Friday, May 07, 2010

How to Enable Remote Control in WinPE 2.0 (SCCM OSD)

Note: It seems this post is starting to become quite popular. I'm going to re-write this and include some pictures to make it easier to setup. 


I recently spent some time figuring out how to enable remote control in WinPE 2.0


What you need:
- WinPE2.0
- TightVNC beta client (2.x)
- Access to your Boot.wim files and ImageX.
- Regedit access in your boot.wim.
- VBscript knowledge.


Basically what we are going to do is write a script that:
- Disables the inbuilt firewall included with WinPE 2.0
- Imports a few registry entries for TightVNC
- Installs TightVNC as a service and then starts it.


Then we'll edit our boot.wim to execute our start up script before the Task Sequence prompt is is show so the service is installed,enabled and waiting for remote control.


1. Source the TightVNC files: You need the latest Beta software as the current standard software will not work in WinPE 2.0 because of vista's new security of  launching all services in a different system account to normal (system0/1)


Extract the Tight VNC files and then you need to grab the TVNserver.exe and Screenhooks.dll.  (also under the GPU you need to copy the license files I believe.)


Copy these files to a temp directory to allow us to set up the application and test it.


2. Next  you need to create a vbs script  like the following;


=========================================
'Installer Script for TightVNC Service for WINPE
'Version: 1.0
'Created: 29/04/2010
'Created By: JoeJoeinc.com


'Disable firewall,Import VNc settings,Install the service,Start the service.


'Define WshShell
Set WshShell = CreateObject("Wscript.Shell")

'Disable WINPE Firewall
WshShell.Run("wpeutil disablefirewall"),0,True
'Import VNCSET.REG
WshShell.Run("regedit /S vncset.reg"),0,True
'Install the VNC service
WshShell.Run("tvnserver.exe -install -silent "),0,True
'Start the VNC service
WshShell.Run("tvnserver.exe -start "),0,True
======================================


Save it as install.vbs


Next create a registry file like the following..


Windows Registry Editor Version 5.00


==============================================
[HKEY_LOCAL_MACHINE\SOFTWARE\TightVNC\Server]
"ExtraPorts"=""
"QueryTimeout"=dword:0000001e
"QueryAcceptOnTimeout"=dword:00000000
"LocalInputPriorityTimeout"=dword:00000003
"LocalInputPriority"=dword:00000000
"BlockRemoteInput"=dword:00000000
"BlockLocalInput"=dword:00000000
"IpAccessControl"=""
"RfbPort"=dword:0000170c
"HttpPort"=dword:000016a8
"DisconnectAction"=dword:00000000
"AcceptRfbConnections"=dword:00000001
"UseVncAuthentication"=dword:00000000
"UseControlAuthentication"=dword:00000000
"LoopbackOnly"=dword:00000000
"AcceptHttpConnections"=dword:00000000
"LogLevel"=dword:00000000
"EnableFileTransfers"=dword:00000001
"BlankScreen"=dword:00000000
"RemoveWallpaper"=dword:00000001
"EnableUrlParams"=dword:00000001
"AlwaysShared"=dword:00000000
"NeverShared"=dword:00000000
"DisconnectClients"=dword:00000001
"PollingInterval"=dword:000003e8
"DisableTrayIcon"=dword:00000000
"AllowLoopback"=dword:00000000
"VideoRecognitionInterval"=dword:00000bb8
"GrabTransparentWindows"=dword:00000001
"SaveLogToAllUsersPath"=dword:00000000
"RunControlInterface"=dword:00000001
"VideoClasses"=""
=========================================
Save it as VNCset.reg

Now we need to crack open your boot.wim using DISM.exe for this (Search technet if you need to know how to use it) Then we are going to the startnet.cmd file to make it execute Install.vbs before the the task sequence prompt..  How to do this is already described well enough here http://technet.microsoft.com/en-us/library/cc766521(WS.10).aspx

Once you've set all this up boot up into youe WinPE and make sure the startnet.cmd files have run. 


you should then be able to use the TightVNC client to remotely connect to a machine running a Tasksequence through WinPE.. There are a few small problems though.. When booting into WinPE the Workstation (Computer name) is changed to something random..

A few solutions to the random computer name issue:
- Use BGINFO to tattoo the background with the temp computer name.
- Add a step that grabs the Pc name and e-mails it to an admin mailbox. (you can't use CDO for this you have to use a simple SMTP sender which  I may cover in a new post).

As per usual... if you find this guide handy please leave me a comment so I know it worked for you.

2 comments :

  1. What is the syntax for starting a vbs file through WinPE? Do you have a screenshot of your Startnet.cmd file by chance?

    ReplyDelete
  2. you should be able to call VBscripts directly by calling up name.vbs some people recommend you use "Cscript Name.vbs" I've found so far you can use either... If you can't run a script you may be missing a component from your winpe build.

    More info about winpe 2.0
    http://technet.microsoft.com/en-us/library/cc507857.aspx

    ReplyDelete