Get DaRT to Launch Remote Connections Tools Automatically

Launching the Remote Connection Tool at Startup

With a simple configuration file change you can modify our DaRT media to boot directly to the Remote Connection tool. When a connection is established the DaRT boot sequence will continue, leaving all the hard choices for the technician.

Note: This method assumes you are using DHCP, otherwise you will need to create a script that assigns a network address before launching the Remote Connection tool.

Instructions

  1. From Windows 7 start menu, run “DaRT Recovery Image”.
  2. Go through the wizard up until you get to the “Additional Files” page.
    Note: Don’t forget to enable Remote Connections or else starting the Remote Connection tool at startup will have no effect.
  3. The “Add additional tools” page in the wizard will allow you to customize DaRT to your heart’s content. At this point click the “Show Files…” button.
  4. Navigate to the Windows\System32 directory within this temporary folder
  5. Modify the “winpeshl.ini” file permission to give “modify” permissions to your current user.

Open the “winpeshl.ini” file and modify the file to look like below:

[LaunchApps]
"%windir%\system32\netstart.exe -network -remount"
"cmd /C start %windir%\system32\RemoteRecovery.exe -nomessage"
"%windir%\system32\WaitForConnection.exe"
"%SYSTEMDRIVE%\sources\recovery\recenv.exe"

Save the newly created iso file and extract the wim from it and switch it into your recovery folder as I showed HERE.

Now when you startup the PC by pressing F8 and selecting Repair this Computer the remote connection screen starts automatically as shown below.

The end user only needs to supply the technician with the Ticket number, IP and Port and he can connect and repair the system.

SNAGHTML13f21711

Note: If you cancel the remote connection screen at the local workstation, the script will continue as normal, prompting for a language selection and  administrator password before launching the System Recovery Options Screen.

Advertisements

Using Dart 7’s Standalone System Sweeper

Microsoft’s Standalone System Sweeper has been designed to aid users in starting an infected PC and performing offline malware scans to remove viruses, trojans, rootkits and other forms of malware effectively. It is also used if malware is hindering the user to install or start an antivirus software on the infected system, or if the applications used to detect malware are not able to find the malware on the PC.

Once you have launched Dart, select the Standalone System Sweeper

If you havent updated your definitions in a while, you will be prompted to check for updates.

Once your definitions have been updated start a full scan.

Windows 7 Advanced Boot Options and Starting Dart 7

Note: The following instructions apply if you setup WinRE to include DaRT from my previous post Check it out here

Start your computer and tap on the F8  key to get to the Advanced Boot Options Screen then choose “Repair your computer”

Advanced_Boot_Options

Since Dart 7 has been added to your default WinRE you now have the option to start network support at the start of WinRE. Choose YES

8-24-2011 2-50-03 AM

In a Windows PE environment your drive mappings will not have the same drive letters and this can be confusing.

Choose YES to remap them

8-24-2011 2-50-13 AM

Select you Language and choose Next

8-24-2011 2-50-23 AM

You’ll notice that DART (Microsoft Diagnostics and Recovery Toolset) has been added to the WinRE menu

Select Microsoft Diagnostics and Recovery Toolset.

8-24-2011 2-51-05 AM

You now have 14 additional tools at your disposal.  My  favorites are below.

Locksmith (for those times when someone messes up their administrator passwords)

Standalone System Sweeper (for that nasty malware that’s difficult to clean while in Windows)

Remote Connections (have the user select this and you can remote in with the Dart Remote connection viewer and fix it all from your desk)

Check this blog if you want to have DaRT automaticaly start Remote Connections

8-24-2011 2-51-20 AM

I will go into more detail on how to use some of these great tools in a future blog.

Adding the DART 7 Recovery Toolset to the Default Windows 7 or Server 2008 R2 Recovery PE

If you want to have access to the broader range of tools that  Microsoft’s Diagnostics and Recovery Tools (DART) gives you, then here is way to add these into your default Windows RE

Note that you will need an active Software Assurance (SA) license to each OS that deployed with DaRT.

Creating the Dart 7 ISO Image

Install DaRT 7 from Microsoft Desktop Optimization Pack 2011 R2 (available to customers with active Software Assurance license) on your computer or on computer with DVD burner.

From the Windos start menu  under Microsoft Dart 7 open the DaRT Recovery Image Wizard and  follow these steps to create DaRT 7 ISO image:

On the welcome screen click “Next“.

Insert and navigate to Windows 7/Server 2008 R2 media and click “Next“.

On the Preparing files screen click on “Next“.

Select or exclude the tools that will be included in your ERD image and click on “Next“.

Locate the Windows Debugging tools and click on “Next“.

Choose if you want to allow Remote Connections and click on “Next“.

Choose if you want to update your ERD’s Standalone system sweeper and click on “Next“.

If you want to add additional drivers, click on Add. Then click on “Next“.

On the Additional Files click on “Next“.

Note: You can add useful applications and files to your ERD ISO image such as disk imaging utility, corporate antivirus, etc.

To create the ISO image click on “Next“.

If you want to burn the ISO into a media set the wizard to your media burner. Click on “Next” to proceed.

Click on “Finish“.

Copying the new dart wim file to the hidden Recovery folder

In order to replace the default Windows RE boot image with DaRT, you’ll need to use an account with administrative privileges (member of the local Administrators group at least).

In order to perform the replacement, follows these steps:

Open Windows Explorer, click on the ALT key and choose “Folder Options” from the Tools menu.

Choose “Show hidden files, folders and drives” and deselect “Hide protected operating system files (Recommended)“and “Hide extensions for known file types“.

First we need to change the folder opens so we can view the hidden recovery folder. Open Windows Explorer, click on the ALT key and choose “Folder Options” from the Tools menu.

Choose “Show hidden files, folders and drives” and deselect “Hide protected operating system files (Recommended)“and “Hide extensions for known file types“.

8-24-2011 3-04-08 AM

Click “OK“.

Open C:\ Drive, right-click Recovery folder. Choose “Properties” from the menu.

Select Security tab, and click on “Edit“.

On the new windows, click on “Add” and find you user account, then click on “OK“.

Assign Allow: Full Control permissions for the specific account and click on “OK“.

8-24-2011 3-06-33 AM

Now, as you can see, the C:\Recovery folder is accessible to your user account.

8-24-2011 3-09-54 AM

At C:\Recovery\<UID> you’ll find the Winre.wim image file. This is the Windows RE image that has been loaded every time you’ve chosen to repair your computer from the F8 startup menu.

8-24-2011 3-10-30 AM

Next time you restart your computer press F8 to get to the Advanced Boot Options Screen then choose “Repair your computer”

Advanced_Boot_Options

There’s the option to start network support at the start of Windows RE. Choose YES

8-24-2011 2-50-03 AM

In Windows PE your drive mapping will not have the same drive letters and this can be confusing.

Choose YES to remap them

8-24-2011 2-50-13 AM

Select you Language

8-24-2011 2-50-23 AM

You’ll notice that DART (Microsoft Diagnostics and Recovery Toolset) has been added to the Windows RE menu

8-24-2011 2-51-05 AM

You now have 14 additional tools at your disposal.  My  favorites are below.

Locksmith (for those times when someone messes up their administrator passwords)

Standalone System Sweeper (for that nasty malware that’s difficult to clean while in Windows)

Remote Connections (have the user select this and you can remote in with the Dart Remote connection viewer and fix it all from your desk)

8-24-2011 2-51-20 AM

Reference: http://www.petri.co.il/replace-default-windows-recovery-environment-in-dart.htm