Convert install.esd to install.wim

I haven’t put up new post for quite some time, this is definitely worth keeping it.

Recently I started to look at creating a system image for Winodws 10, it will be used for the desktop/laptop deployment.  It is not funny that you have to do so much to get it to work when you don’t have SCCM in your environment.

One thing that was blocking my way, there is no more install.wim for creating the package, the latest build of Windows 10 download only comes with install.esd under the source directory.  Although you can ask Uncle Google, and there will be many software options to convert, extract, decrypt…etc many many terms, but I don’t like any of them as I don’t feel comfortable downloading a script or software that wasn’t verified, you just don’t know what it’s embedded.

I am luckily enough to find these information from a Technet article.

  1. you need to copy the install.esd file onto a local storage location.
  2. run cmd in elevated mode.
  3. execute this command – dism /Get-WimInfo /WimFile:install.esd (this should pointing to the physical path)
  4. note down the Index number for the operating system you would like to deploy
  5. then execute this command – dism /export-image /SourceImageFile:install.esd /SourceIndex:1 /DestinationImageFile:install.wim /Compress:max /CheckIntegrity
  6. if it ran ok, you will get install.wim extract in the same folder.  now you can use this to work with MDT.

Have fun!

Reset Password on Windows Server 2008 R2

No sure what was happened, one of the Windows Server cannot be logged in with any domain admins account, YES!  including the local administrator account @_@

Luckily I have came across this article from How-To Geek, and I managed to reset the password and logged back on.  The original article is from http://www.howtogeek.com/106333/how-to-reset-your-forgotten-domain-admin-password-on-server-2008-r2/

The idea is to replace one of the accessibility tool with the command prompt at the logon screen, like this one.

You boot off the Windows installation disk or recovery cd, and select “Repair your computer” option.

follow through the screen until you see a screen like below

So first, you will need to run a command to backup the original “utilman.exe” file, the command should be like

MOVE C:WindowsSystem32Utilman.exe C:WindowsSystem32Utilman.exe.bak

 

Secondly, you will then need to make the “cmd.exe” as “Utilman.exe”,

COPY C:WindowsSystem32cmd.exe C:WindowsSystem32Utilman.exe

(Note:  one of the challenge here is to find the correct drive letter for the “Windows” directory, because in my situation the drive letter was on D drive instead C drive.  Therefore you will need to use DIR command to make sure you are working on the correct drive letter.)

Now, if everything goes under the plan, then you can go ahead and reboot your machine.

When you see the logon screen, click on the Ease of access icon , hopefully the command prompt screen is now opened for you 🙂

To change the user password, we will use the normal Windows command, replace username with the user name you need to reset the password for.

net user username *

Once changed, you should be able to log into the machine, yeah!!!

Don’t forget, you need to change back the “Utilman.exe” back to the original one.  Since this is actually an in use file, thus you might not be able to change it back in Windows Explorer.  You may use special tools to overcome this or just simply do the previous steps again to revert the file.

I hope this help.  One last little suggestion, wherever possible, don’t let too many people to have the admin login privileges, especially don’t share one “administrator” account within the team, otherwise it will be difficult to tell who mess it up.

 

Windows Command Line

Today I need to run some special commands in windows 2008 server, I think it would be useful to keep the TechNet link and some of them here, just in case I need them again.

http://technet.microsoft.com/en-us/library/cc772390(WS.10).aspx

1: System File Checker

Malicious software will often attempt to replace core system files with modified versions in an effort to take control of the system. The System File Checker can be used to verify the integrity of the Windows system files. If any of the files are found to be missing or corrupt, they will be replaced. You can run the System File Checker by using this command:

sfc /scannow

2: File Signature Verification

One way to verify the integrity of a system is to make sure that all the system files are digitally signed. You can accomplish this with the File Signature Verification tool. This tool is launched from the command line but uses a GUI interface. It will tell you which system files are signed and which aren’t. As a rule, all the system files should be digitally signed, although some hardware vendors don’t sign driver files. The command used to launch the File Signature Verification tool is:

sigverif

3: Driverquery

Incorrect device drivers can lead to any number of system problems. If you want to see which drivers are installed on a Windows 7 system, you can do so by running the driverquery tool. This simple command-line tool provides information about each driver that is being used. The command is:

driverquery

If you need a bit more information, you can append the -v switch. Another option is to append the -si switch, which causes the tool to display signature information for the drivers. Here’s how they look:

driverquery -v
driverquery -si

4: Nslookup

The nslookup tool can help you to verify that DNS name resolution is working correctly. When you run nslookup against a host name, the tool will show you how the name was resolved, as well as which DNS server was used during the lookup. This tool can be extremely helpful when troubleshooting problems related to legacy DNS records that still exist but that are no longer correct.

To use this tool, just enter the nslookup command, followed by the name of the host you want to resolve. For example:

nslookup dc1.contoso.com

5: Ping

Ping is probably the simplest of all diagnostic commands. It’s used to verify basic TCP/IP connectivity to a network host. To use it, simply enter the command, followed by the name or IP address of the host you want to test. For example:

ping 192.168.1.1

Keep in mind that this command will work only if Internet Control Message Protocol (ICMP) traffic is allowed to pass between the two machines. If at any point a firewall is blocking ICMP traffic, the ping will fail.

6: Pathping

Ping does a good job of telling you whether two machines can communicate with one another over TCP/IP, but if a ping does fail, you won’t receive any information regarding the nature of the failure. This is where the pathping utility comes in.

Pathping is designed for environments in which one or more routers exist between hosts. It sends a series of packets to each router that’s in the path to the destination host in an effort to determine whether the router is performing slowly or dropping packets. At its simplest, the syntax for pathping is identical to that of the ping command (although there are some optional switches you can use). The command looks like this:

pathping 192.168.1.1

7: Ipconfig

The ipconfig command is used to view or modify a computer’s IP addresses. For example, if you wanted to view a Windows 7 system’s full IP configuration, you could use the following command:

ipconfig /all

Assuming that the system has acquired its IP address from a DHCP server, you can use the ipconfig command to release and then renew the IP address. Doing so involves using the following commands:

ipconfig /release
ipconfig /renew

Another handy thing you can do with ipconfig is flush the DNS resolver cache. This can be helpful when a system is resolving DNS addresses incorrectly. You can flush the DNS cache by using this command:

ipconfig /flushdns

8: Repair-bde

If a drive that is encrypted with BitLocker has problems, you can sometimes recover the data using a utility called repair-bde. To use this command, you will need a destination drive to which the recovered data can be written, as well as your BitLocker recovery key or recovery password. The basic syntax for this command is:

repair-bde <source> <destination> -rk | rp <source>

You must specify the source drive, the destination drive, and either the rk (recovery key) or the rp (recovery password) switch, along with the path to the recovery key or the recovery password. Here are two examples of how to use this utility:

repair-bde c: d: -rk e:recovery.bek
repair-bde c: d: -rp 111111-111111-111111-111111-111111-111111

9: Tasklist

The tasklist command is designed to provide information about the tasks that are running on a Windows 7 system. At its most basic, you can enter the following command:

tasklist

The tasklist command has numerous optional switches, but there are a couple I want to mention. One is the -m switch, which causes tasklist to display all the DLL modules associated with a task. The other is the -svc switch, which lists the services that support each task. Here’s how they look:

tasklist -m
tasklist -svc

10: Taskkill

The taskkill command terminates a task, either by name (which is referred to as the image name) or by process ID. The syntax for this command is simple. You must follow the taskkill command with -pid (process ID) or -im (image name) and the name or process ID of the task that you want to terminate. Here are two examples of how this command works:

taskkill -pid 4104
taskkill -im iexplore.exe

 

“Ping” Command doesn’t work

Quite often that some of the command doesn’t work in the command prompt, showing some errors like

‘ping’ is not recognized as an internal or external command
‘defrag’ is not recognized as an internal or external command
‘ipconfig’ is not recognized as an internal or external command

but every time I forget about the fix, so let me put it here this time.

For Windows XP:

Right click “My Computer” and click “Properties”. Click the “Advanced” tab up top followed by the “Environment Variables” button at the bottom. In the 2nd list box, scroll down to the 5th or 6th entry “Path”, select it and click “Edit”. Add “%SystemRoot%system32;%SystemRoot%;” (minus the quotes) to the beginning of the line. Okay the changes and try out your commands now.