Create a Windows PE Disk for Drive Encryption Recovery

Article:TECH149477  |  Created: 2009-07-21  |  Updated: 2013-10-07  |  Article URL http://www.symantec.com/docs/TECH149477
Article Type
Technical Solution


Subject

Issue



This article details how to create a Windows PE disk.  Creating a customized Windows PE CD or USB Flash Drive provides a bootable recovery tool that can be used for recovery purposes with Symantec Drive Encryption (previously PGP Whole Disk Encryption).  For example, you can use the command line to copy, edit, backup and delete files.

Note: PGP Desktop 10.2.0 Build 1672 is not compatible with Windows PE. This is a known issue and is fixed in PGP Desktop 10.2.0 MP4. See TECH177520 for more information.

Click here for an article on using a customized Windows PE disk for troubleshooting and recovery.


Solution



To boot from a CD or USB Flash Drive, you do not need access to the encrypted hard disk. However, you must do the following:

  • Ensure that the platform version (X86, x64) of Windows PE is adequate - older versions of PGP will run only in 32-bits Windows PE
  • Pre-install the PGP WDE driver for decrypting the hard disk.
  • Pre-install the PGP WDE tools for authentication.
  • PGP WDE files must match the Windows PE platform type
     

Customizing Windows PE 1.x

Ensure that the Windows PE 1.x is located in the c: drive in the folder c:\winpe_x86, and is ready for customization.
 

Note: Follow the instructions provided in the Windows Preinstallation Environment Users Guide to prepare a drive or folder for customization. The Windows PE Users Guide is included with the Windows OEM Preinstallation Kit (OPK).

To customize Windows PE 1.x, you must:

  • Install the PGP WDE Tools
  • Create the bootable ISO file or CD
     

To install the PGP WDE Tools

  1. Copy the following files into the Windows folder c:\wde.
     

These files are either provided in the a zip file or a disc, or they can be copied from the PGP WDE installation directory (from a system that has PGP Desktop installed).

  • C:\Program Files\PGP Corporation\PGP Desktop\pgpbootb.bin
  • C:\Program Files\PGP Corporation\PGP Desktop\pgpbootg.bin
  • %SYSTEMROOT%\system32\PGPsdk.dll
  • %SYSTEMROOT%\system32\pgpsdknl.dll
  • %SYSTEMROOT%\system32\PGPwd.dll
  • C:\Program Files\PGP Corporation\PGP Desktop\PGPwde.exe
  • %SYSTEMROOT%\system32\drivers\PGPwded.sys
  • C:\Program Files\PGP Corporation\PGP Desktop\Stage1
     
  1. Run the command:

    Pgppe /winpe c:\winpe_x86 c:\wde
     

If successful the following message will appear (otherwise check if the proper Win PE platform version is being used):

Successfully installed the WDE driver and tools into winpe.

     3.  Copy the file c:\winpe_x86\winpe.wim to c:\winpe_x86\ISO\sources\ by running this command:

     copy c:\winpe_x86\winpe.wim c:\winpe_x86\ISO\sources\boot.wim

 

To create the bootable .iso file or CD

The next step is to make the customized winpe into a bootable .iso file and CD or USB Flash Drive.

  • Use the tool oscdimg.exe that is included with the OPK to create an .iso file as follows:

    Oscdimg -bc:\winpe_x86\etfsboot.com -n c:\winpe_x86\ISO c:\winpex86.iso

     
  • Use the CD-record software to burn the CD image file of winpex86.iso.
     

Customizing Windows PE 2.0

Ensure that the Windows PE 2.0 is already in the Windows folder c:\winpe_x86, and is ready for customization.

Note: Follow the instructions provided in the Windows Preinstallation Environment Users Guide to prepare a drive or folder for customization. The Windows PE Users Guide is included with the Windows Automated Installation Kit (AIK).

To customize Windows PE 2.0, you must:

  • Install the PGP WDE Tools
  • Create the bootable ISO file or CD
     

 

To install the PGP WDE Tools

  1. Copy the following files into the Windows folder c:\wde.

    These files are either provided in the a zip file or a disc, or they can be copied from the PGP WDE installation directory (from a system that has PGP Desktop installed).

     
  • C:\Program Files\PGP Corporation\PGP Desktop\pgpbootb.bin
  • C:\Program Files\PGP Corporation\PGP Desktop\pgpbootg.bin
  • %SYSTEMROOT%\system32\PGPsdk.dll
  • %SYSTEMROOT%\system32\pgpsdknl.dll
  • %SYSTEMROOT%\system32\PGPwd.dll
  • C:\Program Files\PGP Corporation\PGP Desktop\PGPwde.exe
  • %SYSTEMROOT%\system32\drivers\PGPwded.sys
  • C:\Program Files\PGP Corporation\PGP Desktop\Stage1
     
  1. Run the command:

    Pgppe /winpe c:\winpe_x86 c:\wde

     
  2. Copy the file c:\winpe_x86\winpe.wim to c:\winpe_x86\ISO\source\boot.wim and overwrite the old boot.wim file.
     

 

To create the bootable .iso file or CD-Rom

The next step is to make the customized winpe into a bootable .iso file and CD or USB Flash Drive.

  • Use the tool oscdimg.exe that is included with the OPK to create an .iso file as follows:

    Oscdimg -bc:\winpe_x86\etfsboot.com -n c:\winpe_x86\ISO c:\winpex86.iso

     
  • Use the CD-record software to burn the CD image file of winpex86.iso.
     

 

Creating a bootable USB Flash Drive

  1. Use the file diskpart.exe in Windows to format the USB Flash Drive. The following sample commands assume that disk 1 is the USB Flash Drive:
     
  • diskpart
  • select disk 1
  • clean
  • create a partition primary
  • select partition 1
  • active
  • format fs=fat32
  • assign
  • exit
     
  1. Copy all the files under c:\winpe_x86\ISO onto the USB Flash Drive. The following sample assumes that f: is the USB Flash Drive. xcopy c:\winpe_x86\iso\*.* /s /e f:\
     

 




Legacy ID



1526


Article URL http://www.symantec.com/docs/TECH149477


Terms of use for this information are found in Legal Notices