Issues relating to just about any facet of modern computing will pop up at a second's notice. Given how many possible combinations of software and hardware Windows users can cobble together, it's really a wonder that work gets done, with all the variables in play that could send a stable system off the rails.
However, Windows is not without its issues, as evidenced by the numerous updates, patches, and hot fixes that are constantly making repairs to the underlying code. It's inevitable that something will cause a problem sooner or later—which is why, for IT professionals, job security squarely relies on supporting the numerous hardware and software configurations to keep business productive.
Given this responsibility, IT needs the best tools to resolve issues quickly and efficiently, with as little downtime as possible. Hence, the USB drive we'll be creating provides access to not only Microsoft's Diagnostics and Recovery Toolset (DaRT) for online and offline troubleshooting of dozens of system-related issues, but also access to Windows installation media and updated driver packages to update programs, uninstall borked hot fixes, modify configurations via the command-line interface (CLI) or PowerShell (PS), remove BitLocker, reset passwords, and format and reinstall Windows if all else fails—and a whole lot more.
Before we jump into building this USB drive, there are a few requirements to adhere to and depending on the needs to your environment, several optional configurations to consider, which will determine how fully featured your drive will be.
- Microsoft Windows workstation with Windows 7 (or later) installed
- Microsoft Windows server with Windows Server 2008 (or later) installed
- Windows Deployment Services (WDS) installed and configured
- Microsoft Deployment Toolkit (MDT), Build 8443 installed and configured
- Microsoft Diagnostics and Recovery Toolset 32/64-bit for Windows 7 (or later) installed
- Microsoft DaRT 32/64-bit .CAB files copied to MDT deployment share
- USB flash drive with 8GB storage space (minimum)
- Administrative credentials
Optional, but highly recommended:
- Microsoft Windows installation media imported to MDT Operating Systems
- Driver software imported to MDT Out-of-Box Drivers store
- Packages (Microsoft .MSP updates) imported to MDT Packages
- Applications configured and imported to MDT Applications
- Additional files/folders that contain relevant configuration information, such as registry entries, VB scripts and batch files, or installers to be stored in a separate directory at the root of the USB drive
- USB flash drive with 32-128GB storage space (size depends on optionally included files)
SEE: Windows 10: Streamline your work with these power tips (TechRepublic PDF)
Creating the selection profile
Note: Double-check to ensure that the applications, operating systems, out-of-box drivers, packages, and task sequences are all set up to best manage your organization's needs. This is imperative, as the resulting image will be based on how accurate this data is.
Start by logging into the server with administrative credentials and launching MDT. As a rule of thumb (and for ease of management), I like to create selection profiles that will be used exclusively for managing this media. It is optional, but helps eliminate confusion if using only one deployment share. A secondary deployment share could be used to the same effect, but it creates more overhead.
To create a new selection profile, expand the Advanced Configuration node and right-click Select Profiles, choosing New Selection Profile from the context menu. Provide a name for the profile and enter any notes, if desired (Figure A).
Click Next, and you'll be prompted to select all the folders you want to include in your offline image. Depending on the space available on the USB flash drive, your selections may vary. Click Next when you've completed folder selection (Figure B).
The next page in the wizard provides a summary of the various folders selected for the profile. Take a moment to verify that everything you need is included, then click Next to perform the profile creation (Figure C).
Depending on the speed of the computer and amount of data to be processed, profile creation could take a few minutes or longer. Once the process is completed, the selection profile will be created successfully and the folders will be linked accordingly (Figure D).
SEE: Configuration management policy (Tech Pro Research)
Creating and configuring the offline media
With the selection profile ready, we can now focus on setting up the media. Right-click the Media node under Advanced Configuration and select New Media from the context menu. Click the Browse button to select the path where you'd like to have the media files saved, enter any necessary comments, and under the Selection Profile section, select your newly created profile from the dropdown menu (Figure E).
Click Next, and the summary details will be displayed. After you've confirmed that they are correct, click Next to proceed with the media creation process (Figure F).
The Progress stage will copy the selection profile-linked folders from MDT to the new media file stored offline. Depending on the total data size and the specs on the computer, the copy process could take a few minutes to a few hours to complete. During this time, MDT is inaccessible from the GUI. Upon successful completion, the Confirmation screen will appear and you can click Finish to close out the window or alternatively, click the View Script button to obtain a copy of the PowerShell script used to create this media. It can be used at a later time should you need to update the media (Figure G).
Your new media has now been created and updated to include all the required files to support your enterprise. But the job isn't quite done yet.
Double-click the new media in MDT to display the properties. From here, ensure that the Generate x86 Boot Image and Generate x64 Boot Image check boxes are selected under the Platforms Supported section. Also, select the Generate A Lite Touch Bootable ISO Image and enter a name for the ISO. These items are important, as they provide both 32- and 64-bit compatibility for your hardware and will create an ISO, which we'll use later on (Figure H).
Now, click on the Rules tab to customize the rule set used when accessing the files on the USB and dictate how the offline MDT you've just created will operate. This is identical to the rule set in MDT except that it will handle the files on your offline media should you choose to perform installations of the operating system, packages, or applications from the task sequences stored offline. This should be configured with respect to your company's needs (Figure I).
The last section to configure is the Windows PE tab. The Features and Drivers And Patches tabs control how Windows PE will work once you boot off the USB drive. The Features tab will allow the inclusion of packs that can be incorporated into Windows PE for added functionality, such as .NET Framework or PowerShell. (Figure J).
By copying the Toolsx86.cab file from the Microsoft DaRT installation root directory on the server to the Content | Deploy | Tools | x86 directory of the offline media folder created earlier, the DaRT tool's functionality will be added to Features, providing additional troubleshooting tools to your offline media (Figure K and Figure L).
Note: If creating a 32/64-bit compatible drive, be sure to copy the Toolsx64.cab file to the x64 folder to provide DaRT integration to both architectures. Also, any changes made to one architecture base should be made to the other as well for the most comprehensive support possible.
In the Drivers And Patches section, select your profile from the dropdown menu under Selection Profile and place a check next to each of the driver types you want to include in your offline media. Best practices call for at least the network drivers and mass storage drivers to be included in the profile. However, if storage space is abundant, I would recommend selecting the Include All Drivers From The Selection Profile radio button to ensure maximum compatibility across all devices in the enterprise. Click Apply when you are done selecting these settings (Figure M).
The final step in the creation and configuration of the offline media is to update the media itself. Right-click the media and select Update Media Content from the context menu. All new data and configurations made will be copied to the offline media. This may take some time to complete, but once it's done, you will have a fully offline media set created as an ISO (Figure N).
SEE: Ultimate Windows File Management Suite (TechRepublic Academy)
Copying the ISO to USB flash drive
With the newly created ISO saved to the root of the offline media's directory, we can now copy the file contents to the USB drive after setting it up to boot. Launch CMD and type diskpart. Then, type list disk to display all available disks connected to the computer. Make a note of the disk # that matches your USB drive's storage space and type select disk # to select your chosen disk.
Next, type clean to erase the drive, followed by create partition primary to create a new partition scheme on the drive. Now, type format fs=ntfs quick to quickly format the drive as NTFS, which is crucial to being able to boot the drive on modern Windows computers. Lastly, type active to make the partition active or assign boot flags to it, and assign letter=W (or any available drive letter) to assign a mounting point and drive letter to the drive (Figure O).
For this next step, we'll need to add boot code from a Windows installation media to the drive. To do so, locate the boot folder located at the root of any modern Windows installation media and from CMD, enter the following command with elevated privileges:
Path\to\windows\media\Boot\Bootsect.exe /nt60 USBDrive_Letter:
This will inject the boot code, completing the process of readying the USB Flash Drive (Figure P).
The final step is to extract and copy the files from the offline media ISO previously created to the root of the USB flash drive exactly as-is. Once the process is complete, the USB drive may be safely removed and used to boot troublesome computers for troubleshooting issues.
- How to create a Windows Diagnostics and Recovery Toolset image (TechRepublic)
- How to protect Microsoft's Diagnostics and Recovery Toolset (DaRT) from unauthorized access (TechRepublic)
- How to deploy applications with the Microsoft Deployment Toolkit (TechRepublic)
- How to deploy Windows using MDT and WDS (TechRepublic)
- Windows 10 networking and security tips (ZDNet)
Did we miss something? Did you notice a discrepancy or have an alternative to the above troubleshooting tools? Share your comments with fellow TechRepublic members.
Jesus Vigo is a Network Administrator by day and owner of Mac|Jesus, LLC, specializing in Mac and Windows integration and providing solutions to small- and medium-size businesses. He brings 19 years of experience and multiple certifications from several vendors, including Apple and CompTIA.