dexter.inside

My guide will cover this kind of software integration in Part 3. It's a bad idea to do unattended installation of large pieces of software because even if you didn't get it wrong it still uses way too much time at setup. OEM preinstallation and sysprepping is specially created to deploy windows with all kinds of programs installed without using any extra time at all.

The most probable scenario is that your OEM disc is genuine and your OEM serial key has already been activated that specific number of times allowed by the manufacturer. This usually happens because that serial leaked. Tell me the name of your OEM and the first + last (25th) letter in the serial found in that unattended setup. so that I can ask my partners to verify the number of activations. Buying OEM discs from eBay is a bad idea, because at some point someone will leak the serial. The idea behind OEM activation is that all the discs are handled internally in a controlled corporate environment. In case my suspicions prove to be true, you should take that CD to whatever OEM partner you have in your area so that you can get either another license or your money back.

2.4. Testing nLited WHS 2.4.1. Build the DVD Using OSCDIMG.EXE, build it with the following settings (the distribution share is the current path). Picture 4 - Build the DVD The -m switch is for making DVDs instead of CDs. Due to some bugs in the WinPE-based install of Windows Home Server, I will use a manual installation procedure. If you can boot from the first image without receiving the "Could not initialize UI subsystem" you can proceed directly to the next chapter; however most of us are not that lucky. So, if you get this error, use nLite to create an ISO from the \SVR_2003 folder. If not, jump to section 2.4.6. 2.4.2. VMware Configuration. I am using VMware Workstation 6 ACE Edition build 44426. The Guest operating system is Windows Server2003 Small Business (LSI Logic compliant). You need to create a non-preallocated non-independent virtual disk that is larger than 32 Gb. (the setup requires it to be this way, otherwise it will fail). Don't worry, it will never use more than ~4 Gb on your disk. You also need to use at least 512 Mb of memory, as required by Windows PE 2.0. Picture 5 - WHS Virtual Machine It's best to use a network shared folder, like this: Picture 6 - Shared Folders Workstation 6 compatible VMs also introduced a great feature, you can now mount a virtual partition just like a real one and map a drive letter to it in your host machine when the VM is turned off. Of course, you have to partition the virtual disk first inside the VM. Picture 7 - Virtual Disk Picture 8 - Advanced Properties Picture 9 - Mount

