August 27, 2014

DaRT - Diagnostics and Recovery Toolkit

You made registry edit and system doesn't boot? You need to reset admin password? Your system crashed and you need to analyze it? Accidentally deleted file restore? Repair volume or MBR? You need to uninstall windows updates/hotfixes that prevents system boot? You have corrupted system files and need to repair it? You need to perform offline system malware and rootkits check?

Everything is possible with Diagnostics and Recovery Toolkit (DaRT) from Microsoft.
DaRT is a part of Microsoft Desktop Optimization Pack (MDOP) available for customers with Software Assurance. It helps with restoring and troubleshooting of Microsoft Windows operating systems.

More about MDOP and DaRT: http://www.microsoft.com/en-us/windows/enterprise/products-and-technologies/mdop/dart.aspx

Also I want to highlight that image created in DaRT can replace default Winre.win file of operating system. As result you will get recovery environment with DaRT tools. Another issue is that you need to share admin password with user. There is procedure that allows to avoid this. When user enters into recovery environment Remote Connection will be initiated bypassing admin password request for user.  

1. Mount wim image:
dism /mount-wim /wimfile:C:\{PATH to IMAGE}\winre.wim /index:1 /mountdir:C:\CreatedFoder
2. Go to C:\CreatedFoder\Windows\System32\winpeshl.ini and enter:

[LaunchApps]
"%windir%\system32\netstart.exe -network -remount"
"cmd /C start %windir%\system32\RemoteRecovery.exe -nomessage"
"%windir%\system32\WaitForConnection.exe"
"%SYSTEMDRIVE%\sources\recovery\recenv.exe"
3. Save file and run:
 

3. Save changes to the image:
dism /unmount-wim /mountdir:C:\CreatedFoder /commit

Next time when user enters in Recovery Environment by choosing "Repair Your Computer" in F8 menu Remote connection will show up.


Sometime it is useful to enable boot menu to appear for user:
bcdedit /set {bootmgr} displaybootmenu yes

BTW enabling/disabling and status of Recovery Environment:
reagentc /enable
reagentc /disable

reagentc /info

No comments:

Post a Comment