Integrate DaRT 10 Tools into your Recovery Partition during OSD

Update 8.22.2016 – Update for 1607 Media (Build 14393), found that using the 1511 DaRT didn’t play so nice on a 1607 install of Windows 10.
Fix, Create new DaRT WIM with latest ADK.

Changes to Made for 1607

  • Uninstall old ADK, Install new ADK
  • Run the DaRT Recovery Image creator to create new WIM using new ADK
  • NO Longer need to run the HotFix!
  • Change WinRE partition size from 900 to 1100 – Found 900 would cause issues from time to time.
  • Updated Script to include F4 Support & add Timeout to help with DiskPart sporadic issues. (Download HERE)
    • Thanks to Alex Nicastro for the Assist on that.
  • Basically, just follow the instructions below using the updated ADK, skip the HotFix, and name your package accordingly.

 

Requirements:

  1. Windows 10 ADK (Build 10586) – Download HERE
  2. Windows 10 ADK Hotfix to fix issue in ADK– Download HERE (We’ll get to this later)
  3. DaRT Recovery Image Installed –> Part of MDOP
  4. Windows 10 Media (Build 10586) Mounted

Setup:

ADK 10
image

DaRT
image

 

Launch the MS DaRT Recovery Image Wizard – If you see this error, it’s because of your Powershell group policy, to get around this, open elevated command prompt and do this:
Reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\Powershell /v ExecutionPolicy /f
– Now try again
https://garytown.com/wp-content/uploads/2016/03/image-11.png

Choose 64-bit Dart Image – I’ve mounted the Windows 10 ISO to the D: drive
image

You can leave the tools to default
image

Check the box “Allow…” and let it default to 3388
image

Advanced Options, add any Storage & NIC drivers you’ll need & any WinPE addons
image image

Create Image: Select Create WIM, set the path to c:\cabs
image

- Note, if you want, at this step, you can check the box “Edit image” and then after it a short period, you’ll get the opportunity to add files.  I did this to add cmtrace and some other tools into the image

Now wait for a few minutes while it is generated
image

 

 

 

Adding HotFix to boot.wim (Only if you’re using Windows 10 1511 build 10586)

Extract the HotFix to c:\Cabs (I’m using 7zip)
It will create 2 schema files.

image

Also create the folder mount (C:\Cabs\Mount)

Make sure your boot.wim file is save to C:\Cabs\DaRT10\x64\boot.wim, you’ll then need to run these commands: ( original documentation here: https://support.microsoft.com/en-us/kb/3143760), this is modified based on where I’ve saved the files in my example.
Run from elevated “Deployment and Imaging Tools Environment”
image

  1. dism /mount-wim /wimfile:C:\Cabs\DaRT10\x64\boot.wim /index:1 /mountdir:C:\Cabs\mount
    image
  2. icacls C:\Cabs\mount\Windows\System32\schema.dat /save "%temp%\AclFile"
    image
  3. takeown /F C:\Cabs\mount\Windows\System32\schema.dat /A
    image
  4. icacls C:\Cabs\mount\Windows\System32\schema.dat /grant BUILTIN\Administrators:(F)
    image
  5. xcopy "C:\Cabs\schema-x64.dat" C:\Cabs\mount\Windows\System32\schema.dat /Y
    image
  6. icacls C:\Cabs\mount\Windows\System32\schema.dat /setowner "NT SERVICE\TrustedInstaller"
    image
  7. icacls C:\Cabs\mount\Windows\System32\ /restore "%temp%\AclFile"
    image
  8. dism /unmount-wim /mountdir:C:\Cabs\mount /Commit
    image

As you can see, Before:
image

After:
image

 

Ok, now we have our boot.wim file, it’s time to get it into the OSD process.

In the Standard ConfigMgr MDT Task Sequence, go to the Format and Partition Disk (UEFI)

Change the Windows RE Tools name to WinRE and change the size from 300 to 900 1100
image

Create a Package with your boot.wim file and three batch files: (Download here)

SetDriveLetterLabel.cmd (This will take the Partition Labeled WinRE and assign letter R)
-------

REM ======start batch script=======
@echo off
setlocal ENABLEDELAYEDEXPANSION
:: Full path to diskpart.exe. Defaults are:
:: Windows 2000: "C:\Program Files\Resource Kit\diskpart.exe"
:: 2003/XP: "C:\windows\system32\diskpart.exe"
set dp=c:\windows\system32\diskpart.exe

:: Volume label
set label=WinRE

:: Temporary command file for diskpart.exe
set dps="%TEMP%\dp.txt"

echo list volume>%dps%
echo exit>>%dps%
set label_short=%LABEL:~0,11%
if exist %dp% (
for /f "delims=" %%i in ('%dp% /s %dps%') do (
set string=%%i
if not "!string:%label_short%=!"=="!string!" (
set volnum=!string:~9,3!
set volnum=!volnum: =!
)
)
if not "!volnum!"=="" (
echo Volume Label: %label%
echo Volume Number: !volnum!
echo select volume !volnum! >>%TEMP%\assignr.txt
echo assign letter=R >>%TEMP%\assignr.txt
%dp% /s %TEMP%\assignr.txt
) else (
echo Cannot find volume with label %label%
)
) else (
echo Cannot find %dp%&goto :EOF
)
REM =======end batch script========

 

-------

RemoveDriveLetterLabel.cmd (This will remove the drive Letters D/E/R).  I was having some computers add a D or E drive based on other factors, so I just added it to this script to remove those letters too.
---------
REM ======start batch script=======
@echo off
setlocal ENABLEDELAYEDEXPANSION
:: Full path to diskpart.exe. Defaults are:
:: Windows 2000: "C:\Program Files\Resource Kit\diskpart.exe"
:: 2003/XP: "C:\windows\system32\diskpart.exe"
set dp=c:\windows\system32\diskpart.exe

:: Volume label
set label=WinRE

:: Temporary command file for diskpart.exe
set dps="%TEMP%\dp.txt"

echo list volume>%dps%
echo exit>>%dps%
set label_short=%LABEL:~0,11%
if exist %dp% (
for /f "delims=" %%i in ('%dp% /s %dps%') do (
set string=%%i
if not "!string:%label_short%=!"=="!string!" (
set volnum=!string:~9,3!
set volnum=!volnum: =!
)
)
if not "!volnum!"=="" (
echo Volume Label: %label%
echo Volume Number: !volnum!
echo select volume !volnum! >>%TEMP%\remover.txt
echo remove letter=r >>%TEMP%\remover.txt

echo select volume !volnum! >>%TEMP%\removed.txt
echo remove letter=d >>%TEMP%\removed.txt

echo select volume !volnum! >>%TEMP%\removee.txt
echo remove letter=e >>%TEMP%\removee.txt

%dp% /s %TEMP%\remover.txt
%dp% /s %TEMP%\removed.txt
%dp% /s %TEMP%\removee.txt
) else (
echo Cannot find volume with label %label%
)
) else (
echo Cannot find %dp%&goto :EOF
)
REM =======end batch script========

-------

 

InstallDartUEFI.cmd (This deletes the old Windows Recovery WIM, creates the new folder structure and copies the boot.wim into place and assigns it as the recovery wim – It calls the script above to remove the drive letter when it’s done.)
Update 7/22/16 - Added 2 lines in RED, I was finding that on some systems, it wasn't copying my custom WIM over because there wasn't enough room on the Partition because of the Default WIM.  Add line to Delete the Default before coping the Custom one over. - I have not updated the scripts in the ZIP File yet.  Still doing more testing, as I'm having issues getting this working properly on HyperV, but so far all of my Physical Machines are working properly.

Update 8/22/16 – Added Line for F4 & Timeout
--------

REM SetDriveLetterLabel.cmd - Now doing in Previous Step, sets WinRE partition to Letter R

REM Make Directory where DaRT Recovery WIM will be placed
mkdir R:\Recovery\WinRE

REM Delete old WindowsRE Folder (Free up room to copy in new WIM)
rmdir R:\Recovery\WindowsRE /S /Q

REM Copy DaRT Recovery WIM into Recovery Partition
copy boot.wim R:\Recovery\WinRE\winre.wim

REM Set Windows to use the new DaRT Recovery WIM
C:\Windows\System32\ReAgentc.exe /disable
C:\Windows\System32\ReAgentc.exe /setreimage /path R:\Recovery\WinRE /target C:\Windows
C:\Windows\System32\ReAgentc.exe /setreimage /path R:\Recovery\WinRE /target C:\Windows /bootkey 3e00
C:\Windows\System32\ReAgentc.exe /enable

REM Add timeout
timeout /t 15

REM Remove the Drive Letter for the Recovery Partition - Removes Letter R and D/E if exist.
RemoveDriveLetterLabel.cmd

-------

Package Contents:
image

 

In the TS:
In the State Restore Group, add two Steps

  1. Install WinRE – Dart10 – UEFI – Step1 (cmd /c SetDriveLetterLabel.cmd)
    image
  2. Install WinRE – Dart10 – UEFI – Step2 (cmd /c InstallDartUEFI.cmd)
    image

After OSD, you can go into your recovery options..  and choose Advanced Startup  - Once at the Option Screen, pick Troubleshoot –> Advanced –> Command Prompt
image image image

It will now reboot into the Windows Recovery Partition.
You’ll see a prompt for “Would you like to initialize network connectivity..”, click yes

It will now prompt you for your bitlocker Key, if bitlocker is enabled.  Enter it and click continue
The Command Prompt will Open, just go ahead and close it.

You will now see options, choose Troubleshoot –> Microsoft Diagnostics and Recovery Toolset will be an option.

Now that you launched DaRT, you’ll have several options available to you, including Remote Connection, which is what I’m using to connect in to grab the screen capture.
image

 

Several hand tools built in like LockSmith, to recover Admin Passwords.  This is handy if you have LAPS implemented, and the machine is deleted from the domain so you no longer have access to the Admin password.
image

File Restore in action:
image

 

And if you like, you can even add a web browser to your Image, because hey, why not!  Pale Moon 64bit seems to work alright. Smile  Just Extract the Program to a folder and copy that folder into your image.  Then use Explorer to browse to it.

image

So there you have it, integrating DaRT 10 into your Windows 10 10586 Deployments

I’ve tested this on Dell Latitude E6540, Precision 7510 & MS Surface Pro.  I’ve done this in the Past with DaRT 8 on an entire range of Dell devices without any issues.  But I’ve only started to implement this with DaRT10.

30 thoughts on “Integrate DaRT 10 Tools into your Recovery Partition during OSD

  • May 10, 2016 at 10:03 am
    Permalink

    I appreciate that article. Is it possible to create a hardware bootkey using the reagentc.exe commands, so a user could boot directly to the recovery environment prior to booting into windows? If it is possible how would one go about doing it? I have tried using the following command:
    C:\Windows\System32\ReAgentc.exe /setreimage /path R:\Recovery\WinRE /target C:\Windows /bootkey 0x3d00

    that should have allowed to press the F3 key and the PC would boot in the winre.wim, but it does not.

    Reply
    • May 17, 2016 at 8:13 am
      Permalink

      That is a great question, I have actually not thought of doing that, but I like what you're thinking. If I get time to mess with this and figure it out, I'll let you know.