2.3. nLite your WHS Core Just like in Part 1, use nLite on the \SVR_2003 folder. Up to this moment, I am unsure on what components to keep in order not to break the WSH installer or functionality. For starters, remember to keep Sysprep and Activation Compatibility, IE Compatibility, and IIS 6. Remember that in order to complete this tutorial, you will have to disable OEM and use the Advanced Configuration and Power Interface (ACPI) PC HAL in your nLite unattended settings. This is what I used: [Main] Env = 1.3 - 2.0.50727.42.Microsoft Windows NT 5.2.3790 Service Pack 2, v.2845 Target = Windows Server 2003 for Small Business Server SP:2 - 5.2.3790.3959 - English (United States) [Tasks] Remove Components Unattended Setup Tweaks Options [Components] ;# Applications # Accessibility Options Defragmenter ;# Multimedia # Mouse Cursors Music Samples Old CDPlayer and Sound Recorder Speech Support Windows Sounds ;# Network # Communication tools ;# Operating System Options # 16-bit support Color Schemes Disk Cleanup Document Templates DR Watson FAT to NTFS converter Search Assistant Shell Media Handler Symbolic Debugger (NTSD) Zip Folders ;# Services # Beep Driver Removable Storage ;# Compatibility # Compat03 [KeepFiles] msconfig.exe [RemoveFiles] clock.avi yahoo.bmp swtchbrd.bmp [Options] CABMerge CABNoHigh ClassicSetup ProfilesDir = "%SystemDrive%\Documents and Settings" TargetPath = "WINDOWS" temp_dir = %SystemDrive%\WINDOWS\Temp AdvTweaks [Patches] TcpIp = 100 DoUxTheme DoSFC [Services2] Themes,2 AudioSrv,2 [Tweaks] Boot and Shutdown-Ctrl-Alt-Del at logon-Disabled Boot and Shutdown-Disable saving Last Good state at boot Boot and Shutdown-Disable Shutdown Tracker Boot and Shutdown-Logon Page-Welcome screen Boot and Shutdown-Numlock-Off Boot and Shutdown-Setup Prefetch-Cache-Applaunch and Boot enabled Boot and Shutdown-Status Messages-Extended Desktop-Internet Explorer icon-Show Desktop-My Computer icon-Show Desktop-My Documents icon-Hide Desktop-My Network Places icon-Hide Desktop-Recycle Bin icon-Hide Desktop-Show Windows version on Desktop Explorer-Add 'Command Prompt' to folder context menu Explorer-Advanced Search: preconfigure options Explorer-Classic Control Panel Explorer-Disable Autorun Explorer-Disable Beep on errors Explorer-Disable Prefix: Shortcut to Explorer-Display the contents of system folders Explorer-Recycle Bin: allow to rename and delete Explorer-Recycle Bin: delete files directly Explorer-Remove Send To on context menu Explorer-Show Drive Letters in front of Drive Names Explorer-Show extensions of known file-types Explorer-Show hidden files and folders Explorer-Show Map Network Drives buttons in Explorer bar Explorer-Show protected operating system files Explorer-Show Statusbar in all windows Explorer-Show the full path in the Address Bar Explorer-Show the full path in the Title Bar Internet Explorer-Disable Go Button Internet Explorer-Disable Market Place bookmark Internet Explorer-Disable Media Player 6.4 created bookmarks Internet Explorer-Disable sound when popup is blocked Internet Explorer-Enable Google URL-Search Internet Explorer-Keep IE URL-History for-20 Days (default) Internet Explorer-Set Homepage-about:blank Internet Explorer-Set IE-Cache limit to-20 MB Internet Explorer-Set Internet Explorer to accept 10 connects at a time My Computer-Add Administrative Tools My Computer-Add Control Panel My Computer-Add Control Panel to Context Menu My Computer-Add Device Manager to Context Menu My Computer-Add Folder Options My Computer-Add Fonts Folder My Computer-Add My Network Places My Computer-Add Network Connections My Computer-Add Printers and Faxes My Computer-Add Recycle Bin My Computer-Add Scheduled Tasks My Computer-Add Services to Context Menu My Computer-Add Software to Context Menu My Computer-Add Taskbar Settings Network-Allow receiving Remote Assistance-Disable Network-Disable administrative shares Network-Remote Desktop-Enable Network-Set TCP/IP Priority to 1 Performance-Disable Info Tips on Files and Folders Performance-Disable Last accessed Timestamp on files Performance-Disable Optimize harddisk when idle Performance-Disable paging of kernel and core-os Performance-Disable Tracking of Broken Shortcut Links Performance-Disable Warn on low disk space Performance-Disable WBEM logging Performance-Do not cache thumbnails Performance-Processor scheduling-Programs Privacy-Disable Driver Update Internet prompt Privacy-Disable Error Reporting Privacy-Disable File MRU-List Privacy-Disable Tracking of most used programs Privacy-Remove Alexa Security-Always show Updates under Software Security-Disable Screensaver Security-Disable Web Open With prompt Security-Screensaver Password-Protection-Disabled Start Menu-Add Administrative Tools menu Start Menu-Clear most recently opened documents list on logoff Start Menu-Control Panel-Display as a menu Start Menu-Disable Highlight newly installed programs Start Menu-Disable popup on first boot Start Menu-Expand Network Connections Start Menu-My Computer-Display as a menu Start Menu-My Documents-Display as a menu Start Menu-My Music-Display as a menu Start Menu-My Network Places-Display as a menu Start Menu-My Pictures-Display as a menu Start Menu-Network Connections-Link to Network Connections folder Start Menu-Number of programs on Start menu-6 Start Menu-Printers and Faxes-Display as a menu Start Menu-Reduce popup delay Start Menu-Remove Search For People from Search Start Menu-Remove Search the Internet from Search Start Menu-Remove Set