How to create a custom startup WinPE 2.x-3.x CD - SEE Full Disk Edition

Article:TECH171553  |  Created: 2011-10-11  |  Updated: 2013-05-08  |  Article URL http://www.symantec.com/docs/TECH171553
Article Type
Technical Solution


Environment

Issue



It's possible to create a WinPE build containing the Symantec Endpoint Encryption (SEE) Access and Recover Utilities, and the following document should be used for that purpose.

Note: Support for WinPE  3.x is only provided for SEE  8.0 and later versions. 

 

 


Solution



 

How to create a custom startup WinPE 2.x-3.x CD
with
SEE Full Disk Access or SEE Recover Utilities support
 
I. SEE Full Disk Access
 
 
  1. Install the Windows Automated Installation Kit (Windows AIK). You can download the Windows AIK from one of the following links:
Windows Automated Installation Kit (AIK) for Windows 7 (WinPE 3.0)
 
 Automated Installation Kit (AIK) for Windows Vista SP1 and Windows Server 2008 (WinPE 2.1)
 
 
NB: Different Windows AIK versions should not be installed on same machine/OS.
  1. Create a folder on your hard disk named <build_location> (for example c:\buildwpe).
  2. Open the Windows PE Tools Command Prompt from Start->Programs->Microsoft Windows AIK->Windows PE Tools Command Prompt.
  3. At the command prompt, run the Copype.cmd script. The script requires two arguments: hardware architecture and destination location.
Example:

copype.cmd <arch> <arch_destination>

Where <arch> can be x86 or amd64 and <arch_destination> is a path to the local directory.
Example:

copype.cmd x86 c:\buildwpe\winpe_x86

The script creates the following directory structure and copies all the necessary files for that architecture.
Example:

\winpe_x86
\winpe_x86\ISO
\winpe_x86\mount

  1.  At the command prompt, mount the base Windows PE image (Winpe.wim) to the \mount directory by using ImageX.
Example:

imagex /mountrw c:\buildwpe\winpe_x86\winpe.wim 1 c:\buildwpe\winpe_x86\mount

  1. If you want to add additional drivers, such as network card drivers, run the following:
 
WinPE 2.x

peimg /inf=<path> c:\buildwpe\winpe_x86\mount\Windows

Where <path> is path to the inf file of the driver.
 
Example:

peimg /inf=c:\dell\drivers\e6500\e1y6032.sys c:\buildwpe\winpe_x86\mount\Windows

If you want to additional drivers, for each other driver after the first run:

imagex /apply c:\buildwpe\winpe_x86\winpe.wim 1 c:\buildwpe\winpe_x86\mount
peimg /inf=<path> c:\ buildwpe\winpe_x86\mount\Windows

 
WinPE 3.0:

dism /image:<path_to_image> /Add-Driver /driver:<path_to_inf>

Where <path_to_image> is path to mount location of the image and <path_to_image> is path to the inf file of the driver.
 
Example:

dism /image:c:\buildwpe\winpe_x86\mount /Add-Driver /driver:c:\Exx00\E1Y6032.inf

  1. Edit the file startnet.cmd located in the <arch_destination>\mount\Windows\System32 folder, and add the following content to this file:
@echo off
wpeinit
%SYSTEMDRIVE%\Utilities\SEEFD_Access_Utility
 
  1. Copy the files ephdxlat.sys and eafsprot.sys to the
<arch_destination>\mount\Windows\System32\drivers folder.
 
Next, copy the files
 
mfc80.dll,
mfc80u.dll,
mfcm80.dll,
mfcm80u.dll,
msvcm80.dll,
msvcp80.dll,
msvcr80.dll,
Microsoft.VC80.CRT.manifest,
Microsoft.VC80.MFC.manifest,
SEEFD_Access_Utility.exe,
EPCL32.dll,
EAECCWinPE.dll,
EAFRWinPEDBWrapper.dll,
EAFRWinPEUserManagement.dll,
EAHDWinPEDBWrapper.dll,
EAHDCliSectAccEAFS.dll, and
EACaseConverter.dll
 
to the <arch_destination>\mount\Utilities folder.
 
These files are available in the Utilities folder of the Full Disk download package.
  1.  Register the drivers in the WinPE SYSTEM file.
9.1. Run regedit.exe (under Windows XP or Windows Server 2003) or regedt32.exe (under Windows 2000).
9.2. Click on HKEY_LOCAL_MACHINE.
 
 
9.3. From File -> Load Hive, load the \mount\Windows\System32\config\ SYSTEMfile.
 
 
 
 
9.4. Expand the key HKEY_LOCAL_MACHINE\Temp\ControlSet001\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}
 
 
9.5. Double-click on the registry value UpperFilters and add an ephdxlat entry.
IMPORTANT: When adding the ephdxlat entry, make sure that you do not enter any leading or trailing spaces in the name.
 
 
 
9.6. Open the HKEY_LOCAL_MACHINE\Temp\ControlSet001\Services and create a new key named EPHDXLAT with following string and double word values:
 

Key Name
Type
Value
DisplayName
String Value (REG_SZ)
GuardianEdge Encryption Filter
Group
String Value (REG_SZ)
PnP Filter
ErrorControl
DWORD Value (REG_DWORD)
0x00000001
Start
DWORD Value (REG_DWORD)
0x00000000
Type
DWORD Value (REG_DWORD)
0x00000001

 
 
9.7. Open the HKEY_LOCAL_MACHINE\Temp\ControlSet1\Services and create a new key named EAFSPROT with following string and double word values:
 

Key Name
Type
Value
EpfsVolumePath
String Value (REG_SZ)
<without value>
Group
String Value (REG_SZ)
filter
ImagePath
String Value (REG_SZ)
System32\drivers\eafsprot.sys
ErrorControl
DWORD Value (REG_DWORD)
0x00000001
ProtectionStyle
DWORD Value (REG_DWORD)
0x00000001
Start
DWORD Value (REG_DWORD)
0x00000000
Type
DWORD Value (REG_DWORD)
0x00000002

 
 
9.8. Click on HKEY_LOCAL_MACHINE\Temp and unload the hive using File -> Unload Hive.
 
 
 
 
 
10. Commit the changes to the original image file (Winpe.wim) by using the ImageX /unmount option with the /commit option.
Example:

imagex /unmount /commit c:\buildwpe\winpe_x86\mount

11. Replace the default Boot.wim in the \ISO directory with your new custom image. The image must be called Boot.wim.
Example:

copy /y c:\buildwpe\winpe_x86\winpe.wim c:\buildwpe\winpe_x86\ISO\sources\boot.wim

12. Create an .iso file with Oscdimg. At the command prompt, type:

oscdimg –n -b<arch_destination>\etfsboot.com<arch_destination>\ISO <arch_destination>\<iso_filename>.iso

Example:

oscdimg -n -bc:\buildwpe\winpe_x86\etfsboot.com c:\buildwpe\winpe_x86\ISO c:\buildwpe\winpe_x86\winpe_x86.iso

This creates a no-emulation bootable (-betfsboot.com) ISO image with long file name support (-n).
  1. Burn a CD with the c:\buildwpe\winpe_x86\winpe_x86.iso image you just created.
IMPORTANT: Do not place the access utility and the recover utility on the same Windows PE CD as they are not compatible and functionality issues may occur as a result.
 
II. SEE Recover
 
  1. Install the Windows Automated Installation Kit (Windows AIK). You can download the Windows AIK from one of the following links:
 
Windows Automated Installation Kit (AIK) for Windows 7 (WinPE 3.0)
 
 Automated Installation Kit (AIK) for Windows Vista SP1 and Windows Server 2008 (WinPE 2.1)
 
 
NB: Different Windows AIK versions should not be installed on same machine/OS.
  1. Create a folder on your hard disk named <build_location>(for example c:\buildwpe).
  2. Open the Windows PE Tools Command Prompt from Start->Programs->Microsoft Windows AIK->Windows PE Tools Command Prompt.
  3. At the command prompt, run the Copype.cmd script. The script requires two arguments: hardware architecture and destination location.
Example:

copype.cmd <arch> <arch_destination>

Where <arch> can be x86, amd64, or ia64 and <arch_destination> is a path to the local directory.
Example:

copype.cmd x86 c:\buildwpe\winpe_x86

The script creates the following directory structure and copies all the necessary files for that architecture.
Example:

\winpe_x86
\winpe_x86\ISO
\winpe_x86\mount

  1.  At the command prompt, mount the base Windows PE image (Winpe.wim) to the \mount directory by using ImageX.
Example:

imagex /mountrw c:\buildwpe\winpe_x86\winpe.wim 1 c:\buildwpe\winpe_x86\mount

  1. If you want to add additional drivers, such as network card drivers, run the following:
WinPE 2.x

peimg /inf=<path> c:\buildwpe\winpe_x86\mount\Windows

Where <path> is path to the inf file of the driver.
 
Example:

peimg /inf=c:\dell\drivers\e6500\e1y6032.sys c:\buildwpe\winpe_x86\mount\Windows

If you want to additional drivers, for each other driver after the first run:

imagex /apply c:\buildwpe\winpe_x86\winpe.wim 1 c:\buildwpe\winpe_x86\mountpeimg /inf=<path> c:\ buildwpe\winpe_x86\mount\Windows

 
WinPE 3.0:

dism /image:<path_to_image> /Add-Driver /driver:<path_to_inf>

Where <path_to_image> is path to mount location of the image and <path_to_image> is path to the inf file of the driver.
 
Example:

dism /image:c:\buildwpe\winpe_x86\mount /Add-Driver /driver:c:\Exx00\E1Y6032.inf

  1. Edit the file startnet.cmd located in: <arch_destination>\mount\Windows\System32 folder, and add the following content:
@echo off
wpeinit
%SYSTEMDRIVE%\Utilities\SEERecoverWinPE
 
  1. Copy the files
 
FDE.dll,
mfc80.dll,
mfc80u.dll,
mfcm80.dll,
mfcm80u.dll,
msvcm80.dll,
msvcp80.dll,
msvcr80.dll,
Microsoft.VC80.CRT.manifest,
Microsoft.VC80.MFC.manifest,
SEERecoverWinPE.exe
 
to the <arch_destination>\mount\Utilities folder.
 
These files are available in the Utilities folder of the Full Disk download package.
 
9.      Commit the changes to the original image file (Winpe.wim) by using the ImageX /unmount option with the /commit option.
Example:

imagex /unmount /commit c:\buildwpe\winpe_x86\mount

10. Replace the default Boot.wim in the \ISO directory with your new custom image. The image must be called Boot.wim.
Example:

copy /y c:\buildwpe\winpe_x86\winpe.wim c:\buildwpe\winpe_x86\ISO\sources\boot.wim

11. Create an .iso file with Oscdimg. At a command prompt, type:

oscdimg –n -b<arch_destination>\etfsboot.com<arch_destination>\ISO <arch_destination>\<iso_filename>.iso

Example:

oscdimg -n -bc:\buildwpe\winpe_x86\etfsboot.com c:\buildwpe\winpe_x86\ISO c:\buildwpe\winpe_x86\winpe_x86.iso

This creates a no-emulation bootable (-betfsboot.com) ISO image with long file name support (-n).
 
  1. Burn a CD with the c:\buildwpe\winpe_x86\winpe_x86.iso image you just created.
 



Article URL http://www.symantec.com/docs/TECH171553


Terms of use for this information are found in Legal Notices