      Reply
  • June 2, 2016 at 6:49 am
    Permalink

    Great post , I have tried the above but I am not seeing the results as expected .in the SMTS.log file I am seeing the following errors:

    C:\_SMSTaskSequence\Packages\NY100019>C:\Windows\System32\ReAgentc.exe /disable InstallSoftware 01/06/2016 04:49:18 3824 (0x0EF0)
    The system cannot find the drive specified. InstallSoftware 01/06/2016 04:49:18 3824 (0x0EF0)
    The system cannot find the drive specified. InstallSoftware 01/06/2016 04:49:18 3824 (0x0EF0)
    InstallSoftware 01/06/2016 04:49:19 3824 (0x0EF0)
    C:\_SMSTaskSequence\Packages\NY100019>C:\Windows\System32\ReAgentc.exe /setreimage /path R:\Recovery\WinRE /target C:\Windows InstallSoftware 01/06/2016 04:49:19 3824 (0x0EF0)
    REAGENTC.EXE: Operation Successful. InstallSoftware 01/06/2016 04:49:19 3824 (0x0EF0)
    InstallSoftware 01/06/2016 04:49:19 3824 (0x0EF0)
    InstallSoftware 01/06/2016 04:49:20 3824 (0x0EF0)
    C:\_SMSTaskSequence\Packages\NY100019>C:\Windows\System32\ReAgentc.exe /enable InstallSoftware 01/06/2016 04:49:20 3824 (0x0EF0)
    REAGENTC.EXE: The specified path was not found. InstallSoftware 01/06/2016 04:49:20 3824 (0x0EF0)
    InstallSoftware 01/06/2016 04:49:20 3824 (0x0EF0)
    InstallSoftware 01/06/2016 04:49:39 3824 (0x0EF0)
    C:\_SMSTaskSequence\Packages\NY100019>REM Remove the Drive Letter for the Recovery Partition - Removes Letter R and D/E if exist. InstallSoftware 01/06/2016 04:49:39 3824 (0x0EF0)
    InstallSoftware 01/06/2016 04:49:39 3824 (0x0EF0)
    C:\_SMSTaskSequence\Packages\NY100019>RemoveDriveLetterLabel.cmd InstallSoftware 01/06/2016 04:49:39 3824 (0x0EF0)

    Reply
    • June 3, 2016 at 10:36 am
      Permalink

      If you hit F8, and check the command prompt, is your OS installed to the C:\ at that point? What happens if you pause your TS and run it manually, same errors?

      Reply
  • June 8, 2016 at 9:33 am
    Permalink

    I am testing this on a vm guest machine to prove the concept first, this machine is also a gen1 vm in hyper v is that likely to have a bearing and also what if the machine does not have uefi?

    Reply
    • June 8, 2016 at 9:53 am
      Permalink

      If it isn't UEFI, it can still work, but I haven't tested recently. I used to do it with non-UEFI devices. I believe as long as you make a Partition with the Label WinPE, it will work.

      Reply
  • June 9, 2016 at 9:53 am
    Permalink

    I can see a hidden partition on the machine through diskpart but do not get the recovery options as per steps at the end:

    You will now see options, choose Troubleshoot –> Microsoft Diagnostics and Recovery Toolset will be an option.

    I do not see MSDART Toolset as an option in troubleshooting, would welcome a dialog via PM if possible?

    Reply
  • July 21, 2016 at 2:48 pm
    Permalink

    Hello,

    I have the same issue, it goes through I see the hidden partition. I noticed theres 488Mb used, but when i got Troubleshoot ->Microsoft Diagnostics and Recovery Toolset is not there... Do you know where i can get a full install guide..

    Thanks,
    Alex

    Reply
    • July 22, 2016 at 10:37 am
      Permalink

      So you go to troubleshooting, choose advanced, choose"Command Prompt", then it reboots into your Recovery Environment, and at that point you don't see the DaRTt Tools? I don't see the DaRT recovery tools until after the reboot.
      I've noticed on a couple of my models that when I reboot after choosing Command Prompt, that when it reboots, it says it can't find an administrator account on the PC. Still trying to troubleshoot that issue. (Added one line into the script to see if it helps, updated article to show) Happens on my Virtual Machines and my Venue tablets. However, the DaRT Tools did work on my new 5175 & 7275 Tablet models without any modifications.
      Also added

      Reply
      • July 23, 2016 at 6:36 am
        Permalink

        Hello,

        I go into troubleshooting only see Microsoft restore points. I had it working in my Qa environment. I couldn't login so I had to use locksmith to change the admin password. I thought it was my reference image so I changed my reference image now I can login but don't see the DaRT tools. Monday I'll be placing a call to MS to see what I did. I noticed it still creates the windowsre partition even though I remove it and it won't let me see what's in it. Im stuck at this point :(...

