แชร์ผ่าน


Preventing OEM builds from Accidentally Performing Mini-Setup without the Task Sequence

When you pre-load an OEM build on machines, they are usually set-up to perform Mini-setup as soon as they come up. Customers sometimes have difficulties ensuring that these machines boot to WinPE using boot media or PXE rather than simply performing Mini-setup using input from the user. Usually, if this happens, you have to re-sysprep the machine in order to run the task sequence correctly.

This is a little trick you can run at the end of the OEM pre-load task sequence or ask your vendor to perform in order to prevent the machine from accidentally booting to Mini-Setup. Please note, this trick uses the BCD store and thus only works on Windows Vista and Windows 7.

1. Ask your OEM to run the following command at the end of their build process.

bcdedit /set {default} path "This is an OEM Build. Please reboot using your boot media or network connection to continue."

2. Using your deploy task sequence, add the following command line action to your state restore phase.

bcdedit /set {default} path \Windows\System32\winload.exe

If your user accidentally tries to boot the machine, they will get the following message:

image

This post was contributed by Aly Shivji a consultant with Microsoft Services - U.S. East Region.

Disclaimer: The information on this site is provided "AS IS" with no warranties, confers no rights, and is not supported by the authors or Microsoft Corporation. Use of included script samples are subject to the terms specified in the Terms of Use .

Comments

  • Anonymous
    January 01, 2003
    ImageX does not capture the BCD store in order to ensure that the image can be deployed to any partition scenario. In fact, MDT uses windows setup to apply the image, not imagex, in order to ensure the BCD store is configured correctly. The best ways I have seen this done is through process. I understand your hestitation around vendors not having the skillset to run your fix. The best option is to provide your vendors with an automated process (could be a task sequence or maybe even just a batch file that runs imagex and then your fix). The simplest automation allows all your vendors to apply the same process and ensure that you achieve the standard you seek.
  • Aly Shivji
  • Anonymous
    January 17, 2010
    The comment has been removed
  • Anonymous
    August 19, 2015
    HI Ali,

    Thanks for this. While not strictly on this topic, do you have any guidelines on using bcdedit in a task sequence ?

    I work in a school and some children are smart. if the previous shutdown was not clean on the next startup windows offers three options. this is a back door entry to get at the machine and change local admin password.

    To stop this we have figured out a bcdedit script. We are unable to run this script as part of a task sequence for some reason and we have to run the script as an administrator. Any ideas ?

    Thanks in advance for any ideas in this connection.