Category Archives: HTA

Wireless Support WinRE 10 – Part One

It seems that many people need to be able to connect to a wireless network via WinPE. In addition, a large percentage of windows systems nowadays don’t have Ethernet port and many businesses are going “wireless only”. If you browse the Internet, you will find several guides/hacks successfully used to build a WinPE with wireless support. In this blog which has two parts, I will describe the way you can use the Windows 10 WinRE.wim image and an optional component (Feature Pack) called WinPE-WiFi-Package to provide support for adding wireless drivers to WinRE, and the ability to create/deploy images over wireless network connections. In the second part I will provide PowerShell script to automate process of creating WinRE with wireless support.

Windows RE (Recovery Environment) and Optional Components

This page provides the Optional Components Reference: https://msdn.microsoft.com/en-us/windows/hardware/commercialize/manufacture/desktop/winpe-add-packages–optional-components-reference

The default Windows RE image contains the following built-in optional components:

•Microsoft-Windows-Foundation-Package
•WinPE-EnhancedStorage
•WinPE-Rejuv
•WinPE-Scripting
•WinPE-SecureStartup
•WinPE-Setup
•WinPE-SRT
•WinPE-WDS-Tools
•WinPE-WMI
•WinPE-StorageWMI-Package (added to the base image in Windows 8.1 and Windows Server 2012 R2)
•WinPE-HTA (added to the base image in Windows 10)

In addition to the list of default ones, here is our hero – WinPE-WiFi-Package

Network/WinPE-WiFi-Package is used by Windows Recovery Environment (Windows RE). This package is included in the base winre.wim file. Note that this package is used by Windows RE only, and you won’t find it in Boot.wim or ADK WinPE.wim, or as an ADK Optional Component.

Windows RE location and Extraction

Windows RE is stored as WinRE.wim file on a device hard drive or SSD in Windows 7, 8/8.1 and 10.  Windows 7 normally saves it on the same partition/volume with Windows, while Windows 8 and 10 usually keep it on the hidden System Reserved partition that also contains boot files and Boot Configuration Data (BCD).

Therefore, the OS Windows 8, Windows 8.1, and Windows 10 will place WinRE.wim in the following locations:
• Single Partition Deployments – WinRE.wim placed on C: drive (Partition 1).
• BIOS with System Partition – WinRE.wim placed on the System Partition (Partition 1).
• UEFI with Recovery Partition – WinRE.wim will be placed on the Recovery Partition (4).
Note that a UEFI system will have an EFI System Partition (1), an MST Partition (2), Windows Partition (3), and Recovery Partition (4).

To get WinRE.wim from a computer installed with Windows OS, look into Windows\System32\Recovery folder, and if you do not see it there (make sure you are viewing Hidden, System OS files) please do the following:
– run command reagentc /info to find out if it is installed and where (and if existent/installed on OS)
– run reagentc /disable to put WinRE.wim back in Windows\System32\Recovery folder so you can copy it, and then run reagentc /enable to put it back.

Picture 01: WinRE.wim file location

To get WinRE.wim from a Microsoft download file, you need to convert an ESD file (the install.esd file is a Windows Electronic Software Download file located in Sources folder) into Install.wim file. The best way to extract WinRE.wim is to create a folder on your C: drive (example C:\ESD) and copy install.esd into this folder. Open Command Prompt as Administrator, get into C:\ESD folder and run the following commands:
– dism /Get-WimInfo /WimFile:install.esd (to get information on the ESD file and find index number that you need; in my example I choose Index 1 because it is a PRO version).

 

 

 

 

 

 

 

 

Picture 02: Using DISM to get info about Install.esd

– dism /export-image /SourceImageFile:install.esd /SourceIndex:1 /DestinationImageFile:install.wim /Compress:max /CheckIntegrity

Picture 03: export/convert ESD file into WIM file

Depending on your computer, the command takes from 10-20 minutes to finish. Mount the Install.wim file and copy WinRE.wim from the Windows\System32\Recovery folder. Regardless of the method used to find Winre.wim, please always make sure to use a version of the file compatible with the version and architecture of Windows for which WinRE is being repaired. For example, if you are repairing WinRE on a Windows 8 64-bit system you should use the Windows 8 64-bit Winre.wim file.

Customizing WinRE and Boot Options Menu

You can customize WinRE.wim by adding packages, languages, drivers, and custom diagnostic or troubleshooting tools. Note that the number of packages, languages, and drivers is limited by the amount of memory available on the PC, and Microsoft, for performance reasons, recommends that you minimize the number of languages, drivers, and tools that you add to the WinRE.wim image.

The customizations steps are as follows:

1. Use DISM to mount WinRE.wim (for example C:\mount).
2. Create the \Sources\Recovery\Tools folder in the WinRE mount folder.
3. Create an .xml file called WinREConfig.xml that describes the custom tool in the boot options menu.
4. Launch Notepad.exe and type the following:

For HTA Custom Tool WinREConfig.xml

For PowerShell Custom Tool WinREConfig.xml


Note the access level as Yes/No value. It specifies whether the imaging tool should be restricted to users with administrative privileges only from the Windows RE tools menu. This setting does not affect the Recovery control panel, which always requires administrative privilege.

5. Save the file using UTF-8 coding. Do not use ANSI. Save this file in \Sources\Recovery\Tools folder.
6. Copy the custom tool in the \Sources\Recovery\Tools folder of the mounted Windows RE image.
You can only add one custom tool to the WinRE boot options menus. This tool must have .EXE extension.

