PXE Bootable Thin Client:
Rescue OS, THIN USB Bootable OS.
The idea of this was to develop e a portable recovery OS. This stems from remote clients that are a bit of a drive. Wanted to be able to remotely access the PC if it becomes infected, BSOD etc etc.
Windows 7 has the ability to boot from a WIM file. These are image files created to apply to computers.
Simply put: Create a MINI OS - save it as a IMAGE (WIM FILE TYPE), copy it to a safe place on the PC, Set windows to duel boot to it.
On Boot the client should see two boot options (Windows and "Recovery Console") or whatever you named it. They choose the "Recovery Console" it boots from that saved WIM file to a PXE OS that loads in memory. From there you connect with either LOGMEIN rescue or VNC from another PC to it.
Once connected you can backup files, run offline virus scans, reimage the PC if needed all from that PC. Simply put you can remotely manage all aspects of the PC with the exception of hardware replacement. This is good for both the technician and client. Recovery time is cut down no longer waiting for the technician to show up, Backups can be preformed, Offline virus scans/cleanup (Only effective method to removing viruses)
Step1: Great PXE APP goto http://winbuilder.net/ you click on a link "Downloads" which provides with suggested "projects" sites. Which is here http://reboot.pro/files/category/4-projects/ My project of choice is nettyPE this is a Windows 7 PXE project. Remember to build a PXE OS you must own a licensed copy of Windows 7. Download the nettyPE project found here http://reboot.pro/files/file/68-nettype/ (Its 129mb)
Extract it to your folder of choice, suggest in the root of your HDD as Windows UAC tends to fight it when it runs. I found running from the root you had fewer issues.
Customize it to your liking, I used "ClearLock" as a option to lock the screen. Since this will give a person full access to the PC you want to protect it from people. Set your background etc. The program additions will come after its built.
I ran the build using 32bit version of Windows 7, 64 version don't allow LOGMEIN RESCUE to work from some reason. VNC also complains. So stick with 32bit windows.
Once the build is done grab the WIM file that gets created, we are going to mount this and add some scripts to it. I will include links from my SKYDRIVE.
Within the folder I provided you copy the files to the folders named
(Within "MAKETRIM" there are three folders CopyToProgramFiles,CopytoSystem32,desktop)
Copy the contents to each folder in your mounted WIM. You can edit as needed or add or remove apps to your liking.
http://sdrv.ms/VWa63a
The install of VNC server is a little tricky. I choose TIGHTVNC or others based on trial and error, Tight was the simplest to setup Basically once you have your WIM setup the way you like boot to it. The WINBUILDER creates a ISO that you can boot to using a VM machine or you can use BCDEDIT and boot to that WIM file.
Either way boot to the WIM and install the TIGHTVNC server, set a password to your liking and then export the registry key created HKLM\SOFTWARE\TIGHTVNC - This contains all your settings for TIGHTVNC server.
Exit your WIM and go back to your primary OS where you created you WINBUILDER WIM. We will then mount the WIM file (using GIMAGEX or any other program) From here use a remote registry editor and connect to the WIMS registry. We are going to add the key you exported to the registry and then update the hive. This will now contain the settings for TightVNC server.
The files you copied into your WIM will launch bat files on startup and get the TVNCserver running. You should now be able to connect to it remotely. You don't have to install TIGHTVNC you can open IE and Browse to the PC using the built in web viewer (port 5800) by default.
I recommend adding BGINFO to your WIM within winbuilder as its useful information that client can tell you or if you login you have it handy.
Rescue OS, THIN USB Bootable OS.
The idea of this was to develop e a portable recovery OS. This stems from remote clients that are a bit of a drive. Wanted to be able to remotely access the PC if it becomes infected, BSOD etc etc.
Windows 7 has the ability to boot from a WIM file. These are image files created to apply to computers.
Simply put: Create a MINI OS - save it as a IMAGE (WIM FILE TYPE), copy it to a safe place on the PC, Set windows to duel boot to it.
On Boot the client should see two boot options (Windows and "Recovery Console") or whatever you named it. They choose the "Recovery Console" it boots from that saved WIM file to a PXE OS that loads in memory. From there you connect with either LOGMEIN rescue or VNC from another PC to it.
Once connected you can backup files, run offline virus scans, reimage the PC if needed all from that PC. Simply put you can remotely manage all aspects of the PC with the exception of hardware replacement. This is good for both the technician and client. Recovery time is cut down no longer waiting for the technician to show up, Backups can be preformed, Offline virus scans/cleanup (Only effective method to removing viruses)
Step1: Great PXE APP goto http://winbuilder.net/ you click on a link "Downloads" which provides with suggested "projects" sites. Which is here http://reboot.pro/files/category/4-projects/ My project of choice is nettyPE this is a Windows 7 PXE project. Remember to build a PXE OS you must own a licensed copy of Windows 7. Download the nettyPE project found here http://reboot.pro/files/file/68-nettype/ (Its 129mb)
Extract it to your folder of choice, suggest in the root of your HDD as Windows UAC tends to fight it when it runs. I found running from the root you had fewer issues.
Customize it to your liking, I used "ClearLock" as a option to lock the screen. Since this will give a person full access to the PC you want to protect it from people. Set your background etc. The program additions will come after its built.
I ran the build using 32bit version of Windows 7, 64 version don't allow LOGMEIN RESCUE to work from some reason. VNC also complains. So stick with 32bit windows.
Once the build is done grab the WIM file that gets created, we are going to mount this and add some scripts to it. I will include links from my SKYDRIVE.
Within the folder I provided you copy the files to the folders named
(Within "MAKETRIM" there are three folders CopyToProgramFiles,CopytoSystem32,desktop)
Copy the contents to each folder in your mounted WIM. You can edit as needed or add or remove apps to your liking.
http://sdrv.ms/VWa63a
The install of VNC server is a little tricky. I choose TIGHTVNC or others based on trial and error, Tight was the simplest to setup Basically once you have your WIM setup the way you like boot to it. The WINBUILDER creates a ISO that you can boot to using a VM machine or you can use BCDEDIT and boot to that WIM file.
Either way boot to the WIM and install the TIGHTVNC server, set a password to your liking and then export the registry key created HKLM\SOFTWARE\TIGHTVNC - This contains all your settings for TIGHTVNC server.
Exit your WIM and go back to your primary OS where you created you WINBUILDER WIM. We will then mount the WIM file (using GIMAGEX or any other program) From here use a remote registry editor and connect to the WIMS registry. We are going to add the key you exported to the registry and then update the hive. This will now contain the settings for TightVNC server.
The files you copied into your WIM will launch bat files on startup and get the TVNCserver running. You should now be able to connect to it remotely. You don't have to install TIGHTVNC you can open IE and Browse to the PC using the built in web viewer (port 5800) by default.
I recommend adding BGINFO to your WIM within winbuilder as its useful information that client can tell you or if you login you have it handy.
So will the above built you can do several things, first its a excellent offline virus scanner, backup tool etc. I include this in my images I apply for clients. I use BCDEDIT and add the WIM file to the boot options, I set the timeout=1 so the customer doesn't really see it as a boot option unless they hit a key on startup. In a case where the PC wont boot the OS/Badly infected I have them turn on the PC and start hitting the down arrow this will halt the boot of the primary OS. I name the WIM file "RECOVERY CONSOLE" have them choose this and boot.
It will goto the PXE OS, it starts CLEARLOCK to lock the screen in case the user is not around there PC. Once its done loading everything the last thing it does is load BGINFO to the desktop. I can then connect from server on site or give the client the CLEARLOCK password, have them login and preform a rescue session (USING LOGMEIN RESCUE)
Personnaly I don't like giving out any passwords so I would connect form a server using VNC web connection (OPEN IE and type in the name of the PXE WIM - In building I set a static name *TECHCOMPANY*rescue etc - you can then connect enter the password and your connected, from there (VIRUS SCANS, BACKUP USER DATA, REMIAGE the PC)
My favorite is reimaging the PC, backup the users data to a network share (you have to RUN NET USE from command to map using windows to browse or \\ to drive doesn't work for some reason) and apply a WIM image, reboot the PC and reconnect once your done. All done remotely without a on site visit.
_____________________________________________________________________________________________________
SECOND OPTION FOR PXE BOOT:
We can make this a RDS client, you can set the PXE OS to load a RDS screen, the user would then run RDS to connect to TS server. In this case you would no longer need HDD in computers, if you have a WDS server (Windows Deployment Server) you have set all computers to boot to network. NO MORE HDD failures. Everyone working from Remote Desktop you would be preventing local infections on computers. This makes managing your network that much simpler.
It will goto the PXE OS, it starts CLEARLOCK to lock the screen in case the user is not around there PC. Once its done loading everything the last thing it does is load BGINFO to the desktop. I can then connect from server on site or give the client the CLEARLOCK password, have them login and preform a rescue session (USING LOGMEIN RESCUE)
Personnaly I don't like giving out any passwords so I would connect form a server using VNC web connection (OPEN IE and type in the name of the PXE WIM - In building I set a static name *TECHCOMPANY*rescue etc - you can then connect enter the password and your connected, from there (VIRUS SCANS, BACKUP USER DATA, REMIAGE the PC)
My favorite is reimaging the PC, backup the users data to a network share (you have to RUN NET USE from command to map using windows to browse or \\ to drive doesn't work for some reason) and apply a WIM image, reboot the PC and reconnect once your done. All done remotely without a on site visit.
_____________________________________________________________________________________________________
SECOND OPTION FOR PXE BOOT:
We can make this a RDS client, you can set the PXE OS to load a RDS screen, the user would then run RDS to connect to TS server. In this case you would no longer need HDD in computers, if you have a WDS server (Windows Deployment Server) you have set all computers to boot to network. NO MORE HDD failures. Everyone working from Remote Desktop you would be preventing local infections on computers. This makes managing your network that much simpler.