• Announcements

    • xper

      MSFN Sponsorship and AdBlockers!   07/10/2016

      Dear members, MSFN is made available via subscriptions, donations and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, become a site sponsor and ads will be disabled automatically and by subscribing you get other sponsor benefits.

The Art of OEM - nLite & OEM Preinstallation

Your opinion goes here   140 members have voted

  1. 2. Would you like for Windows Designer Studio to perform most of the operations described in this guide?

    • Yes, and I want more features too!
    • Yes
    • No, I'd rather stick with the plain old Windows Setup routine.
    • No, it's just a waste of time; nLite/vLite will always be enough for my needs.
  2. 3. Now that this guide is complete, are you happy with its contents?

    • Yes, it's a great idea!
    • Somewhat, I used some of the things described here.
    • Probably, but it is too complex for me to handle.
    • No
  3. 4. Which of these should benefit you the most and you'd like to see first in Windows Designer Studio? (more details soon)

    • Windows Setup SDK (Panther Engine) - WIM capture, Setup customization and ISO making, like in Parts 3 and 4
    • VKEY Explorer - an advanced tool to design the registry of the OS you are designing
    • Package Designer - a set of diff and compression tools to allow you to author/create/add/remove windows components and preinstalled apps
    • VM Workbench - an extension for the free VMware Player product to test the results of your work before finalizing

Please sign in or register to vote in this poll.

141 posts in this topic

Yes, at a first glance Norton Ghost is a good solution, but Microsoft has developed the WIM format specifically for this purpose. I am almost done gathering data for continuing my tutorial, and I will present my research in the next few days.

The main advantages are single instance storage over one and/or multiple sysprep resealed images and using a real Microsoft-written setup routine (with actual partitioning options, not with unattended diskpart).

what do you mean about setup routine not unattended diskpart? is there a way to make a setup routine. i made a image like this one that boots in winpe 2.0 then uses .bat scripts to deploy my image using imagex (i took your advice). ugly but gets the job done. i would be interested in hearing how you made a setup routine. excellent guide by the way...

Edited by geo411m

Share this post

Link to post
Share on other sites

There are 3 ways:

1) the easy way, reuse a setup routine from Longhorn builds 4xxx (those that do not use WINLOAD), as I will document in Part 4.

2) the not so easy way, with Business Desktop Deployment

3) the hard way, which I am considering for some time, construct a new .NET setup application on top of the dlls that Microsoft provided in Codename Eiger SDK (First Boot Agent) and in Windows PE 1.6 OPK Beta 1 (build 4033). I am thinking of doing a wrapper UI over these to create a simple to use SDK of my own.

Edited by dexter.inside

Share this post

Link to post
Share on other sites

i certainly am interested in that. :thumbup So you boot into winpe which starts longhorn setup or your wrapper to partition and format your drives and then start the deployment of your wim file to the partition you select, is that about right?


Share this post

Link to post
Share on other sites

Yep, that's about it. And the user uses either the longhorn setup UI or yours to do required operations just like in Vista setup, instead of a unattended diskpart that formats the entire disk.


Share this post

Link to post
Share on other sites

thats GREAT, i can't wait to see Part 4. of your guide.


Share this post

Link to post
Share on other sites

2.5.6. Codename Quattro and Freestyle - Extra Stuff

The setup for WHS is quite poorly designed, as you've probably found out by now. The latest CTP is even worse than Beta 2 from the setup's point of view. They should have sticked to 2-CD media, like Codename Freestyle (Media Center 2005).

