Windows Enterprise Desktop

February 20, 2009  5:48 PM

Another Use for WinPE: WinRE UFD To the Rescue

Ed Tittel Ed Tittel Profile: Ed Tittel

If you’ve ever messed with the Windows Vista Recovery Environment you know it’s helpful, but it can take quite a while for it to appear on-screen on a machine in need of repair or recovery. In fact, the functionality behind this display is a WinPE-based facility that’s bundled with the Windows Install Media, and invoked from a Windows Image file (.wim) when you select the “Repair an existing Vista system” from the install menu.

This low-res screen cap of the Recovery Environment describes your Vista Repair options:
here, you want to pick Windows Complete PC Restore.

On most of my Vista machines, it takes in excess of three minutes to get from the Vista install DVD to the System Recovery Options menu shown in the preceding screen capture, and it can sometimes take more than 10 minutes to pop up (as when finding and fixing boot-up issues, as it sometimes must). If you follow the instructions I provide in a recent story for Tom’s Guide “How to Make and Use a Bootable WinPE Drive” you will learn how to use the install media and the Windows Automated Instllation Kit (WAIK) to create a bootable UFD with the Vista Recovery Environment at your disposal. Unlike its DVD-based counterpart, however, this little gem usually presents itself on-screen in under two minutes, which lets you get to work far faster (on the notebook in question, the screen popped up in 1:07).

I was forcibly reminded of this yesterday, when I installed a new driver on one of my test notebook PCs, only to discover that the device went missing upon reboot, and that System Restore was also unable to roll back to the preceding restore point (I later learned this comes from a side effect of Norton security products, as documented in this Symantec page on the “Restoration Incomplete” error also produced during this process). What to do when restore points won’t work (and you don’t yet know how to fix that problem): use the Recovery Environment and a recent backup to restore your system to a pristine state. Luckily for me, I had just backed up my system the night before so I was back up and running in under 15 minutes, restore and all. This time, I skipped the IDT HD Audio driver update that started all my problems, and then went off to research exactly what happened, and why. In a roundabout way, all this led to today’s blog post.

Nevertheless, I was glad to have had this handy little tool at my disposal, which I’ve already used to repair Vista on a couple of machines since building the WinRE UFD in late January. You might want to add one of these to your toolkit. Any old UFD larger than 256MB will do: my WinRE UFD weighs in at 330 MB in all. Thus, a freebie or cheapie 1 GB UFD will work just fine for this purpose.

February 18, 2009  4:54 PM

XP Downgrade Suit: Legitimate beef or frivolous complaint?

Ed Tittel Ed Tittel Profile: Ed Tittel

The latest Vista flap originates from a lawsuit filed against Microsoft Corporation stemming from fees assessed to Los Angeles computer user Emma Alvarado for downgrading a Lenovo notebook PC from Windows Vista to Windows XP. She had to pay an extra $59.25 to get Lenovo to make the switch, and is now claiming that “Microsoft has abused its market position to try to cash in on the popularity of Windows XP.” Microsoft’s rejoinder is pretty straightforward: they don’t get any of the money from the charge she was assessed so therefore there’s no basis for a complaint against them.

Closer investigation reveals a somewhat more murky situation, however. The most popular version of Windows Vista for notebook PCs these days is Windows Vista Home Premium Edition. But only Windows Vista Business Edition and Windows Vista Ultimate Edition (and presumably also Windows Vista Enterprise Edition, though it’s not available in a retail SKU) are eligible for downgrade to Windows XP, and only to the Professional version of that older operating system. In fact, most downgrade charges can be assigned to two cost categories:

  • Fees from the vendor for actually performing the downgrade operation–or rather, for performing a clean install of Windows XP Professional on the notebook being purchased.
  • Fees for upgrading Windows Vista from the default version included with a notebook PC at no extra charge–presumably Windows Vista Home Premium edition in most cases–to either Windows Vista Business Edition or Windows Vista Ultimate Edition. In fact, Microsoft does profit from any such charges (which not all notebook vendors assess) that may be included in a downgraded notebook’s purchase price.

The real question then becomes: is requiring purchase of a “downgradable” version of an OS an abuse of monopoly power? I’m no lawyer (and to legal professionals, that means that anything I say next means exactly nothing), but this is a situation that appears to cut both ways. Consumers are free to choose any options they like when they purchase a notebook PC. But likewise, Microsoft is under no obligation to make older versions of its OS available to buyers at the same prices as current versions.

Personally, I believe it’s fair to charge for downgrading a system because it requires a different build process from one that goes default all the way. It’s the difference that sparks the charge, not the fact that one build is inherently more expensive or difficult than the other (both involve imaging a disk, but the XP downgrade requires a different image from the Vista Home Premium default image; likewise, buyers who simply upgrade Vista to Business or Ultimate must also pay for that privilege).

I guess the suit will have to go to court so a judge can decide if it has enough merit to go to trial. That said, it will be interesting to see if Microsoft can be compelled to make downgrades purely a matter of preference and paying operational costs, or if they can indeed require buyers to upgrade an OS merely to make it eligible for downgrade. For companies and organizations that still standardize on XP, this is more than a matter of simple curiousity: it will have a tangible effect on the cost of purchase for XP-equipped notebook and desktop PCs. What do you think?

February 16, 2009  2:55 PM

Clean Up New PCs with PC Euphemism

Ed Tittel Ed Tittel Profile: Ed Tittel

Actually the name of the program in question is not Euphemism–rather you can read it from the domain name in the URL for the Subscription page where organizations and companies can license its use for an incredibly reasonable $20 per PC technician per year for any number of machines–but I can’t use the name directly even though it’s both fair and accurate because it apparently violates the “no-no” words list for this implementation of WordPress. Nevertheless, PC Euphemism is a useful and valuable program, as most readers will shortly understand when I describe its capabilities.

PC Euphemism is a tool designed to remove unwanted programs that vendors so often install on new XP and Vista PCs, especially those of the notebook variety. The basic program is free for  home use and includes the following capabilities:

  • Removes a long list of programs from PCs (settings are accessible on a per-program basis for those items that some admins may want to leave installed on machines their company or organization buys).
  • Works from a script, which may cause AV programs to complain (such complaints can be safely ignored, however).
  • Driven by user input as to what constitutes a euphemistic application: users can submit forms to request inclusion of more software in subsequent versions of the software.

The commercial/professional version of PC Euphemism includes all of the aforementioned features and capabilities, and adds the following items as well:

  • command line operation, with access to help file content (use the /h parameter)
  • autoremove option to remove ALL added software items, or those selected by DEFAULT
  • autoremovespecific enables admins to provide an explicit list of all items to remove by name
  • list option creates a list of all items that the program can potentially remove (use to create pared-down list for the autoremovespecific option)

As somebody who works with dozens of notebook PCs every year for reviews for Tom’s Hardware, I’ve learned to appreciate PC Euphemism as a valuable post-purchase clean-up tool. Admins who must prep machines for users should likewise find it helpful, particularly its command line list and autoremovespecific parameters. At $20 per technician per year, it will pay for itself in its first hour of use!

February 13, 2009  2:52 PM

No More “Extras” for Ultimate Versions

Ed Tittel Ed Tittel Profile: Ed Tittel

Among the litany of complaints against Windows Vista, Microsoft’s failures to deliver on its promises to produce and release “Extras” for the Ultimate edition have been held up and railed against repeatedly since that version shipped in January 2007. The idea behind the Extras sounded good: from time to time, Microsoft would release special premium software only to owners of Windows Vista Ultimate via Windows Update.

Alas, the idea promised better than Microsoft’s execution was able to deliver. Aside from a single security add-on for BitLocker and EFS enhancements, a few games (Hold Em! poker and Tinker), and some sound and visual schemes, nothing noteworthy ever emerged in the Extras area  on Windows Update. As I search through my update history, in fact, I see exactly just over half a dozen Extras entries therein: one for enhancements to BitLocker and EFS, three related to DreamScene, one each for Hold ‘Em and Tinker, plus a related sound scheme for that last game.

At first, Microsoft made much of the Extras as an important value add for Vista Ultimate. Later on, they began to backpedal on this subject significantly. And although an Ultimate edition is planned for Windows 7, no Extras will be included in that go-round–see this coverage on the subject at Ars Technica–personally I don’t think that’s where the value-add for the Ultimate edition comes from anyway. The real value add comes from Media Center and image backup. To me the latter is almost worth the price differential all by itself, because it makes purchase of third-party image backup or ghosting utilities unnecessary, and because it’s so nicely integrated with the Windows Repair Environment available through the Vista installation media.

I think Microsoft has made a wise decision to forgo the Extras with Windows 7. They had problems delivering on their hyped-up promises for Vista, and have decided to focus more on core OS functions in the next release. Frankly, I’d like to see a return to earlier Windows install configurations, where the installer shows you what you can install along with the OS, and you get to choose what you do and don’t want to go along with it. Hopefully, that’s the direction that a leaner, meaner Windows 7 will take Microsoft’s desktop operating system.

February 11, 2009  5:06 PM

Another key to legacy Windows Apps: Virtual PC 2007

Ed Tittel Ed Tittel Profile: Ed Tittel

One ongoing and legitimate beef about Windows Vista is that it doesn’t support older Windows applications, particularly those written specifically for older Windows versions or that don’t follow well-established guidelines for “good behavior” in terms of referencing APIs, interacting with hardware, and so on and so forth. Now, Microsoft comes to the rescue with a product called Microsoft Enterprise Desktop Virtualization aka MED-V. It’s still in beta, and you have to register with Microsoft connect to obtain access to this otherwise free download, but you gain the ability to install Windows 2000 or XP in Vista using Microsoft Virtual PC 2007 (also free) so that the VMs can do for you and your users what Windows Vista sometimes cannot.

A commercial version of this software is expected later in 2009, and is based on technology that Microsoft acquired when it purchased desktop virtualization firm Kidaro in mid-2008. The idea, of course, is to spur upgrades and migrations to Windows Vista because previous obstacles to such motion are now mitigated by a solution that permits immovable legacy software to run in a back-rev Windows VM on top of Vista. This also lets enterprises impose centralized management and control over construction, deployment, and maintenance of system images, both virtual and real, and helps to add structure and organization to sometimes-chaotic desktop environments. Microsoft itself makes much of TCO improvements that switching to its Desktop Optimization Pack can confer. Above and beyond MED-V and application virtualization, this also includes an advanced Group Policy manager, an asset inventory service, a diagnostics and recovery toolset, and a tie-in to System Center for desktop error monitoring. It’s definitely worth checking out.

But if you’re fighting to migrate or upgrade systems to Vista, and legacy apps are getting in the way, MED-V may be just the lever you need to break that particular logjam. Give it a try!

February 9, 2009  4:40 PM

Preview of Patch Tuesday Attractions

Ed Tittel Ed Tittel Profile: Ed Tittel

Tomorrow, February 11, is the second Tuesday in February–hence, “Patch Tuesday” is once again at hand. Microsoft publishes advance notification for security bulletins each month on the preceding Thursday, so I can tell you what to expect in tomorrow’s updates. There are four items that should be included (though last-minute additions and deletions have been known to occur):

  • Critical: Internet Explorer 7 versions remote code execution fix. XP, Vista, Windows Server 2003 and 2008, 32- and 64-bit versions.
  • Critical: Exchange Server versions remote code execution fix. Exchange 2000 Server SP3 with 8/04 update rollup, Exchange Server 2003 SP2, Exchange Server 2007 SP1 (32- and 64-bit versions).
  • Important: SQL Server remote code execution. Too many versions to enumerate here (check the advance notification link in the first paragraph for details).
  • Important: Visio remote code execution. MS Office Visio 2002 SP2, MS Office Visio 2003 SP3, MS Office Visio 2007 SP1.

As usual, there will also be an updated version of the Microsoft Malicious Software Removal tool (KB890830) and the Windows Junk E-mail Filter (KB905866) for February, 2009, included as well. There will also be cumulative updates for Media Center for Windows Vista (KB950644) and Media Center TVPack for Windows Vista (KB958653), plus an update rollup for ActiveX Killbits for Windows (KB960715). These are described in more detail in KB894199 and also in the other KB articles cited for each item.

Given that all the major updates relate to remote code execution and the system compromises such vulnerabilities can produce, it’s probably time to start testing and/or deploying these patches to your clients and servers on an ASAP basis.

February 6, 2009  5:19 PM is another hidden treasure

Ed Tittel Ed Tittel Profile: Ed Tittel

If you read my previous blog, you already know that VistaPE is  a project that uses WinBuilder to automate the construction of a WinPE 2.0-based bootable image from the Windows Automated Installation Kit (WAIK) as well as the Vista OS install media (or a hard-disk copy thereof, for much better build-time performance). What may not have been clear in that posting, has now become crystal clear to me, thanks to spending a large part of the last two days devouring the forum posts, tutorials, and how-to’s available at Nuno Brito’s stellar site, the home of WinBuilder and an affiliate site for

What I didn’t immediately realize but am now keenly aware of, is that this site is a treasure trove of Windows internals lore, tools references, and information that has to be explored to be believed, and deeply pondered to be fully understood. I have learned more in the past two days about Windows boot structures, how the boot process begins, about the various types of file systems and MBR records that PC BIOSes can create and the various versions of Windows can accommodate, and how to build bootable floppies, hard disks, UFDs, and optical media than I ever imagined possible.

To me, is a stunning and entirely convincing demonstration of the power of open source and community effort. There’s no way a commercial outfit would be willing to disclose the kind of information that people want and need to know about low-level inner workings of operating systems, bootstrap loaders, BIOS operations, and related forensics and construction tools–at least, not without feeling like its “valuable intellectual property” had been given away purely for good will. does this as a matter of deliberate policy, design, and support for community.

Any Windows professionals, including those who work with XP and Vista, as well as other versions both older and newer, will find lots of interesting, valuable, and useful information here about how to design, build, and install compact boot environments for Windows machines. They’ll also learn about lots of tools they can include in such environments for installation, automated deployment, troubleshooting, and system repair.

I’d have to recommend this as one of the best resources I’ve ever seen when it comes to understanding how the Windows OS is put together, how it loads and boots, and what kinds of specifics are necessary to fit customized configurations to particular collections of hardware (motherboard, CPU, chipsets, devices, peripherals, and so forth). My only beefs against the site are its “sink or swim” approach to organizing and presenting information and providing guidance to newbies, and the incredible amount of information through which interested parties must work to find the items of greatest interest and relevance to them. But when compared to the treasures and wisdom so liberally scattered around its collection of goodies, those are pretty minor beefs indeed.

You simply must check it out!

February 5, 2009  4:00 PM

A Fabulous WinPE Resource: VistaPE

Ed Tittel Ed Tittel Profile: Ed Tittel

As I’ve learned to build various types of bootable CDs and UFDs with the Vista-based WinPE environment, I’ve also been working to learn more about its inner workings and capabilities. As I struggled to figure out how to add Windows Explorer and some kind of Web browser to a runtime WinPE image (which usually takes the form of a Windows image file named boot.wim or something similar) I discovered what might not unfairly be called the “ultimate Windows PE resource.” It’s a Web site that serves a very active and capable developer and user community called VistaPE.

Let me explain what makes VistaPE tick first and foremost, then explain what VistaPE has to offer. The foundation for VistaPE is a scripting and Windows build tool called WinBuilder. It works from either Windows XP or Vista to create boot disks (and in fact, incorporates WinPE 2.0 for Vista into the Vista side of that equation), but it goes way beyond what the basic Microsoft toolkit provides via imagex.exe and the other basic elements in their toolbox. VistaPE builds on this foundation to add significant applications and capabilities on top of the WinPE 2.0 kernel to support a more-or-less complete graphical user interface (GUI) environment. Thus, the VistaPE runtime environment–which is incredibly user-configurable and flexible, and continuously extended and expanded upon through a growing script library–is more like a “real Windows” than a basic command line interpreter (CLI) environment.

Here’s how I found VistaPE: In seeking to extend my WinPE skills and abilities, I’d started trying to research methods to include Windows Explorer in the WinPE environment after reading several postings online that (a) mentioned this could be done and (b) finding no concrete details on exactly how to do so. My basic computer science training told me that it would require mapping out the code dependencies from within Explorer to determine what other DLLs and executable elements were required to make the program run. I quickly discovered thereafter that some DLLs must be registered with Windows as well as present in the runtime environment to work properly, after a simple analysis with Mark Russinovich’s dllist utility failed to produce the desired results. That’s what led me back on the research trail and, ultimately, to the VistaPE Web site.

I knew I’d struck paydirt when, after downloading and installing WinBuilder and the VistaPE script library, I was able to produce this screenshot:

The VistaPE scripts in WinBuilder make adding Explorer a piece of cake
The VistaPE scripts in WinBuilder make adding Explorer a piece of cake

As it turns out, adding Explorer just barely begins to describe what VistPE can do within WinBuilder. It also provides an alternate and somewhat more functional graphic file system interface tool called BS Explorer 2, and even supports the Linux-inspired Grub4DOS boot management toolset.

But beyond the VistaPE Base toolset shown in the preceding screenshot, please note the other major checkbox elements in WinBuilder’s left-column pane:

  • Addons: scripts and settings for common WinPE components (WSH, MDAC, HTA, WMI, and XML), plus a GUI for diskpart.exe, common dll-based libraries for Visual Basic and more, Internet Explorer 7, PE’s network configuration tool (PENetCfg), and lots more.
  • Drivers: drivers required for chipsets, LAN interfaces, storage devices, and standard VGA graphics.
  • Tweaks: elements to enhance the user interface, control various applications, manage graphic shells,…
  • App: add-ins for a huge library of basic applications from antivirus, to file compression, to data recovery, and a great deal more.
  • OtherOS: access to other OS tools and environments for multi-boot setups.
  • Finalize: tools use to complete the construction of a Windows image (.wim) file from all the preceding VistaPE scripts (which include binary code as well as assembly instructions, so you can add executables right into the boot.wim base image)
  • Virtual Test: lets you load and run your Windows image file in a virtual machine to see how (and if) it works as you want it to.
  • Debug: used to mount and inspect .wim files and edit Registry hives to check and fix problems.

To me, VistaPE is an entirely new and wonderful world of capability and functionality that cries out for more study and improved understanding. I’ve already been able to use it to build much more powerful and capable boot images than I had been able to hand-craft on my own. But I can also see that there’s a great deal more going on here than immediately meets the eye, or falls readily into my grasp. If you dig into this environment, you’ll come to the same realizations equally quickly yourself. Please check it out soon!

February 2, 2009  5:34 PM

Windows Service Pack Blocker soon to lose XP (SP3), Vista (SP1) blocks

Ed Tittel Ed Tittel Profile: Ed Tittel

Since December 2007, Microsoft has offered a Windows Service Pack Blocker Tool Kit to organizations that wish to prevent deployment of service packs in their environments. Blogging for the Vista Team Blog, Microsoft Windows Communication Manager Matt LeBlanc indicated on 1/29/2008 that this tool will soon relinquish its ability to block XP SP3 and Vista SP1. The expiration date for XP SP3 is 5/19/2008 and for Vista SP1 is 4/28/2009, each 12 months to the day from the original release of those service packs, and each in keeping with the tool’s stated ability to block current service packs up to 12 months after their release dates. After these dates, these SPs will be available directly from Windows Update.

With Vista and Windows Server 2008 shortly to become the focus of a shared SP2 release (currently guesstimated for April, 2009), this tool retains its capability and may be used to block or defer installation of this new SP for up to 12 months after its eventual general availability date. The Blocker offers admins three different ways to manage Service Packs:

  • An MS-signed executable that manages a Registry Key (in HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate) to block or allow Windows Update delivery of a current SP.
  • A script that works like the MS executable except that it allows the admin to supply the name of a remote machine where the block/unblock operations may be performed.
  • An administrative (.ADM) template that permits admins to import GPOs to block or unblock delivery of SPs into a Group Policy environment.

As Microsoft observes in connection with the Blocker “this toolkit will not prevent the installation of the service pack from CD/DVD, or from the stand-alone download package. This simply prevents the service pack from being delivered over Windows Update.”

For environments where more time is often needed to test and accommodate SPs, the Blocker can be a handy tool. As long as admins understand it does not last forever–in fact, a year from the SPs general availability date is as much leeway as it can provide–the tool can be a useful element in their Vista, XP, and Windows Server 2008 toolbox.

January 30, 2009  5:19 PM

Red Hat Enterprise Linux 5.3 Ups Vista Support

Ed Tittel Ed Tittel Profile: Ed Tittel

Hey! It seems that not all the latest Vista new and information is completely negative. According a recent Red Hat Newsblog entry RHEL 5.1 Offers Customers New Features and Capabilities dated 1/20/2009, Vista support has been substantially beefed up in this latest release of RedHat’s flagship OS offering.

According to additional coverage of the release at InternetNews, RHEL 5.3 includes the following Vista-oriented updates and fixes:

  • Updates and improvements to the built-in Samba environment, which provides support for the Server Message Block (SMB) protocol used for Microsoft network file access and other communications.
  • Updates to the Common Internet File System support in RHEL 5.3, so that Linux can work as a client with Windows Servers.
  • Although the current version does not include support for the Network Access Protection (NAP) mechanisms introduced with Windows Server 2008, Red Hat plans to add support for NAP in the next point release for RHEL (5.4) in another six months or so.

This could be good news for Vista administrators who must also work with Red Hat servers as part of their network infrastructure. And it’s also a refreshing change to see a company touting its support for Vista, when so much other coverage seems to focus on low adoption rates, plans to skip over Vista entirely for Windows 7, and other, similar “doom and gloom” topics.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: