Friday, December 16, 2011

Troubleshooting Litetouch on USB

Here's a list of things that should be checked if problems are encountered building a USB key for Litetouch.

1) Copy over the proper files.  At a minimum, the Control, Scripts and Tools folders must be copied to the Deploy folder. The Deploy\Boot folder only requires the wim that is being booted from.  In my case, LiteTouchPE_x64.wim.

2) Make sure the bcd file is the way it needs to be.  Use a command like bcdedit /store e:\boot\bcd /enum to check.  This works for listing both LiteTouch and BartPE on the menu with a default to LiteTouch.

Windows Boot Manager
identifier              {bootmgr}
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {default}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30
displaybootmenu         Yes

Windows Boot Loader
identifier              {default}
device                  ramdisk=[boot]\Deploy\Boot\LiteTouchPE_x64.wim,{7619dcc8-fafe-11d9-b411-000476eba25f}
path                    \windows\system32\boot\winload.exe
description             Litetouch Boot [MEDIA002] (x64)
locale                  en-US
inherit                 {bootloadersettings}
osdevice                ramdisk=[boot]\Deploy\Boot\LiteTouchPE_x64.wim,{7619dcc8-fafe-11d9-b411-000476eba25f}
systemroot              \windows
detecthal               Yes
winpe                   Yes
ems                     Yes

Windows Legacy OS Loader
identifier              {ntldr}
device                  boot
path                    \setupldr.bin
description             BartPE

3) If changes are made to the deployment share that could affect boot (see earlier post) then the changes must be propogated to the USB key.  Usually,  LiteTouchPE_x64.wim should be refreshed as well as bootstrap.ini and customsettings.ini.

4) Also consider that missing drivers can cause strange errors.  A missing network driver may be obvious, but a missing disk driver may just cause an unable to find disk drive error.

Thursday, December 15, 2011

Not writing to SLShare

Figured out why my logs would not copy to the server, they didn't have permission.  I had to give Everyone or Authenticated Users Read/Write permission on the logs$ share on my linked deployment share server but did not have to on the primary server.

Friday, December 9, 2011

When to update deployment share?

The following is a good guide.

- New or modified mass storage and network drivers that need to be injected into the boot image.
- Changes to the boot image settings (e.g. adding fonts, changing the RAMdisk size)
- Changes to the bootstrap.ini file
- Changes to any of the files in an "extra" folder

Thursday, December 8, 2011

UAC and task scheduler

I am trying to do a simple task. Delete profiles using group policy.

1) Tried using Delete user profiles older than a specified number of days on system restart. Did not work.

2) Had a vbs script to cleanout profiles which worked wonderfully with my previous image. Imported it into group policy, no errors on running task and log showed no errors. The profiles were deleted (did not show up in the user profiles) but the folders were not.

Why?  UAC was interfering and did not return an error. Fixed it by checking off Run with highest privileges in the task, equivilent to using elevated command prompt.

Read the note regarding S4U in the link below.  Also need to grant batch access to the user.