The WHSOC.INF is mostly a dummy:

signature="$Windows NT$"

[Optional Components]

IconIndex = 0

CopyFiles = WHS_Bin
AddReg = WHS_Reg


HKLM, "SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\CustomBrand\{F20B21BE-5E3D-11d2-8789-68CB20524153}", "DontPaintText", 0x10001, 0x00000001
HKLM, "SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\CustomBrand\{F20B21BF-5E3D-11d2-8789-68CB20524153}", "DontPaintText", 0x10001, 0x00000001
HKLM, "SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\CustomBrand\{F20B21C0-5E3D-11d2-8789-68CB20524153}", "DontPaintText", 0x10001, 0x00000001
HKLM, "SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\CustomBrand\{F20B21C1-5E3D-11d2-8789-68CB20524153}", "DontPaintText", 0x10001, 0x00000001
HKLM, "SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\CustomBrand\{F20B21BE-5E3D-11d2-8789-68CB20524153}", , , "whsbrand.dll, -1004"
HKLM, "SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\CustomBrand\{F20B21BF-5E3D-11d2-8789-68CB20524153}", , , "whsbrand.dll, -1001"
HKLM, "SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\CustomBrand\{F20B21C0-5E3D-11d2-8789-68CB20524153}", , , "whsbrand.dll, -1003"
HKLM, "SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\CustomBrand\{F20B21C1-5E3D-11d2-8789-68CB20524153}", , , "whsbrand.dll, -1002"

HKU, ".Default\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\Welcome", "srvwiz", 0x10001, 0x00000000
HKCU, "SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\Welcome", "srvwiz", 0x10001, 0x00000000

WHS_Bin = 11

1="NT Setup",,0



COMP_OPTIONDESC_WHS = "Microsoft Codename Quattro"
COMP_OPTIONDESC_WHS_TIP = "Provides the ability to convert this server to a Microsoft Windows Home Server."
Msft = "Microsoft"

The actual installer logic relies on adding tons of hotfixes and packages after the core of Small Business Server is installed. Even more, the default shares in Home Server Console are hard-coded somewhere in the setup routine.

Quite messy, isn't it? And only half of them are actually in that picture. Imagine making unattended packages for nLite for each one of those and getting it right.

In order to get best compatibility with Windows XP apps (mostly games that won't normally launch on the server platform), I will add some data from a Media Center machine in the registry:


Windows Registry Editor Version 5.00













And the corresponding WPA entry:

Windows Registry Editor Version 5.00


You can find here a very good guide of installing Media Center 2005 on Server 2003 that you can use to do this. I don't want Media Center in this case, but just to fake it as being installed. The mediactr.cat, medctroc.inf and ehOCGen.dll should be enough for that purpose.






















Codename Freestyle finally gets enabled by rundll32 syssetup,SetupInfObjectInstallAction Freestyle 128 medctroc.inf. You will need your Media Center CD to provide the needed files.

2.5.7. Extra apps

In order not to break the WGA detection process in WMP11, only at this point it's safe to install it, because Quattro provides Universal Plug and Play and SSDP Discovery and Freestyle has added the required WPA registry keys for MCE v3.0

To install it, add these using XP compatibility:

- User-Mode Driver Framework Feature Pack 1.0

- Hotfix for Windows XP (KB926239)

- Windows Media Format 11 Runtime

- Windows Media Player 11


Picture 25 - WMP11 on Home Server

At this point, install whatever apps you will need to be installed by default with Windows. Apps installed at this point are considered "preinstalled".

For example, System Mechanic 7


Picture 26 - System Mechanic 7

which is also a good opportunity to correct erroneous data in the registry.


Picture 27 - Performing Tasks


Picture 28 - Tasks Complete

Edited by dexter.inside

Share this post

Link to post
Share on other sites

2.5.8. Drivers

Similar to Part 1, my drivers are stored in Business Desktop Deployment. You can find them in \Distribution\Out-of-Box Drivers


Picture 29 - Driver Repository

Use the VMware shared folders feature to copy them to the virtual machine. I use \WINDOWS\Driver Cache, it's a very suitable target for this operation. Original drivers (driver.cab) is cached in \WINDOWS\Driver Cache\I386.


Picture 30 - Copying Drivers

It's good to use NTFS compression to save space on the destination machine. The setup method described in Part 4 of this tutorial also saves NTFS streams and security. In my case, this saved over 600 Mb of space.

2.5.9. Setup Manager

Unpack DEPLOY.CAB from \SUPPORT on your original disc to C:\sysprep. Home Server uses the same one as Windows Server 2003 SP1.

Setup Manager will configure the needed settings for mini-setup. Run C:\sysprep\setupmgr.exe.