        Thanks,
        Alex

        Reply
  • July 26, 2016 at 9:40 am
    Permalink

    Hello,

    When I go to troubleshooting, choose advanced, choose"Command Prompt", Says "Preparing Command Prompt, I choose "Administator", Put password, Then a command prompt window appears. I delete my whole environment and started over from scratch.

    Thanks,
    Alex

    Reply
    • July 26, 2016 at 12:25 pm
      Permalink

      Once you close out of Command prompt, it should bring you back to the Troubleshooting Menu, at that point you should see DaRT as an option.

      Reply
  • July 26, 2016 at 2:28 pm
    Permalink

    Hey,

    Thanks so much for the quick responses!.. You were right after closing the command prompt I did see the DaRT recovery. The only problem I have is that when the user clicks on the command prompt they will need to type in the local admin password. Is there a way around that?

    Thanks.
    Alex

    Reply
  • August 2, 2016 at 8:24 am
    Permalink

    Hello,

    Just a quick update so I was able to create a hotkey using the following line:
    C:\Windows\System32\ReAgentc.exe /setreimage /path R:\Recovery\WinRE /target C:\Windows /bootkey 3ed00.
    After doing that now you can press F4 and get into DaRT tools without going through the command prompt closing the window. Then clicking on Troubleshooting, I appreciate all your help with this :).

    Thanks,
    Alex Nicastro

    Reply
  • August 17, 2016 at 12:39 pm
    Permalink

    Hello,

    With the release of Windows 10 1607, will we still have to add the schemas from KB3143760 to the wim file? After making a new Windows image with 1607, the DaRT recovery option is missing - even after selecting the Command Prompt option from the menu.

    Thanks,
    Paul

    Reply
    • August 18, 2016 at 7:53 am
      Permalink

      Hey Paul, I haven't yet done much with 1607. I haven't rebuilt the DaRT WIM yet using the updated ADK, but I'm quite sure you're right, you would NOT need to add the schemas after, which will save a lot of time. I've replaced the Windows 10 1511 WIM with a 1607 WIM in my TS, but left everything else alone (Inlcuding my DaRT image, which is still 1511), and even though the Computers is now 1607, it still gives me the ability to use DaRT when I go into Recovery.

      Reply
  • August 18, 2016 at 1:06 pm
    Permalink

    **Fixed Typo in previous post**

    Hello,

    I am sorry for the typo but I made the following changes in the "InstalldartUEFI.cmd" file:

    C:\Windows\System32\ReAgentc.exe /setreimage /path R:\Recovery\WinRE /target C:\Windows /bootkey 3e00

    This will set the F4 key to boot to DaRT. Here are the scan codes for the various function keys.

    Key Scan code
    F1 0x3b00
    F2 0x3c00
    F3 0x3d00
    F4 0x3e00
    F5 Do not use (reserved)
    F6 0x4000
    F7 0x4100
    F8 Do not use (reserved)
    F9 0x4300
    F10 0x4400
    F11 0x8500
    F12 0x8600

    Thanks,
    Alex Nicastro

    Reply
  • September 16, 2016 at 7:23 am
    Permalink

    Hi there, If I rename the WinRE partition and make it 1100MB, will Bitlocker/MBAM still be able to utilize this partition as well? Or will I need to make a separate Recovery partition for MBAM/Bitlocker as well?

    Reply
  • October 29, 2016 at 4:26 pm
    Permalink

    gwblok, I know this question is not entirely related to the above post, I download the MDOP .iso from MSDN to make the DaRt Tools. After extracting, run the MSDaRT100.msi, but when i go to the dart directory, their is no dart 10 setup wizard. i also own MDOP 2012 had no issues, wizard loaded . Also my ISO is MDOP 2015. so could you please help, just need to know how to get to the Wizard to build my tools. Thank You for your support.

    P.S. I did grab your script Nice work.

    Reply
    • November 3, 2016 at 9:48 am
      Permalink

      Just remember to have the Windows ADK installed first, or it will not give the option to create the ISO.

      Reply
  • January 12, 2017 at 10:48 am
    Permalink

    Any Idea on a net new installation I would get this.

    Generating DaRT image
    Installing and configuring DaRT tools...
    The running command stopped because the preference variable "ErrorActionPreference" or common parameter is set to Stop: Error applying Dart Tools to the image mounted to: 'C:\Users\USERNAME\AppData\Local\Temp\DaRT_Mount_2017.01.12.10.46.43'. Package is not applicable: 'C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-FMAPI.cab'..
    Cleaning up temporary files
    Temporary folder: C:\Users\USERNAME\AppData\Local\Temp\DaRT_Mount_2017.01.12.10.46.43

    Reply
    • January 17, 2017 at 2:06 pm
      Permalink

      The only thing I can think of would be permissions. I'd suggest doing this on a Clean VM, where you're logged in as admin, and you launch the process elevated.

      Reply
  • Pingback: SWMSCUG November 2016 Presentation Notes | Potent Engineer

  • February 3, 2017 at 2:23 pm
    Permalink

    Any one have the issue when you boot into your windows 10 recovery partition and try to open a command window it says "You need to sign in as an administrator to continue, but there aren't any administrator accounts on this PC"

    There is an administrator account (2 of them) but it wont list them.

    Looks like this was a problem with windows 8.1 and server 2012 WinRE

    If you have this set:

    You enable the Accounts: Block Microsoft accounts Group Policy and select the Users can’t add or log on with Microsoft accounts option in the following Group Policy path:
    Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options

    Which we do. I cant find a fix for Dart 10

    https://support.microsoft.com/en-us/help/2957212/-no-administrator-accounts-error-when-you-select-an-option-in-winre-in-windows-8.1-or-windows-server-2012-r2

    Reply
  • February 16, 2017 at 11:47 pm
    Permalink

    Gary, thank you for this post. I did something similar for my Win7 deployment (not using your script) but I am currently testing your method against my Win10 1607 build. One of the requirements we have is that all our laptops are encrypted with Bitlocker, so in my ConfigMgr MDT task sequence, I preprovision bitlocker to get the disk encrypted. Unfortunately, I have found that I am unable to get a custom dart wim into the recovery partition working on laptops; desktops and my vm test environment are successful. Have you run into that issue or have any insight how I can go about getting around that issue? Appreciate any feedback.

    Reply
    • February 17, 2017 at 6:36 am
      Permalink

      It's been working for me on 1607 no problems. I do NOT preprovision bitlocker. I set bitlocker near the end of the TS. On a test machine, if you don't enable Bitlocker via preprovision , does it work?

      Reply
  • April 12, 2017 at 7:55 am
    Permalink

    It's Working for me With Pre-Provisioning but I use MBAM.
    I Have a Question. How it the F4 fonciton suppose to Work ?
    More precisely when do I use it. When I go to Windows Advance Startup while its rebooting the F4 key doesn't seems to do anything.
    Beside that all is fine. Great Work on that.

    Reply
    • April 13, 2017 at 9:05 am
      Permalink

      Hey Max - did you do anything specific to get this to work with Pre-Provisioning?
      I''ve been failing miserably getting this to work. I eliminated it from the task sequences so now I'm trying to get it to work.

      When I try to enable using reagentc /enable I get the following error:
      REAGENTC.EXE: Windows RE cannot be enabled on a volume with Bitlocker Drive Encryption enabled.

      Reply
  • May 4, 2017 at 8:11 am
    Permalink

    There is a way to add the DaRT button instead of using the Command Prompt. Put next text in notepad and save in UTF-8 with name MSDaRT.xml, run the command - ReAgentc /setbootshelllink /configfile MSDaRT.xml.

    Microsoft® Diagnostics and Recovery Toolset
    Launch various DaRT recovery tools

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *