Windows XP Remote Reimage
If you have RPC access to a PC it is quite easy to reimage it remotely.
This example applies to a working WinXP machine but can be easily altered for say Windows 7 or Vista .
Steps
- Copy the needed files to the machine
- Modify/replace the boot.ini for grldr (XP)
- Reboot the pc, the XP bootloader chainloads the grldr bootloader which chainloads gPxe bootloader.
- gPXE then obtains IP info and boots 'something' off the network, either via PXE, HTTP or FTP (or iSCSI or AoE etc.)
Contents
Main script
A bit of decoration :) {{#fileanchor: remote-reimage.bat}}
@echo off
echo _ __ __
echo _____(_)_____/ /_ __ ______/ / _________ ____ ___
echo / ___/ // ___/ __ \/ / / / __ / / ___/ __ \/ __ `__ \ RMDC
echo / / / // /__/ / / / /_/ / /_/ /_/ /__/ /_/ / / / / / / Clonemod Remote
echo/_/ /_/ \___/_/ /_/\__,_/\__,_/(_)___/\____/_/ /_/ /_/ V1 server side
echo.
echo ---=== Last updated 07-April-2011 ===---
echo.
Test the machine given is alive AND connectable via RPC, it no hostname passed on command line it will prompt for one.
{{#fileanchor: remote-reimage.bat}}
SETLOCAL ENABLEDELAYEDEXPANSION
:start
if [%1] == [] (
SET /P h=Please enter computer hostname and press enter:
) ELSE (
set h=%1
)
if [!h!] == [] (
goto start
) ELSE (
goto test
)
goto end
:test
echo Ping testing !h!...
ping -n 2 -l 1 -f -w 20 !h! >nul
if !errorlevel! neq 0 (
set f=Cannot ping host & call:fail
) else (
echo RPC testing !h!...
net use \\!h! /persistent:no >nul
if !errorlevel! neq 0 (
set f=No RPC connection, non-domain or WMI broken & call:fail
) else (
net use \\!h! /d >nul
echo Machine !h! alive and connectable!
call:main
)
)
goto end
This copies the files to the remote machine, (boot.ini needs its attributes changing) and reboots it, so grldr will load and do the business.
{{#fileanchor: remote-reimage.bat}}
:main
echo Copying files...
copy /y "%~dp0gpxe-1.0.1+-gpxe.lkrn" "\\!h!\c$" >nul
attrib -r -h -s "\\!h!\c$\boot.ini" >nul
copy /y "%~dp0boot.ini" "\\!h!\c$" >nul
copy /y "%~dp0grldr" "\\!h!\c$" >nul
copy /y "%~dp0menu.lst" "\\!h!\c$" >nul
shutdown /r /t 1 /f /m \\!h!
echo PC,!h!,OK >> "%~dp0clonemodremote-result.csv"
goto end
:fail
echo PC:!h!, Failure:!f!
echo PC,!h!,FAIL,!f! >> "%~dp0clonemodremote-result.csv"
goto end
:end
[{{#filelink: remote-reimage.bat}} Download the entire script HERE (all parts above)]
boot.ini
This is a typical modified Windows XP boot.ini script for windows' ntldr bootloader with grldr set as the default option {{#fileanchor: boot.ini}}
[boot loader]
timeout=0
default=C:\grldr
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
C:\grldr="CloneMod v3"
[{{#filelink: boot.ini}} Download the entire script HERE]
grldr
grldr is a bootloader and is part of grub4dos 0.4.5b which is latest version at time of writing. (You cannot use syslinux etc. as they cannot read files on NTFS) (can ntldr boot gPXE directly? test!)
Simple menu.lst, grldr uses this to boot the gPXE kernel gpxe-1.0.1+-gpxe.lkrn {{#fileanchor: menu.lst}}
default 0
foreground=FFFFFF
background=000000
timeout 0
title CloneMod V3
find --set-root /gpxe-1.0.1+-gpxe.lkrn
kernel /gpxe-1.0.1+-gpxe.lkrn
[{{#filelink: menu.lst}} Download the entire script HERE]
gPXE
gPXE script
gPXE script to embed when building on rom-o-matic.
In this example its booting my new Cyclone imaging system, kernel and initramfs via HTTP
dhcp net0
set 210:string http://xxx.xxx.xx.x/pxe/
kernel ${210:string}cyclone/bzImage loglevel=3 vga=788 spath=cyclone/system runinit=cyclone.sh serveraddr=xxx.xxx.xx.x snum=2 imgmode=Auto label=NoLabel
initrd ${210:string}cyclone/initramfs.cp.lzma
boot
In this example you would boot to the default PXE menu as if doing a normal PXE boot, allbeit using the drivers in the gPXE kernel, rather than using the target machines undi.
dhcp net0
set 209:string pxelinux.cfg/default
set 210:string http://xxx.xxx.xx.x/pxe/
chain ${210:string}pxelinux.0
Or (on my specially modified Belkin router running lighty on a different port to built in webserver)
dhcp net0
set 209:string pxelinux.cfg/default
set 210:string http://192.168.2.1:81/
chain ${210:string}pxelinux.0
gPXE kernel
To create the gPXE kernel in rom-o-matic do this, leave the rest as default.
1)Choose an output format (in this case a kernel) > .lkrn 5)Customize image configuration options: > paste/modify suitable script (above) into the textarea 'Embedded script' near the bottom
Log
Very simple output csv log from bat script, in the example called clonemodremote-result.csv
PC,ua-0119,FAIL,Cannot ping host
PC,143.210.11.78,OK
PC,po-0033,OK
PC,hs-0140,OK
PC,it-1648,OK
Windows 7
Windows 7 / Vista
With Vista / Win7 as the target machine, you will need to use the bootmgr bootloader instead of ntldr.
Bootmgr cannot directly boot grldr (like ntldr can) and can only boot an MBR (grldr.mbr), which in turn loads grldr. Rather than repeat everything, the info is here about halfway down the page.