Picture 31 - Welcome


Picture 32 - Create New

You will need a sysprep.inf file.


Picture 33 - Sysprep Setup

Home Server is compatible with Windows Server 2003 Enterprise. Instead of Terminal Server it is based on Small Business Server.


Picture 34 - Windows Version

In my case, I am not fully automating the answers.


Picture 35 - Not Automated


Picture 36 - Name & Organization

These display settings will be used during setup.


Picture 37 - Display Settings

Edited by dexter.inside

Share this post

Link to post
Share on other sites


Picture 38 - Time Zone


Picture 39 - Product Key

You can change here the initial restriction of 10 user licenses included in Windows Home Server.


Picture 40 - Licensing Mode


Picture 41 - Computer Name


Picture 42 - Administrator Password


Picture 43 - Networking


Picture 44 - Workgroup or Domain


Picture 45 - Telephony


Picture 46 - Regional Settings

I have added here settings that will clean setup temporary files, created by the setup routine described in Part 3 and 4.


Picture 47 - Run Once

Edited by dexter.inside

Share this post

Link to post
Share on other sites

This is a string stored in registry to uniquely identify your OEM build.


Picture 48 - Identification String

Here's how my sysprep folder looks like.


Picture 49 - Sysprep data

Finally, save your new sysprep.inf file there.


Picture 50 - SYSPREP.INF

2.5.10. Other unattended instructions.

I have added some extra instructions in SYSPREP.INF:

InstallFilesPath="C:\WINDOWS\Driver Cache\i386"

OEMDuplicatorstring="Windows Home Server"

FullName="Windows User"



DistFolder="C:\WINDOWS\Driver Cache\i386"

Command0="cmd /c "rd %SystemDrive%\$WINDOWS.~BT /s /q""
Command1="cmd /c "rd %SystemDrive%\$WINDOWS.~LS /s /q""



- OemSkipEula=Yes - Skips EULA

- DriverSigningPolicy=Ignore - Don't prompt when installing drivers

- UpdateInstalledDrivers=Yes - Reinstall all present drivers when mini-setup starts. Very important.

In order to successfully make this setup work on any system configuration, you will have to use UpdateInstalledDrivers=Yes, which will clean the entire Device Manager, except non-PnP and HAL. This will ensure that all VMware drivers are removed and your setup will install the proper drivers for the system it is being executed on.

2.5.11. Sysprep Driver Scanner

You will need the Sysprep Driver Scanner to link the drivers you copied to the setup routine. Important -don't store drivers in the sysprep folder. It will be deleted when mini-setup starts.


Picture 51 - Sysprep Driver Scanner

You must also add C:\WINDOWS\Inf for this to work, otherwise default drivers won't be detected.


Picture 52 - Add Default Drivers

Paths are saved in registry.


Picture 53 - Saved


Picture 54 - Done

Edited by dexter.inside

Share this post

Link to post
Share on other sites


Quite Good !! Do you plan to post a pdf version of your guide ?




Share this post

Link to post
Share on other sites

Yes, after I get enough user feedback so that I can write what everyone wants most.


Share this post

Link to post
Share on other sites

2.5.12. Mass Storage

In order for sysprep to work properly, you will need a mass storage section. If you do not add at least this, your image will work only on the same computer, in this case only in VMware, and on different computers will produce a STOP 0x0000007B INACCESSIBLE_BOOT_DEVICE BSoD.

This problem exists because Windows can only load if the boot loader is able to read the files from the extended portion of the disk. So, if it doesn't have the necessary drivers it will fail. The way around is to have sysprep load all the standard drivers for mass storage, so it will have the ability to read from most computer configurations.

- add a [sysprepMassStorage] section at the end of the sysprep.inf file and save it. If you don't, sysprep won't enumerate mass storage devices.

- open a command prompt and run sysprep -bmsd from the C:\sysprep folder.

Sysprep will extract all mass storage devices from Windows and place them in the [sysprepMassStorage] section that you created. When you run the -bsmd command, sysprep should pop up a hourglass like in Picture 55. During the time you see it, it is actively generating the mass storage device list and inserting it into the sysprep.inf file.