HTA Custom Tool

• mshta.exe
• ACBWinPEx64.hta

Powershell Custom Tool

• powershell.exe
• ACB-WinPEx64.ps1

Picture 04: Custom tool and apps in the Sources\Recovery\Tools folder; note that I’ve used ACBWinPEx64.hta and ACB-WinPEx64.ps1 from my blog WinPE 5.0 GUI (http://www.alexcomputerbubble.com/winpe-5-0-gui/).

If you choose to have PowerShell Tool you need to add WinPE-PowerShell Optional Component.

7. Use DISM to add drivers (wireless drivers and other needed drivers)
8. Use DISM to add apps that you will use in your Recovery Environment
9. Create/export wireless profile to be used in your Recovery Environment

netsh wlan export profile name=”WiFi_SID_Name” folder=D:\ key=clear
(This would result in exporting/creating profile saved in file D:\Wi-Fi-Name.xml where D: is the USB drive)

You could use a PowerShell script instead:


function Export-WlanProfile($ProfileFolder){ 
<# 
.SYNOPSIS 
Exports WLAN profiles 
.EXAMPLE 
Export-WlanProfile -ProfileFolder C:\WinRE-Wireless\WLAN-Profiles 
#>

 If((Test-Path $ProfileFolder -PathType Container)){
 
 try {
 $wlanProfileCollection = (netsh wlan show profiles) | 
 Select-String -Pattern "All User Profile" | 
 Foreach-Object {$_.ToString()} 
 $wlanProfileCollection | 
 Foreach-Object {$_.Replace(" All User Profile : ",$null)} 
 $wlanProfileCollection | 
 ForEach-Object {netsh wlan export profile $_ $XmlDirectory key=clear} 
 }
 catch{
 Write-Warning "Error exporting WLAN profile(s)!"
 Write-Warning "Error: $($_.Exception.Message)"
 Break
 }
 } 
 Else{
 [System.Windows.Forms.MessageBox]::Show("Folder does not exist!")
 }
} 
Export-WlanProfile -ProfileFolder C:\WinRE-Wireless\WLAN-Profiles

10. Use DISM to commit your customizations steps and unmount the WinRE image
11. Format you USB drive, make it bootable and add customized WinRE image
12. Once you boot your system into WinRE with wireless support you could use PE Network Manager – http://holger.reboot.pro/ to import profile for wireless network or you could type the following command:

net start wlansvc
netsh wlan add profile filename=D:\Wi-Fi-Name.xml

Microsoft, due to security considerations, recommends that that you disable networking when you don’t need connectivity. By default, networking is disabled in WinRE. You can turn on networking when you need it.


 

USB Drives – List Connect Share

In this post I want to share with you one of my HTA utilities created for viewing all USB sticks/devices that are currently plugged into a remote network computer, creating a share on remote computer and viewing the content of the shared USB stick on a remote computer. In addition, I wanted to use this HTA tool to view a user logged into a remote computer and, if required, disable or enable the usage of USB sticks in order to prevent users from connecting to USB storage devices on a remote computer.
The picture below shows the simple interface of this HTA tool named “USB Drive Info”.
UsbDriveInfo_App_01 Figure 1: USB Drive Info application

In order to see if there is any USB devices connected to a remote networked computer, I just need to type the name of a remote computer (in my example: TEST-AFL-XYZ007 or its IP address) and click the top button on the right “View USB Drives”. If the remote machine is online, and has USB sticks plugged in, the list of USB Flash Drives will display all connected devices showing their info such as Model, Size, Drive Letter and devices’ serial numbers. Please see the example in the picture below.

UsbToolKit_ListOfUsb

Figure 2: USB Drive Info displays the list of USB sticks plugged into the remote computer

To connect and share USB stick (model name Lexar JD FireFly) represented by G: letter drive, I only need to click on the button “Create Share/Connect” in the same row (row number 2) as this USB device, and if successful, the popup window will display message “TEST-AFL-XYZ007 created USB Share named G – success”, as shown in the picture below.

UsbToolKit_ShareConnectGDrive

Figure 3: Creating USB share on a remote computer ( \\TEST-AFL-XYZ007\G ).

Once the USB share is created, the button in the corresponding row will be changed as well. To remove this share, just click the button “Remove Share/ Disconnect”, as shown in the picture 4.

UsbToolKit_RemoveShare

Figure 4: To remove the share, click the button “Remove Share/ Disconnect” in the matching row.

If I want to disable the usage of USB sticks in order to prevent users from connecting to USB storage devices on this remote computer, I only need to click on the button “Enable/Disable All USB”, and the popup window will prompt me to confirm my decision, as shown in the picture 5. The usage of USB sticks connected to a remote computer could be enabled again by clicking on the same button.

UsbToolKit_DisableEnableUsb

Figure 5: Disabling USB sticks on the remote computer TEST-AFL-XYZ007.

If you find this tool useful and want to test it in your environment, please note that you have to run it as a user that have admin access to the remote computers. To run HTA program elevated via the Right Click Menu – Run as Administrator, please see my blog Run a Program Elevated via the Right Click Menu – Run as Administrator.





Please note: Although the author has made every reasonable attempt to achieve complete accuracy of the content, he assumes no responsibility for errors or omissions. Also, you should use this information as you see fit, and at your own risk.