Mark Minasi's Tech Forum
Register Calendar Latest Topics Chat
 
 
 


Reply
  Author   Comment   Page 1 of 2      1   2   Next
tagert-galt

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 11
Reply with quote  #1 
I've been looking into this for quite some time, but until now have not found any good solutions. Now there are quite a few!

I manage a small library with 4 public use PCs. I was almost ready to [Ch]uck Windows and just install Linux.

I have seen wioski and similar methods from Microsoft, but your ppt slides provide more detail and give me the info I would need to customize the solution to my requirements.

For example, I want to provide library Patrons the choice of 3 operating systems:
1) Windows 7
2) Windows 10
3) Linux Mint

I can manage Linux Mint so it behaves itself (not allowing access to Windows drives from the Patron [guest] account) and thus will not require any special "virtualization" acrobatics.

I can use Group Policy and/or security tab settings to restrict access to drives under Windows (for example so Windows 10 can't access Windows 7 or vise versa, or the physical hard drive)

Since I have a way to boot Linux from bootmgr I just need to modify PrepNewPC to make sure an entry and logic to process it is present for each OS.  I have only just glanced at some of the scripts, but they don't look too complicated so this seems doable.

I also wonder if the Enterprise / Ultimate restriction is implemented only in the bootmgr code or if the OS also is involved. Seems like if one used the bootmgr from Ultimate or Enterprise install media it may be able to accomplish the booting any OS from Vista onward from VHD, but perhaps not.

__________________
Find a way to surround yourself with those you aspire to be like. Avoid those who are contrary to your own moral code. Embrace Love, reject Fear and always stay grounded in empirical reality.
0
donoli

Senior Member
Registered:
Posts: 459
Reply with quote  #2 
That's quite progressive of you to offer Mint as a choice.  However, I don't think that you'll have many takers.  You won't have many takers for Vista either. My guess is that XP would be the favorite.
0
tagert-galt

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 11
Reply with quote  #3 
There will definitely be takers, once they see how quickly Mint boots and performs compared with waiting for Win 7 or even worse Windows 10, not counting any delays introduced by the "steady state restore" process. Unfortunately the free products won't work well b/c they don't support restore on logout.

Most patrons browse and print, which they can easily do on Mint in Chrome or Firefox browsers with no difference in UI (of the browser).

Windows 10 may be appealing to those who use a cloud account, but I'm not sure how that would work. The login screen only shows the local accounts I've created, but I don't see an option to login with a Microsoft Outlook or "cloud account".

__________________
Find a way to surround yourself with those you aspire to be like. Avoid those who are contrary to your own moral code. Embrace Love, reject Fear and always stay grounded in empirical reality.
0
donoli

Senior Member
Registered:
Posts: 459
Reply with quote  #4 
There may not be a difference with Mint for browsing & printing but in libraries, computers are already running & the user doesn't have to boot & choose an OS. If they do have to boot, I doubt they would know how to choose an OS. I think that you are too far ahead, of the average user.  With only 4 PCs in your library, it sounds as if you are in a rural area.  If you were in a larger town or city, your plan might have better success.
0
tagert-galt

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 11
Reply with quote  #5 
There will always be people who aren't explorers, take the familiar path and generally don't want to deal with anything different or unusual outside of their RoUTine.

I'm not offering alternative operating systems for those people, I'm offering them for those that want to learn or at least see what other operating systems have to offer, people who are curious and may have a little time to play, like kids for example.

The 2 primary reasons people don't grow or are opposed to learning are: 1) lack of opportunity or 2) lack of ambition or desire. I am simply eliminating the 1st obstacle. Surprisingly there are far more people using Linux out here in rural stickland than you might think. In a county of only 10K and a town of only 300, I have serviced about 10 people that use Linux and most of those are not very computer literate.

Of course there will need to be some signage and minimal information provided on how to choose the operating system, but that is trivial. The default boot item covers those who just want the same OS as we've always provided.

The machines are turned off at the end of every day but they are on and already booted to the default OS (Windows 7) when the first patrons arrive. All they need to do to select a different operating system is reboot the machine and select the OS they want to use from the boot menu. Most will never bother. Some may want to try Windows 10, seeing as it is the current Microsoft platform, for example people that might be thinking of buying a new computer.