Picture 55 - Build Mass Storage Section

Here's a sample of what my result was:


As you can see, there are a lot of entries in the section (about 690 in Windows XP). These are plug and play identifiers for mass storage drivers and their location. If it didn't insert any, your device path is invalid and you forgot to add the \WINDOWS\Inf path to the Sysprep Driver Scanner. Check it in HKLM\Software\Microsoft\Windows\CurrentVersion\DevicePath. Note that sysprep takes ~1 second to add each entry.

2.5.13. Running Sysprep


Picture 56 - Warning

- Grace Period - if this option is unchecked, a evaluation version of Windows will not reuse the 30-60 day ReArm counter.

- Mini-setup - Sysprep will use mini-setup instead of text-mode setup.


Picture 57 - Sysprep Options

- Security Identifiers - a SID is a unique computer code that identifies it on the network.

- Detect non-PnP - also scans for non-PnP drivers, like ISA cards. Increases setup time up to 10 minutes and is no longer needed on most computers built after 2000.


Picture 58 - Start

- Factory - a more advanced method of creating custom setups. Big OEMs like Dell usually use it.

- Reseal - the method I am describing in this guide.

After the SID warning it's OK to reseal if you've gotten your Windows just the way you like it already.


Picture 59 - Working

This can be a lengthy process, especially if you have thousands of drivers like I do. Sysprep analyzes each of the driver I added in the \WINDOWS\Driver Cache, then all files on the partition, all INFs and log every changes it makes. When it's done, I've chosen to shut down the virtual machine.

In Part 3, you will learn how to image the partition you've sysprepped here, and in Part 4 how to make a setup routine to deploy and install it from that image to any computer.


Share this post

Link to post
Share on other sites

Part 3: Windows Imaging

In Part 3 of this tutorial, I will show you how the WIM technology can be used on pre-NT 6.0 Windows builds and how it relates with what you've done so far.

The reseal technique described in Part 2 has these main advantages, bringing portability features created by sysprep:

1. you can change the motherboard and the installed windows will detect and install it (on normal windows this will cause a BSoD).

2. you can clone the entire partition on another computer and boot from it, effectively allowing you to replicate your windows & programs on an unlimited number of computers.

3. you can clone your physical partition directly onto ESX Server/VMFS or VMware Workstation vmdk disks and it will go virtual without any P2V software converters.

4. you can clone it on a usb drive and boot from it (I haven't tested this feature yet).

5. you can Ghost it and restore it on any computer without any additional steps involved.

If you don't want the extra non-PnP drivers loading at boot, you can run "sysprep.exe -clean" to remove them. You won't be able to do the stuff enumerated above anymore.

The imaging technology that was specifically developed for Windows Vista can now bring these servicing features conceived for future Microsoft products in older and more reliable windows builds.

6. perform offline windows rollups and servicing (registry data and windows components) from Windows PE.

7. deploy any pre-configured workstation or server.

8. preinstall any number of applications without having to make unattended packages, no matter how complex or big they are (like Visual Studio, or Office)

9. make a backup of your genuine activated OS and restore it exactly the way it was.

Sounds good? I'm amazed myself from the extent of the stuff I've discovered by putting all this together.

3.1. Microsoft WIM Formats

Edited by dexter.inside

Share this post

Link to post
Share on other sites
2.5.12. Mass Storage

In order for sysprep to work properly, you will need a mass storage section. If you do not add at least this, your image will work only on the same computer, in this case only in VMware, and on different computers will produce a STOP 0x0000007B INACCESSIBLE_BOOT_DEVICE BSoD.

This problem exists because Windows can only load if the boot loader is able to read the files from the extended portion of the disk. So, if it doesn't have the necessary drivers it will fail. The way around is to have sysprep load all the standard drivers for mass storage, so it will have the ability to read from most computer configurations.

great guide so far. i'm wondering if it possible to use the universal massstorage driver from Here. one would think that this would help with transfering images from ide to sata drives.


Share this post

Link to post
Share on other sites

Yes, by the looks of it, it is possible... you can either:

1) add it as text-mode driver in the initial nLite image, and check if it gets in the [sysprepMassStorage], or:

2) add it yourself as PnP driver, by adding the PCI\VEN_xxxx&DEV_yyyy entries in uata_xp.inf at the end of the sysprep -bmsd generated list, so that it will act as a failsafe when none of the previous entries listed there worked.

Of course, after completing the 4 parts in this tutorial, those who build the final ISO must test it on various non-supported mass storage drivers to see if it actually works. The normal behavior would be for the mini-setup to start, auto-install this driver, complete setup and then prompt you to update the driver. In case it doesn't work, you'd get a BSoD anyways.

You can also test by using it in Windows PE, if it loads there it will also load in the mini-setup. Good finding btw, if this works out we've got ourselves some failsafe to this method. :D

Edited by dexter.inside

Share this post

Link to post
Share on other sites

Yo dexter.inside, I like your post. Just an idea, you have to make a blog or website with all this content.


Share this post

Link to post
Share on other sites

I cannot wait for the next part - I'm most interested in capturing a WIM of a fully configured system, but cannot make sense of Microsoft's documentation. Hope to see this somewhat finished in the near future!


Share this post

Link to post
Share on other sites
I cannot wait for the next part - I'm most interested in capturing a WIM of a fully configured system, but cannot make sense of Microsoft's documentation. Hope to see this somewhat finished in the near future!

lol, there is no microsoft "official" documentation on how to deploy pre-NT 6 this way... their only attempt is called Codename Eiger

Good news: this guide will soon be available in HTML and PDF in nuhi's guide collection.

Edited by dexter.inside

Share this post

Link to post
Share on other sites

Part 3: Windows Imaging

In Part 3 of this tutorial, I continue were we left off with Sysprep. Covered here are two issues of great importance that will greatly enhance the NT deployment experience - one is the Microsoft WIM technology, arguably the best idea that Microsoft Research came up with in the past 10 years and the other is called virtual to physical migration - V2P - a free alternative solution that I managed to make instead of using expensive software like Symantec, Acronis and VMware to migrate a closely tweaked windows installation from a virtual, controlled environment to physical bare metal hardware.

3.1. Some legal considerations

As you may know, WIM is closed source. Although the Vista SDK and WAIK are free to use, the windows setup UI and installer logic capable of reading from a WIM is not. Using components from Vista RTM to install other windows editions this way is a clear violation of the EULA. Fortunately, there is a way around this.

Back in 2004, when Vista was called Longhorn and was based on the NT 5.1 codebase (unlike builds 5xxx that are based on NT 5.2 codebase) the setup was a simple Visual C++ program that used the Beta 1 format of WIMs to install builds 4xxx on your computer. After build 4093, the entire codebase was scrapped and the new Beta 2 WIM format was no longer compatible with the previous one. Microsoft considers the 4xxx builds as abandonware and is no longer interested in what people do with them. You might have heard of some people from the joejoe forums trying to make good use of them. The good part is that I can make some very good use of the Beta 1 format of WIMs, which is also abandonware, along with the Longhorn 4033 SDK. Using these for personal use should not be of any legal concern, the same case as with nLite.

Sysprep is part of the same EULA of it's corresponding NT build, so, as covered by the OEM reseller license, it should be legal to deploy through your organization network evaluations of windows that include the WIM Beta 1 technology, as well as keeping a backup of your licensed retail edition of windows to be deployed with the same technology. This is covered by the same regulations that allow products like Symantec Ghost Suite or VMware V-Motion / Converter. So... enjoy!

3.2. The WIM Beta 1 format

You can get ximage.exe from the Longhorn 4074 install CD or from the Longhorn 4033 SDK. It was renamed to ImageX after Beta 1 was scrapped. It may surprise you to know that Codename Eiger also uses the Beta 1 format instead of later revisions, due to some unknown reason.

I use version 6.0.4059.0 (main.031208-1842), compatible with XML*.DLL schema v2.00.3510.0 (main.031208-1842) and earlier. This was the last release of Beta 1, compatible with all WIMs made before Beta 2. Notice the compile date - December 2003. Eiger uses a different compile of the same code, flagged with a "cjonas" string in the version, both compatible.

Here's how the /? output should look like.

XIMAGE /capture [Drive] [Image File] [Description]
XIMAGE /boot [Drive] [Image File] [Description]
XIMAGE /append [Drive] [Image File] [Description]
XIMAGE /apply [Image File] [Drive] [View #]
XIMAGE /script [Script

/capture - Creates a new image of a drive
/boot - Creates a new bootable image of a drive
/append - Appends a drive image into an existing image
/apply - Applies an image to a drive
/info - Displays available image views
/script - Specifies an answer script
/scroll - Scrolls output for redirection
/nosis - Stores duplicate files
/nocomp - Stores uncompressed file data
/lznt - Use LZNT1 compression
/lzx - Use LZX compression [default]
/flags - User defined image flags
/verify - Verify duplicate files

ximage /capture D: data.wim "Drive D"
ximage /lzx /capture C: cdrive.wim "C Drive"
ximage /lznt /capture E: data.wim "Drive E"
ximage /nosis /nocomp /capture D: data.wim "Drive D"
ximage /scroll /append E: data.wim "Drive E"
ximage /boot D: data.wim "Drive D"
ximage /apply data.wim D: 1
ximage /info data.wim
ximage /script unattend.txt
ximage /flags 128 /capture D: data.wim "Drive D"

Functionality differences from the RTM version are:

- Beta 1 does not support mount/unmount operations, they were added 1 year later.

- There is no mini-filter driver compatible with the resulting WIMs.

- The XML schema is different.

Edited by dexter.inside

Share this post

Link to post
Share on other sites

3.3. Needed INSTALL.WIM settings

If we want to create a proper image, we must look for its settings in another that is accepted by the Longhorn setup routine. In this example, I use Longhorn 4074, one of the most popular.

Here's what the /INFO looks like:

Available Image Choices:
<?xml version="1.0" encoding="UTF-16" standalone="no"?>

Image #1 contains Windows PE 1.6 (before Beta 2, both BOOT.WIM and INSTALL.WIM were stored together), image #2 contains the drive image of the same Windows PE with setup program added and #3 is the Longhorn image. Thus, the setup program has IMAGE INDEX="3" hardcoded. Also, notice the "0" flags. Both are required by the setup to identify the source image.

3.4. VMware Mount

VMware Workstation 6 has a great feature: the vmount2 service that allows you to mount any partition stored in a VMDK file as a disk in your host OS. I will mount the C: drive from the WHS VM on Z:

You can delete temporary files, like pagefile or hiberfil to save space. Also, you can read what modification sysprep did to your installation in \WINDOWS\setupapi.log. For components, there will also be logs like iis6.log. In my case, I had the services disabled, you can see what happened here:

[5/8/2007 12:5:43] LogFile Open. [***** Search on FAIL/MessageBox keywords for failures *****].
[5/8/2007 12:5:43] SysPrepBackup:start
[5/8/2007 12:5:43] SysPrepBackup:InetStartService():ServiceName=IISADMIN unable to start WARNING. Err=0x422.
[5/8/2007 12:5:44] SysPrepBackup:!FAIL!
[5/8/2007 12:5:44] SysPrepBackup:CoCreateInstance on IID_IMSAdminBase2 failed
[5/8/2007 12:5:44] SysPrepBackup:end,ret=0x80070422
[5/8/2007 12:5:44] Final Check:RtlValidateHeap(): Good.
[5/8/2007 12:5:44] Final Check:LogFile Close.

Thanks to vmount, you will be able to image the drive without having to boot from a rescue disk with ximage on it.

There are some minor issues with sysprepping a nLited OS. The thread is here. It's a good idea to copy the files specified there to the \WINDOWS\Driver Cache\I386 and check \sysprep\sysprep.inf for InstallFilesPath="C:\WINDOWS\Driver Cache\i386" in Unattended section. Even if you don't do this, installation will still succeed, but you will see some annoying prompts regarding missing files during mini-setup.

Edited by dexter.inside

Share this post

Link to post
Share on other sites

3.5. Imaging

Taking into account what you've seen in the /INFO for Longhorn, I must run ximage with the following arguments:

ximage.exe /flags 0 /capture Z: "I:\temp\install.wim" "Windows Home Server"

Depending on your disk speed, this can take a lot of time. You can see the progress in the console prompt. Ximage scans the folder structure so that it uses single instance storage and selectively compresses in LZX everything in there. Great moment for a snack, as this usually takes longer than Ghost. I have lots of drivers, so there will be over 24000 files in there. Running vmount2.exe at Above Normal priority might help. Note that this process generates lots of fragmentation for install.wim so using a defragmented partition as target will help.

Here's my result:

Available Image Choices:
<?xml version="1.0" encoding="UTF-16" standalone="no"?>

You can see that image index is 0 instead of 3. Images #1 and #2 will not be present, because Windows PE 1.6 has driver problems and is old. Part 4 describes how to use Bart PE instead (or some other Windows PE).

In order to correct this problem, you'll have to use a hex editor to modify the embedded XML in the WIM. I use Tiny Hexer from mirkes.de.

Tiny Hexer will load by default the first sector. You can also see in there the boot.ini file stored inside. The XML is stored at the end of the file, in unicode. Load the last sector and look for the text.

And replace that 0 with a 3.

Save and exit. You now have a valid WIM Beta 1 image of your OS. Go back to VMware and unmount the partition.

In Part 4 you will learn how to use this WIM to make a bootable ISO to install it.


Share this post

Link to post
Share on other sites

Part 4: Installing Windows from a WIM

In the last part of this tutorial, I will show you how to install an OS stored in a WIM. There are several ways of doing this, and there is a great degree of flexibility in making the install disc. Think it over and choose what's best for your purposes.

4.1. The Panther Unattended Install Engine

In order to test your newly created WIM, we start by copying the \SOURCES folder from the Longhorn CD, without the original INSTALL.WIM file. Add yours instead. My future DVD root is I:\temp and this will become I:\temp\SOURCES

These are the files in \SOURCES:


Replace PIDGEN.DLL, EULA.TXT and SETUPP.INI with those from your nLited disc in order to match the product key and license with what you are installing.

Now you can test to see how the setup routine looks like. SETUP.EXE will generate a C:\$WINDOWS.~BT while it is running and will delete it afterwards, the logs for the engine, codenamed Panther, are in C:\$WINDOWS.~BT\Sources\Panther.

You can see the log for setup.exe in C:\$WINDOWS.~BT\Sources\Panther\setupact.log. For example:

Info                Setup has started phase 1 at 2007-05-27 01:20:22
Info Install Source is C:\$WINDOWS.~BT\Sources
Info Build version is 6.0.4074.0 (idx02.040425-1535)
Info CreateSetupBlackboard:Successfully created Setup black board path is C:\$WINDOWS.~BT\Sources\Panther\SetupInfo
Info InstallWindows:Starting with Empty Queue. Setup Phase = 1
Info Initializing Module -- Name: "ScenarioDetect" Binary: "winsetup.dll" InitFunc: "Module_Init_ScenarioDetect" InitStr: ""
Info InitModule -- module 'ScenarioDetect' returned 1
Info Initializing Module -- Name: "ModuleLoader" Binary: "winsetup.dll" InitFunc: "Module_Init_ModuleLoader" InitStr: ""
Info Module_Init_ModuleLoader:Entry
Info InitModule -- module 'ModuleLoader' returned 1
Info Started Worker Thread 3636
Info Started Worker Thread 3884
Info Started Worker Thread 3800
Info Started Worker Thread 1908
Info Started Worker Thread 4040
Info DetectSetupScenario:Setup is starting from phase 1

After this step, if your WIM is bad the setup routine will fail. DOSNET.INF might give you some clues:

signature="$Windows NT$"

d1 = \I386
d2 = \cmpnents\tabletpc\I386
d3 = \cmpnents\mediactr\I386

ProductType = 0

MinimumMemory = 67108864

DestinationPlatform = i386

ServicePack = 0.0

halcbus.dll = %cbus2_mp%
halcbusm.dll = %cbusmc_mp%
halmca.dll = %mca_up%
halmpsm.dll = %mps_mca_mp%
halncr.dll = %ncr_mp%
missprocfeat = %missing_proc_feat%

You can control 2 things from here: MinimumMemory, in this case don't install if less than 64 Mb of RAM, and ProductType, the same as your flag in WIM XML schema, 0.

Edited by dexter.inside

Share this post

Link to post
Share on other sites

4.2. Setup Library Dependencies

If we want to run the setup routine from another, non-Vista, environment, we must make sure the proper dependencies are present on your final Windows PE / Bart PE disk. As most XP / 2003 systems have the necessary runtime code present, a minimal preinstallation environment does not and we have to get those files in there.

The proper tool to find out what we need is called Dependency Walker.

I loaded SETUP.EXE and the program displays files that are loaded by it.

On my system, it looks like the only missing dependency is DWMAPI.DLL, the Desktop Window Manager from Vista. Read here another example of such a case. It only indicates that this setup is Aero-aware and has features not shown on non-Aero desktop themes. Just like the difference between IE7 for XP/2003 and IE7+ for Vista.

4.3. Building a PE disk

I am using in this example Bart PE Builder v3.1.10a, the most flexible solution in this situation. I:\temp is the destination of my CD root and P:\ is a virtual drive containing the WHS nLited ISO I made in Part 1.


Picture 4 - Bart PE Builder

These are the plugins I use:

You should also add the hdc and SCSIAdapter folders from your BDD distribution to \BartPE\drivers. Now you can build the PE.

Don't bother with missing files, nLite removed them for good reasons.

Add the \SOURCES folder you made in the root (and without the WIM file in order to save space, we only want to find out what files are missing), in my case, I:\temp, and depends.exe to \I386\System32 so that you will be able to check for missing dependencies inside the preinstallation environment.

You should also uppercase file names and folders, the proper windows folder is I386 with a capital I, not i386.

Now make a virtual machine without any hard disks and test your PE:

Link the CD-ROM to the ISO file or mount it, and run the VM:


Share this post

Link to post
Share on other sites

Dependency Walker will provide you with the missing dependencies you need to add to your PE image for setup to work:

So you can now add them to your PE disk. Afterwards, build the CD again and repeat the process:

The final list of missing files that you will have to add is:


As you can see, now SETUP.EXE starts.

4.5. Setup Billboards

The billboards are in \SOURCES\win32ui.dll. Use Resource Hacker to customize them.

I will not change them in this tutorial to save time.

4.6. Testing the final ISO

- Add back INSTALL.WIM to your \SOURCES folder.

- Make a simple STARTNET.CMD to launch setup

set path=%path%;"X:\SOURCES"

- Build the ISO (use -m in OSCDIMG as it's probably larger than a CD)

Note that on VMware, the setup might take ~2 minutes to start from Bart PE. The setup routine is quite slow this way, so a better way to do it is to use Windows PE 2.0. For example, you might add the \SOURCES folder to a Norton Ghost 12 recovery CD and launch it from there.

Edited by dexter.inside

Share this post

Link to post
Share on other sites

The great part is that, due to the registry being already in place, this stage takes only ~20 seconds instead of the normal 7 to 10 minutes.


So, that more or less completes my guide. I will be updating it on the forum as I receive feedback from you, as there still is some more text to add. I hope I will be able to spare some time to make a small application and a SDK for this setup method, as there's great potential in it for both retail and OEM sectors.

I have brought before my point of viewing common OEM practices to Microsoft Research, but they were uninterested to make radical changes in the OPKs and OEM Action Pack software to improve it. There's nothing in for them, obviously. Although I am not primarily trained as a programmer, but as an engineer and analyst, I do resort to coding stuff by myself when I am left with no other option. I just hope the opensource community is more interested in this than Microsoft has.

Thank you for your attention. More coming soon.

Edited by dexter.inside

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.