,
replace etfsboot.com with efisys.bin. -h says to write any hidden files or
You now have a bootable WinPE ISO called winpe.iso. Burn that to a CD,
fire it up and you'll see that ipconfig yields good news, and the imagex command
works. Congratulations, you've built your first custom WinPE system!
You'll could now
choose to connect to a server that has a Vista installation image using the net
use V: \\servername\sharename command and download a Vista installation image,
repartion the system's drive — WinPE is running now from a RAM disk and you can
remove the CD if you like without crashing the system — or do any of a number
of things. You've completed the first real task in building your
hope you have found these step-by-steps useful and if you have any questions or
comments on the WinPE information provided, please email Rhonda Layfield at