__________________
Find a way to surround yourself with those you aspire to be like. Avoid those who are contrary to your own moral code. Embrace Love, reject Fear and always stay grounded in empirical reality.
0
donoli

Senior Member
Registered:
Posts: 459
Reply with quote  #6 
It's very nice of you to offer alternatives. Most people will never take the opportunity which is fine. I don't know how Linux became as popular as it is since FreeBSD (Unix) is far better & was around long before. I was lucky to have met two guys in the late 90s who ran an ISP.  They taught me a lot of Unix until the company grew & they didn't have anymore time.

0
Mark

Hacked Mark's Facebook Account
Registered:
Posts: 261
Reply with quote  #7 
Hi T-G:

The big thing about SS is that its central "trick" is that 
  • Certain Microsoft OSes can be booted from an on-disk VHD
  • VHDs can have "differencing" VHDs
  • Deleting a "differencing" VHD essentially un-does everything that the user has done since you created the differencing VHD (or sometimes called "child" VHD).
  • Thus, you'd need a Linux that has been fiddled around to be able to physically boot from VHD.  A big of searching shows that some folks have done this but I don't know how hard it is.
Now, IF a Linux distro could boot from VHD, then the base tech should run the same -- wipe the child VHD, create a new empty child VHD, and you're in business.
So.... you'd have to modify startnet.cmd to recognize and keep track of a separate VHD/child VHD pair for each OS that you want to boot.

Does that make sense?  (And before you ask, I'm sorry, but I'm really underwater trying to create a Server class so I wouldn't have time to do it myself, sorry.)

__________________
May I ask that everyone please populate the first name and last name in your user account profile.  Thanks!
0
tagert-galt

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 11
Reply with quote  #8 
I don't need Linux loaded from a vhd, its security is sufficient to sandbox a user's account to prevent that user from clobbering the disk. The lightdm display manager can manage a guest account so that every guest session starts from a clean, consistent template free from any history.

I appreciate your explanation of the differencing. If it works that way then why bother loading PE just to delete a file? There is very little to do at boot time other than ask a couple of questions to apply the differences or discard them to revert to the baseline. Applying the differences will update the baseline.

wioski is very similar to ss but it avoids loading PE.

However my issue now is with Micro$oft (nothing new about that). I built a custom Windows installation (wim file size = 10GB, C: drive is 26GB used out of 100GB) on a VirtualBox VM and used sysprep to generalize it for use with steady state or wioski. I can apply that wim manually and it functions properly. Unfortunately Windows setup doesn't like something about it and dies with error 0x80070026.

Windows is just a pain. I have to disable a Windows Media Networking service so sysprep won't crap out. If the wim can be applied and run OK why does setup fail to load it?

__________________
Find a way to surround yourself with those you aspire to be like. Avoid those who are contrary to your own moral code. Embrace Love, reject Fear and always stay grounded in empirical reality.
0
donoli

Senior Member
Registered:
Posts: 459
Reply with quote  #9 
http://repairerrors.net/0x80070026.html

There is a manual fix & a tool to fix that error.  It's up to you if you trust it or not.
0
tagert-galt

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 11
Reply with quote  #10 
If you dig deeper into error 0x80070026 you'll discover the root cause is a memory violation, such as when buffers are overrun. It's a common exploit which modern software guards against pretty well.

Unfortunately Microsoft doesn't provide the context info to let users know what the program was trying to do when the error occurred.  It could be due to many things, from improperly written programs or bugs in them to hardware failures or corrupted files on the disk.

The error occurs in the "setup.exe" program that does TONs of stuff in the process of un-generalizing a system to ready it for first use. Specifically what setup is doing at the time the error occurs would be useful information but it's not provided.

__________________
Find a way to surround yourself with those you aspire to be like. Avoid those who are contrary to your own moral code. Embrace Love, reject Fear and always stay grounded in empirical reality.
0
Mark

Hacked Mark's Facebook Account
Registered:
Posts: 261
Reply with quote  #11 
Yup, that is a very old and annoying bug.

Honestly, Tagert, as far as I could see I needed WinPE.  Now, Sami could easily be smarter than me. [smile]

And again the only reason I said to boot Linux from VHD was that's the only way I could make SS work.

