FREE THOUGHT · FREE SOFTWARE · FREE WORLD

Easy boot.ini Hacks for Windows SysOps

@ECHO OFF && setlocal && mode CON: COLS=180 LINES=30 && color 9F
prompt [%USERNAME%@%COMPUTERNAME%]$s$c$d$f$s[$p$m]$_$$$s

set BF=%SYSTEMDRIVE%boot.ini
set BF_BACK=%BF%.bak
set BF_BACK_RAND=%BF%-%RANDOM%.bak

attrib -H -R -S -A "%BF%"
if exist "%BF_BACK%" attrib -H -R -S -A "%BF_BACK%"
if exist "%BF_BACK%" ( move %BF_BACK% %BF_BACK_RAND% && attrib +H +R +A "%BF_BACK_RAND%" )
type "%BF%" >> "%BF_BACK%"

start /b /wait notepad "%BF%"

attrib +H +R +A "%BF%"
attrib +H +R +A "%BF_BACK%"
attrib +H +R +A "%BF_BACK_RAND%"

endlocal
@ECHO OFF && setlocal && mode CON: COLS=180 LINES=30 && color 9F
prompt [%USERNAME%@%COMPUTERNAME%]$s$c$d$f$s[$p$m]$_$$$s

cd /d "C:XP_PRO_SP3i386"
start /b /wait winnt32.exe /cmdcons

reg add "HKLMSOFTWAREMicrosoftWindows NTCurrentVersionSetupRecoveryConsole" /v "SecurityLevel" /t REG_DWORD /d 00000001 /f
reg add "HKLMSOFTWAREMicrosoftWindows NTCurrentVersionSetupRecoveryConsole" /v "SetCommand" /t REG_DWORD /d 00000001 /f

echo AllowWildCards = TRUE
echo AllowAllPaths = TRUE
echo AllowRemovableMedia = TRUE
echo NoCopyPrompt = TRUE

gpupdate

endlocal

Here's my current unmodified boot.ini 02-29-2010

[boot loader] timeout=10 default=multi(0)disk(0)rdisk(0)partition(1)WINDOWS [operating systems] multi(0)disk(0)rdisk(0)partition(1)WINDOWS="XP Pro SP3" /fastdetect /numprocs=2 multi(0)disk(0)rdisk(0)partition(1)WINDOWS="XP Pro SP3 - 3GB" /fastdetect /numprocs=2 /3GB multi(0)disk(0)rdisk(0)partition(1)WINDOWS="XP Pro SP3 - NOGUIBOOT" /fastdetect /numprocs=2 /noguiboot multi(0)disk(0)rdisk(0)partition(1)WINDOWS="XP Pro SP3 - Last Known Good" /sos /fastdetect /lastknowngood multi(0)disk(0)rdisk(0)partition(1)WINDOWS="XP Pro SP3 - Safe Minimal" /sos /fastdetect /safeboot:minimal multi(0)disk(0)rdisk(0)partition(1)WINDOWS="XP Pro SP3 - Safe Networking" /sos /fastdetect /safeboot:network multi(0)disk(0)rdisk(0)partition(1)WINDOWS="XP Pro SP3 - Safe Command Shell" /sos /fastdetect /safeboot:minimal(alternateshell) multi(0)disk(0)rdisk(0)partition(1)WINDOWS="XP Pro SP3 - Debug on 1394 CH44" /fastdetect /debug /debugport=1394 /channel=44 multi(0)disk(0)rdisk(0)partition(1)WINDOWS="XP Pro SP3 - Bootlog" /bootlog C:="MS-DOS" C:CMDCONSBOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

Recovery console: Allow automatic administrative logon This security setting determines if the password for the Administrator account must be given before access to the system is granted. If this option is enabled, the Recovery Console does not require you to provide a password, and it automatically logs on to the system. Default: Disabled.

After you start one of these security tools (as applicable to your computer's environment), look under the Local Policies, Security Options heading and locate the following two security policies pertaining to Recovery Console.

  • Recovery Console: Allow Automatic Administrative Logon.
  • Recovery Console: Allow floppy copy and access to all drives and all folders.

The first policy allows you to start Recovery Console without prompting for the administrative password stored in the local computer's account database. The second policy enables the set command while you are using Recovery Console. This is the policy you want to enable, and allows you to change any of the four environment variables to TRUE during a Recovery Console session.

After you enable the security policy, it must be applied (possibly across the domain) before becoming the effective policy on the local computer. This is necessary before the set command is truly enabled and available for use during a Recovery Console session.

You can run the following command to force a refresh of the local computer's policy after performing the policy change listed above:

secedit /refreshpolicy machine_policy

After the local policy is refreshed and the enabled Recovery Console security policy is in effect, you should be able to start Recovery Console and use the set command to enable any of the four environment options.

Recovery console: Allow floppy copy and access to all drives and all folders Enabling this security option makes the Recovery Console SET command available, which allows you to set the following Recovery Console environment variables: AllowWildCards: Enable wildcard support for some commands (such as the DEL command). AllowAllPaths: Allow access to all files and folders on the computer. AllowRemovableMedia: Allow files to be copied to removable media, such as a floppy disk. NoCopyPrompt: Do not prompt when overwriting an existing file. Default: Disabled.

Winnt32 Performs an installation of or upgrade to Windows XP. You can run winnt32 at the command prompt on a computer running Windows 95, Windows 98, Windows Me, Windows NT, Windows 2000, or Windows XP. Syntax winnt32 [/checkupgradeonly] [/cmd:command_line] [/cmdcons] [/copydir:i386folder_name] [/copysource:folder_name] [/debug[level]:[filename]] [/dudisable] [/duprepare:pathname] [/dushare:pathname] [/m:folder_name] [/makelocalsource] [/noreboot] [/s:sourcepath] [/syspart:drive_letter] [/tempdrive:drive_letter] [/udf:id [,UDB_file]] [/unattend[num]:[answer_file]] Parameters /checkupgradeonly Checks your computer for upgrade compatibility with Windows XP. If you use this option with /unattend, no user input is required. Otherwise, the results are displayed on the screen, and you can save them under the filename you specify. The default filename is Upgrade.txt in the systemroot folder. /cmd:command_line Instructs Setup to carry out a specific command before the final phase of Setup. This would occur after your computer has restarted and after Setup has collected the necessary configuration information, but before Setup is complete. /cmdcons Installs the Recovery Console as a startup option on a functioning computer. The Recovery Console is a command-line interface from which you can perform tasks such as starting and stopping services and accessing the local drive (including drives formatted with NTFS). You can only use the /cmdcons option after normal Setup is finished. /copydir:i386folder_name Creates an additional folder within the folder in which the Windows XP files are installed. Folder_name refers to a folder that you have created to hold modifications just for your site. For example, you could create a folder called Private_drivers within the i386 source folder for your installation, and place driver files in the folder. Then you could type /copydir:i386Private_drivers to have Setup copy that folder to your newly installed computer, making the new folder location systemrootPrivate_drivers. You can use /copydir to create as many additional folders as you want. /copysource:folder_name Creates a temporary additional folder within the folder in which the Windows XP files are installed. Folder_name refers to a folder that you have created to hold modifications just for your site. For example, you could create a folder called Private_drivers within the source folder for your installation, and place driver files in the folder. Then you could type /copysource:Private_drivers to have Setup copy that folder to your newly installed computer and use its files during Setup, making the temporary folder location systemrootPrivate_drivers. You can use /copysource to create as many additional folders as you want. Unlike the folders /copydir creates, /copysource folders are deleted after Setup completes. /debug[level]:[filename] Creates a debug log at the level specified, for example, /debug4:Debug.log. The default log file is C:systemrootWinnt32.log, and the default debug level is 2. The log levels are as follows: 0 represents severe errors, 1 represents errors, 2 represents warnings, 3 represents information, and 4 represents detailed information for debugging. Each level includes the levels below it. /dudisable Prevents Dynamic Update from running. Without Dynamic Update, Setup runs only with the original Setup files. This option will disable Dynamic Update even if you use an answer file and specify Dynamic Update options in that file. /duprepare:pathname Carries out preparations on an installation share so that it can be used with Dynamic Update files that you downloaded from the Windows Update Web site. This share can then be used for installing Windows XP for multiple clients. /dushare:pathname Specifies a share on which you previously downloaded Dynamic Update files (updated files for use with Setup) from the Windows Update Web site, and on which you previously ran /duprepare:pathname. When run on a client, specifies that the client installation will make use of the updated files on the share specified in pathname. /m:folder_name Specifies that Setup copies replacement files from an alternate location. Instructs Setup to look in the alternate location first, and if files are present, to use them instead of the files from the default location. /makelocalsource Instructs Setup to copy all installation source files to your local hard disk. Use /makelocalsource when installing from a CD to provide installation files when the CD is not available later in the installation. /noreboot Instructs Setup to not restart the computer after the file copy phase of Setup is completed so that you can execute another command. /s:sourcepath Specifies the source location of the Windows XP files. To simultaneously copy files from multiple servers, type the /s:sourcepath option multiple times (up to a maximum of eight). If you type the option multiple times, the first server specified must be available, or Setup will fail. /syspart:drive_letter Specifies that you can copy Setup startup files to a hard disk, mark the disk as active, and then install the disk into another computer. When you start that computer, it automatically starts with the next phase of Setup. You must always use the /tempdrive parameter with the /syspart parameter. You can start Winnt32 with the /syspart option on a computer running Windows NT 4.0, Windows 2000, or Windows XP. The computer cannot be running Windows 95, Windows 98, or Windows Me. /tempdrive:drive_letter Directs Setup to place temporary files on the specified partition. For a new installation, Windows XP will also be installed on the specified partition. For an upgrade, the /tempdrive option affects the placement of temporary files only; the operating system will be upgraded in the partition from which you run winnt32. /udf:id [,UDB_file] Indicates an identifier (id) that Setup uses to specify how a Uniqueness Database (UDB) file modifies an answer file (see the /unattend entry). The UDB overrides values in the answer file, and the identifier determines which values in the UDB file are used. For example, /udf:RAS_user,Our_company.udb overrides settings specified for the RAS_user identifier in the Our_company.udb file. If no UDB_file is specified, Setup prompts the user to insert a disk that contains the $Unique$.udb file. /unattend Upgrades your previous version of Windows 98, Windows Me, Windows NT 4.0, or Windows 2000 in unattended Setup mode. All user settings are taken from the previous installation, so no user intervention is required during Setup. /unattend[num]:[answer_file] Performs a fresh installation in unattended Setup mode. The specified answer_file provides Setup with your custom specifications. Num is the number of seconds between the time that Setup finishes copying the files and when it restarts your computer. You can use num on any computer running Windows 98, Windows Me, Windows NT, Windows 2000, or Windows XP. Using the /unattend command-line option to automate Setup affirms that you have read and accepted the Microsoft License Agreement for Windows XP. Before using this command-line option to install Windows XP on behalf of an organization other than your own, you must confirm that the end user (whether an individual, or a single entity) has received, read, and accepted the terms of the Microsoft License Agreement for Windows XP. OEMs may not specify this key on machines being sold to end users.

Windows boot.ini

 

 

Comments