Program Access and Defaults Start Menu-Remove Windows Catalog shortcut Start Menu-Remove Windows Update shortcut Start Menu-Scroll Programs Taskbar-Disable Hide inactive icons Taskbar-Lock the Taskbar-Yes Visual Effects-Active window tracking speed-Fast Visual Effects-Animate windows when minimizing and maximizing-Disable Visual Effects-Combo box animation-Disable Visual Effects-Cursor shadow-Enable Visual Effects-Fade out selection-Disable Visual Effects-Gradient captions in windows-Enable Visual Effects-Keyboard shortcut underline-Enable Visual Effects-Menu animation-Disable Visual Effects-Menu shadows-Disable Visual Effects-Menu style-Normal Visual Effects-Show translucent selection rectangle-Enable Visual Effects-Show window contents while dragging-Disable Visual Effects-Slide taskbar buttons-Disable Visual Effects-Smooth edges of screen fonts-ClearType Visual Effects-Smooth-scroll list boxes-Disable Visual Effects-Tooltip animation-Disable Visual Effects-Use a background image for each folder type-Disable Visual Effects-Use drop shadows for icon labels on the desktop-Enable Windows Media Player-Accept Privacy Statement Windows Media Player-Disable auto-add music to library Windows Media Player-Disable license backup prompt Windows Media Player-Disable silent acqusition Windows Media Player-Disable starting with Media Guide Windows Media Player-Do not show anchor in Designmode Windows Media Player-Optimize fullscreen mode behavior Windows Media Player-Remove all context menu entries Windows Media Player-Zoom video to windowsize [Unattended] DisableOem ComputerType = Advanced Configuration and Power Interface (ACPI) PC Resolution = 800x600 BitsPerPel = 32 bit (True Color) MaximumDataStorePercentOfDisk = 12 RestorePointLife = 30 DesktopTheme = Default|| PerServer,100 SCWInstall = 2 AutoUpdates = 3 AutoUDay = 5 AutoUHour = 15 AUElevate AUMinor ProgFilesPath = "\Program Files" [NetAdapter1] connname = "" macaddress = "" ipaddress = "192.168.0.1" subnetmask = "255.255.255.0" defaultgateway = "" dnsserver1 = "" dnsserver2 = "" winsserver = "" netbiossetting = "0" ipxnetworknumber = "00000000" ipxnetworkframetype = "0xFF" [GuiRunOnce] [Drivers] [Hotfixes] I have also unhidden stuff from SYSOC.INF: [Version] Signature = "$Windows NT$" DriverVer=10/01/2002,5.2.3790.3959 [Components] NtComponents=ntoc.dll,NtOcSetupProc,,4 WBEM=ocgen.dll,OcEntry,wbemoc.inf,,7 WBEMMSI=wbemupgd.dll,OcEntry,wbemmsi.inf,,7 Display=desk.cpl,DisplayOcSetupProc,,7 ADAM=adamocm.dll,OCEntry,adam.inf,,4 Fax=fxsocm.dll,FaxOcmSetupProc,fxsocm.inf,,6 NetOC=netoc.dll,NetOcSetupProc,netoc.inf,,7 iis=iis.dll,OcEntry,iis.inf,,7 com=comsetup.dll,OcEntry,comnt5.inf,,7 dtc=msdtcstp.dll,OcEntry,dtcnt5.inf,,7 IndexSrv_System = setupqry.dll,IndexSrv,setupqry.inf,,7 TerminalServer=TsOc.dll, HydraOc, TsOc.inf,,2 msmq=msmqocm.dll,MsmqOcm,msmqocm.inf,,6 RemInst=ocgen.dll,OcEntry,ocmri.inf,,3 Cluster=clusocm.dll,ClusOcmSetupProc,clusocm.inf,,7 aspnet=aspnetoc.dll,AspnetOcmProc,aspnetoc.inf,,7 netfx=netfxocm.dll,UrtOcmProc,netfxocm.inf,,7 netfx20=netfxocm20.dll,UrtOcmProc,netfx20.inf,,7 ins=imsinsnt.dll,OcEntry,ins.inf,,7 ims=imsinsnt.dll,OcEntry,ims.inf,,7 fp_extensions=fp50ext.dll,FrontPage5Extensions,fp50ext.inf,,7 sharepoint=ocwss.dll,OcEntry,ocwss.inf,,7 certsrv=certocm.dll,CertSrvOCProc,certocm.inf,,2 LicenseServer=LicenOc.dll,EntryProc,LicenOc.inf,,6 wms=wmsocm.dll,OcEntry,wmsocm.inf,,3 RootAutoUpdate=ocgen.dll,OcEntry,rootau.inf,,7 IEAccess=ocgen.dll,OcEntry,ieaccess.inf,,7 BITSServerExtensions=bitsoc.dll,OcEntry,bitssrv.inf,,7 UDDIServices=uddiocm.dll,OcEntry,uddi.inf,,6 authman=ocgen.dll,OcEntry,AuthMan.inf,,7 OEAccess=ocgen.dll,OcEntry,oeaccess.inf,,7 IEHarden=ocgen.dll,OcEntry,ieharden.inf,,7 SCW=ocgen.dll,OcEntry,scw.inf,,7 PMCsnap=ocgen.dll,OcOMEntry,pmcsnap.inf,,7 HWMGMT=wsocgen.dll,OcEntry,hwmgmt.inf,,7 SanMgmt=ocgen.dll,OcOMEntry,SanMgmt.inf,,7 Srm=ocgen.dll,OcOMEntry,srm.inf,,7 Dfsr=ocgen.dll,OcOMEntry,dfsr.inf,,7 DfsFrsUI=ocgen.dll,OcOMEntry,dfsfrsui.inf,,7 DfsRHelper=ocgen.dll,OcOMEntry,dfsrhelper.inf,,7 CfsCommonUIFx=ocgen.dll,OcOMEntry,cfscommonuifx.inf,,7 DfsExt=ocgen.dll,OcOMEntry,dfsext.inf,,7 FsrCommon=ocgen.dll,OcOMEntry,fsrcommon.inf,,7 FsrNas=ocgen.dll,OcOMEntry,fsrnas.inf,,7 FsrStandard=ocgen.dll,OcOMEntry,fsrstandard.inf,,7 SISInst=ocgen.dll,OcEntry,sis.inf,,7 CLFS=ocgen.dll,OcOMEntry,clfs.inf,,7 SNIS=suaidmog.dll,OcEntry,uidmsnis.inf,,7 PswdSync=suaidmog.dll,OcEntry,uidmpsnc.inf,,7 IdmuMgmt=suaidmog.dll,OcEntry,uidmadmn.inf,,7 UnixIDManagement=suaidmog.dll,OcEntry,uidmmain.inf,,7 SUA=suaidmog.dll,OcEntry,Interix.inf,,7 MSNFS=nfsocm.dll,OcEntry,msnfs.inf,,7 RpcXdr=nfsocm.dll,OcEntry,rpcxdr.inf,,7 Portmap=nfsocm.dll,OcEntry,portmap.inf,,7 NfsAdminUI=nfsocm.dll,OcEntry,NfsAdminUI.inf,,7 NFSserverAuth=nfsocm.dll,OcEntry,nfsauth.inf,,7 NFSserver=nfsocm.dll,OcEntry,nfssvc.inf,,7 NFSclient=nfsocm.dll,OcEntry,nfsclnt.inf,,7 MapServer=nfsocm.dll,OcEntry,mapsvc.inf,,7 ADServOC=ocgen.dll,OcEntry,adservoc.inf,,7 ADFS=adfsocm.dll,OcEntry,adfs.inf,,6 MultiM=ocgen.dll,OcEntry,multimed.inf,,7 AccessUtil=ocgen.dll,OcEntry,accessor.inf,,7 MSWordPad=ocgen.dll,OcEntry,wordpad.inf,,7 WhServer=whsoc.dll,WHSSetupProc,whsoc.inf,,7 InetPrint=ntprint.dll,IppOcEntry,IppOcm.inf,,7 K=KOC.dll,KOCSetupProc,KOC.inf,,7 nLite=ocgen.dll,OcEntry,nLite.inf,,7 [Global] WindowTitle=%WindowTitle% WindowTitle.StandAlone="*" [Strings] WindowTitle="Windows Server Setup" WindowTitle_Standalone="Windows Components Wizard" ; Customized by nLite - www.nliteos.com

Part 2: Road to the End-User In Part 2 of this tutorial, I will continue with Windows Home Server (codenamed Quattro), and how can you use nLite to improve your Home Server experience. Later on, I will explain the sysprep -reseal technique and deploy your nLited windows distributions after further tweaking them in a controlled environment. You can learn here the advantages of OEM software preinstallation (a rather unfamiliar procedure AFAIK) over unattended software installation, to which most of you are already acquainted with (very well covered by nLite I might add). 2.1. A few things you should know before starting For Part 2, I have used the following software: - Windows 2003 Small Business Server (from Part 1) - Windows Home Server CTP, build 06.00.1371 - VMware Workstation 6 - nLite 1.3.0.4 - Total Commander 7 2.2. Preparing the distribution share Copy the contents of the Windows Home Server Installation DVD to your distribution share. Mine is named I:\temp\WHS. Picture 1 - The distribution share This is the layout of WHS folders: - BOOT, the boot code for Windows PE 2.0 that is used to deploy WSH. In it you can find the BCD registry hive, that controls booting the DVD. You can edit it by using Microsoft's BCDEDIT.EXE or by loading it in your registry from REGEDIT. Picture 2 - Loading BCD with REGEDIT - DOCS, the EULA and documentation. - FILES, installer logic that installs Codename Quattro over the base install. - REDISTR, redistributable applications required by Quattro runtime code. - SOURCES, containing the BOOT.WIM file, in which the base WinPE 2.0 is stored (build 6.0.6000 from the WAIK). - SVR_2003, the first CD from Windows 2003 Small Business Server with SP2, v3790.2959. This is your nLite target. WSH installer logic generates a headless install for it the first time it runs. - WHS, specific hotfixes and MSI packages to be added on top of SBS CD1 after install. - WHSSUPPORTTOOLS, runtime tools for the WHS app. - WINDOWS, the WinPE Shell that installs WHS. This is how the BCD looks like. Picture 3 - The BCD hive temporary loaded in HKU Don't forget to unload the hive after you're done. AUTORUN.INF contains: [autorun] open=files\install\qs.exe -autorun and, as you can see, the DVD is tagged just like SBS, with WIN52IL.SP2.

possible causes can be: 1) massive registry, event log and system files fragmentation 2) antivirus that does a complete check of all files accessed pending boot 3) some service that hangs or is being delay-started

You could try to use the Microsoft Document Explorer from VS2005 as browser, it works even if the IE core has been removed, and is just as good as IE7.

Yes, at a first glance Norton Ghost is a good solution, but Microsoft has developed the WIM format specifically for this purpose. I am almost done gathering data for continuing my tutorial, and I will present my research in the next few days. The main advantages are single instance storage over one and/or multiple sysprep resealed images and using a real Microsoft-written setup routine (with actual partitioning options, not with unattended diskpart).

hey ppl this thread is becoming quite sick

the simplest way is to mount the desired WIM image # as RW to a folder, add the desired folders to its root, and unmount it, committing the changes. ImageX is the best solution for such operations. You copied $OEM$ to a DVD, from which only stuff contained by INSTALL.WIM gets copied to your destination partition.

maybe the option to remove the entire .NET 3.0 instead of just WCF would be useful. For example, in Server 2008 it is not installed by default.

SuperFetch technology will perform optimally on computers that are restarted very rarely (like 1-2 times per week). For example, Windows Server 2008 makes use of it very well to handle memory caching and fast loading times for a lot of huge server components that otherwise take a lot of time to start. The best performance improvements can be seen on newer machines, and I think it is the most useful way of using memory if you have more than 1 Gb. In Vista there aren't yet any large or intensive components (Windows Search and Defender are next to nothing when compared with Server 2008 components), but, from what I've heard, there are going to be a lot of refinements on SuperFetch technology brought by Vista SP1 (hopefully this might justify the kernel rollup to NT 6.1). The Customer Experience feedback program has been very useful for the team developing Vista.

the new driver load feature available at run-time in Windows PE 2.0+ command prompt made text-mode drivers obsolete. You will have to add those drivers to BOOT.WIM

Would these help you? Processes Running services My network stack, one of these keeps feeding me the ARP packets (either PID 1820 or 1872, not sure yet) As you can see, there is traffic on port 1642, and I have no idea what is it. (spoted this a long time ago, as I am a security freak and like to see everything that happens on my computers at any moment). Note that this amount of concurrent connections would most likely choke due to the constant arp who-has packets that occur, so for less powerful hardware this may lead to system slow-down (similar to flooding) or periodic freeze times. Similar stress conditions on 10/100 Mbps ethernet is bound to cause these simptoms. Did you try running 3-4 hundred TCP/IP connections at a time to see how XP handles the stress?

Quite possible, indeed. I think the differences are caused by the fact that you're running nlited XP and me nlited Server, and the svchost builds are quite different (there are a few years between them). Perhaps nlite alters some registry settings related to it. I might be able to discover them running a full system diff comparison in a controlled environment, but it would take me almost a week and a lot of nerves, so this would be the last resort.

well, that's certainly not good... maybe you've removed something that's preventing it work

I will say this again... At some point in the future, we will probably be able to strip the NT 5.x / 6.0 kernel clean and operate it in Recovery Console, even without the GUI or any drivers (meaning ~15 Mb of memory being used). I would like to point out that, unless you are building yourself some kind of high-tech network driven headless server thingy, this is completely without purpose for any normal windows user. For example, the Microsoft Singularity OS project is exactly at this point of development. It works. But you can't do anything on it.

try disabling that and it will listen on normal ethernet instead.

1) yes, I do have the latest drivers & stuff 2) I just run TCPDUMP and it outputs what happens on my network connection. You might have removed something that prevents it to do that job. You don't have to do something to make it work, it just does. I presume you do have network activity...

no idea whatsoever about what is causing it. Unless you use the DHCPv6 Server in Windows Server 2008, v6 functionality for normal TCP/IP operations is what you see in Vista as "Limited". If you have one on your network, you should remove TCP/IPv4 entirely and rely only on v6.

if you want to test RAID, use Software RAID, it works with any kind of disks and without any BIOS support. I use dynamic disks since 2003 and I'm very happy with them.

At this point, my intuition would say that there's an undocumented bug in the network stack running on NT 5.x kernel, that gets enabled somewhere along the operations nLite performs. There are too many coincidences for it to be hardware-related. On TCP/IPv6 this does not happen.

I use TCPDUMP.EXE, get it from my site Watch carefully this picture: Notice the 9 incoming arp who-has packets that got received almost instantaneously. As this is only a minor problem on my Intel 10/100/1000 Pro on Windows 2003 CCS, because it is designed to handle much more traffic. But i'd say on a standard Realtek 100 Mbps LAN that could cause a lot of stress for Windows XP. I have no ingoing/outgoing traffic to those IPs. My svchost just keeps informing me of their existence in the same area (most are neighbors using the same ISP) for no apparent reason. The network is specifically configured so that none of those computers is discoverable, but, as you can see... my windows is discovering them. At a first glance, I'd say the network equipment from my ISP gateway is erroneously configured. But, the interesting point is that on the underlying VMware ESX Server 3 they do not occur. For some strange reason, the nLited Windows 2003 CCS gets these sent through the infrastructure's simulated network address translation. Neither does this happen on TCP/IPv6. There is no reason for those IPs to constantly poll me with their existance through ARP. But it seems it does. So, the logical explanation would be that one of the svchost processes is causing them. And it is bugging me for some time (psychologically), because I can't find any apparent reason for the TCP/IPv4 stack to behave this way other than svchost gone haywire.

the idea goes like this: at some point in the future, we will probably be able to strip the NT 5.x / 6.0 kernel clean and operate it in Recovery Console, even without the GUI or any drivers (meaning ~15 Mb of memory being used). I would like to point out that, unless you are building yourself some kind of high-tech network driven headless server thingy, this is completely without purpose for any normal windows user. For example, the Microsoft Singularity OS project is exactly at this point of development. It works. But you can't do anything on it.

same problem