__________________
May I ask that everyone please populate the first name and last name in your user account profile.  Thanks!
0
tagert-galt

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 11
Reply with quote  #12 
It wasn't very difficult at all to accommodate Linux and SS in a dual boot scenario, where linux manages it's own sandbox and insures its guest account can't access things it shouldn't, including accessing Windows partitions / files. It was a matter of altering the prepnewpc code to partition the disk and set aside 2 partitions for Linux (for swap & the OS filesystem). I installed Linux by booting it's installer from removable media and directing its installer to use the partition space set aside by diskpart. I changed the default grub 2 boot entry after Linux was installed to chainload to Windows bootmgr.

I decided against a triple boot scenario because I found out the target systems only had 160GB drives rather than the 250GB drives I thought they had, which is not enough for Win7 == 40GB, Win10 == 50GB and Linux == 16GB. However, a triple boot scenario could be made to work in 1 of 2 ways: 1) a single "supervisor" manages the set of image / snapshot VHD files depending on which OS is to run, as you described, or 2) each OS has it's own bootmgr code. The "Physical Drive" space can be shared, as it is only the container for the vhd files. The bootmgr for its own OS is only concerned about it's own vhd tracking and boot management. The only consideration is reserving the space in the initial disk partitioning & setup.

Although I managed to get SS to basically work, I don't fully understand how you avoid an endless reboot cycle OR rebooting to a stale (i.e. not rolled back) OS.

I introduced a bug in the rollback.cmd bcd writing code such that it couldn't add the boot entry for Windows 7. The default boot item (actually the only boot item) was thus WinPE, which ran, saw both image.vhd AND snapshot.vhd present and no noauto.txt files, so it invoked rollback automatically, which recreated the snapshot.vhd file (but then failed to add a Windows 7 boot entry to boot the snapshot.vhd file instead of the WinPE boot entry). That bug caused an endless reboot cycle. When I fixed it WinPE would never be run because upon reboot snapshot.vhd is booted, which starts Windows 7 not WinPE.

For the sake of discussion let's assume these conditions:
1) System is currently running Windows 7

2) Windows 7 was booted by selecting Windows 7 from the bootmgr menu
    (which boots Windows using the snapshot.vhd as it's filesystem)

3) The default OS in bootmgr is therefore Windows 7 (rollback discarded the snapshot.vhd file and
    recreated it, reusing the Windows 7 boot menu entry if it existed and creating it if it didn't)

4) If Windows is now running, and the default boot entry is never changed, how and when will rollback
    be called to recreate the snapshot.vhd file so the next reboot of Windows 7 will be the "rolled
    back" version?

5) If the default bootmgr item is instead WinPE, how is Windows 7 (i.e. snapshot.vhd) ever started?

I thought the way SS was intended to work was each reboot resulted in running the baseline OS, and I just don't understand how you're able to do that unless you change the default bootmgr entry to toggle between booting WinPE and Windows 7.

I like that SS doesn't rely as much on setup.exe, which wioski does. Wioski utilizes several phases of the setup process (specialize, oobe, servicing) which do the diskpart and bcdedit magic, which I believe is how wioski eliminates WinPE.

__________________
Find a way to surround yourself with those you aspire to be like. Avoid those who are contrary to your own moral code. Embrace Love, reject Fear and always stay grounded in empirical reality.
0
Mark

Hacked Mark's Facebook Account
Registered:
Posts: 261
Reply with quote  #13 
Hi --

I'm very behind at the moment so I don't have time to check the code, but if I recall right you have it exactly.

My experience while building SS was that the whole BCD structure was a finicky thing and so my most reliable answer was, "when in doubt, rebuild it to my liking."  As you say, there are two OS entries -- "boot win 7" and "rollback," and two active partitions -- Win 7 and WinPE.  So if I recall correctly, it was something like

Normal OS entry:  "boot win 7" is default, and it boots snapshot.vhd.
Rollback OS entry:
  • manually initiated, almost never the default.  (Not sure on that detail.)
  • Boots WinPE.
  • Startnet.cmd runs.  If it finds the magic file on any drive, it just stops at a WinPE command prompt.  
  • Otherwise, If it finds a snapshot.vhd then it
  1. Deletes it.
  2. Creates a new blank one
  3. Sets "Win 7 boot" as the default.
  4. Reboots
That's not the whole story, as if it does NOT find a snapshot.vhd then it creates one and automatically reboots (making Win 7 the default, of course).

I hope that helps.  Basically, though, I found the whole "modify the bootmanager programmatically with batch files" to be a bit unreliable, which is why I figured out how to blow up BCD and bootmanager to recreate it from scratch.  (Also it was cool making BCD my bitch. [smile]  [wink]


__________________
May I ask that everyone please populate the first name and last name in your user account profile.  Thanks!
0
tagert-galt

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 11
Reply with quote  #14 
Hello again Mark,

I have completed my modifications to Steadier State to eliminate WinPE from the rollback - reboot cycle. I completely rewrote prepnewpc.cmd which is now PrepSSdisk.cmd, added a 7 page Word doc to explain what I've done and packaged it all up in a nice little zip archive.

I focused on 64 bit, so my mods don't cover the 32 bit case, but it wouldn't be difficult to add support for 32 bit installations back in, which would amount to making a few minor changes to buildpe.cmd to include the 32 bit binaries required.

I learned a lot from this project which took far longer to finish that I anticipated, most due to using Windows batch. As an IT professional with 30 years of experience I have of course used .cmd / .bat for many things, but nothing of this project's magnitude. I gotta tell you I will NEVER use standard Windows .cmd for anything of this magnitude again. Several times I thought about starting from scratch using WSH and JScript which I have tons of experience with. However, I wanted to preserve as much of your original work as possible and so I stuck with it.

Anyway, I have emailed you these changes, and I intend to publish them unless you object or wish to publish them yourself. I frequently give you credit and have included your Power Point presentation in the zip file. The cvt2vhd.cmd script was not changed at all, and the buildpe.cmd is only "slightly" changed. Never-the-less, in the same spirit of generosity that you demonstrated by contributing Steadier State to the world, I wanted to give you an opportunity to review these changes and decide if you want to publish them yourself or allow me to publish them, or, make changes to the documentation before I do (primarily for non-technical reasons). Here is a basic summary of the zip file's contents:

  • grub (folder)
  • Sysprep (folder)
  • TOOLS32 (folder)
  • TOOLS64 (folder)
  • buildpe.cmd
  • cvt2vhd.cmd
  • initSS.cmd
  • merge.cmd
  • newBcD.cmd
  • PrepSSdisk.cmd
  • Rebuilding Steady State.pptx (your original document, unchanged)
  • ss2ThomasFreedman.docx
  • startnet.cmd
  • winpe1.bmp
The grub folder contains a customized grub2 menu and the associated graphical theme I used for our public use library computers. The sysprep folder has the same contents in your original distribution and the TOOLS64 folder contains the 64 bit binaries required for SS plus a few others I thought would be useful to have in a WinPE environment like bootsect.exe and bcdedit.exe.

I have sent the zip file to help@minasi.com for your review. A good place to start is the first page of ss2ThomasFreedman.docx, which explains the complete background of what I call Steadier State 2. Ideally I hope you find the changes worth publishing yourself, but I can think of several reasons why you might not want to do that. It's entirely up to you sir.

Lastly I wish to thank you again for providing Steadier State when Micro$oft has chosen not to support such functionality, which is greatly needed in many applications.

I look forward to hearing your comments.
Thomas Freedman


__________________
Find a way to surround yourself with those you aspire to be like. Avoid those who are contrary to your own moral code. Embrace Love, reject Fear and always stay grounded in empirical reality.
0
Mark Minasi

Avatar / Picture

Humble Proprietor
Registered:
Posts: 167
Reply with quote  #15 
Thomas, it sounds awesome!

I laughed when you talked about that horrible batch language, and I hated it the whole time I was doing it, but it was the only way back when PowerShell didn't run on WinPE.  People asked how I did it and I remarked that it was "like attempting to build a mnemonic circuit with stone knives and bearskins."  [smile]

I will give it all a look when I'm out from under, but again thank you for contributing to all this.  I am amazed.  


0
Previous Topic | Next Topic
Print
Reply

Quick Navigation: