Make your own free website on Tripod.com

Installation of the Recovery Console on Windows 2000 Server

Materials:
Working complete PC
Blank Diskette
Student Diskette, "New Boot A Ver 2.0+"
Student CD-ROM, "Room 6359"
Objectives:
The student will become familiar with:
The Windows NT family boot process,
Installation of the Recovery Concole,
Configuration of the Recovery Concole,
Alternate methods of launching the Recovery Console,
Commands available and usage of the Recovery Console,
Competency:
The student will learn how to install, configure and use the Windows 2000 recovery console. The student will also learn how to launch and use the recovery console from the Windows 2000 OEM installation media including how to create the Windows 2000 Setup diskettes which can also boot up and launch the Recovery Console.
Preparation

The Windows 2000 Command or Recovery Console offers the ability to boot the system to a command prompt. This command prompt interface is NOT a version of DOS at all. It is a unique standalone mini-OS that allows access to the hard drive in the event of a catastrophic failure to the installed operating system such that it crashes or "blue screens" during boot up.

To install the command console on an existing system the original Windows 2000 installation CD-ROM will be needed. Start up Windows 2000 (Professional or Server) normally and login. Insert the installation CD-ROM and begin the procedues outlined below.

Procedures
  1. Open the "Run" box by clicking Start > Run. Click the Browse button and browse to the CD-ROM's I386 folder. Single click on the file WINNT32.EXE and then click OK. In the text box type " /cmdcons" (no quotes!) behind the name of the file:



  2. Now click the Run window's OK button. This results in the display of this window explaining briefly what the Recovery console can do. Click Yes to begin the installation:



  3. This starts the Windows 2000 Installation Wizard but it will automatically proceed past the first screens because of the "/cmdcons" switch that was used to launch the program and it will proceed to install the command console:



  4. When the installation is complete this screen appears briefly explaining that in order to use the console the system must be rebooted and then the boot menu choice will appear and can be chosen. This window will NOT automatically reboot the system. It is understood that the recovery console is only for dire emergencies anyway. Click OK:



  5. Before restarting the system a change must be made to the Security Policy of the system so that the Recovery Console will be allowed to access a floppy diskette (or other removable media like a CD-ROM drive) and so that from the Recovery Console the drives can be written to. The default is that the Recovery Console will not allow access to removable media and that it will not write to local drives. First open Start > Programs > Administrative Tools > Local Security Policy:



  6. When the MMC snap-in opens click the [+] in front of Local Policies to open it and then click on Security Options. In the right-hand pane scroll down to "Recovery Console: Allow floppy..." and select it:



  7. Double click this policy and it will open a new window allowing the policy to be modified. Click the "Enabled" radio button and then click OK:



  8. There are two obstacles to this operation. 1) The Domain Controller's Domain Security Policy can override this setting (i.e. it will override any setting, not just this one), 2)The Policy must update in order to take effect. By manually forcing a policy update you can see if the Domain Security policy is in fact overriding this change. Open a DOS box and type in this command:

    C:\WINNT>secedit /refreshpolicy machine_policy
    Group policy propagation from the domain has been initiated on this computer. It may take a few minutes for the propogation to complete and the new policy to take effect. Please check Application Log for errors, if any.

    C:\WINNT>_

    Now open the same setting as above and see if the "Effective Policy" column entry has changed to "Enabled" as it has here:



    Check back in a few minutes if it has not updated. The default Domain policy for this is "Undefined" which means since this is the Domain controller (See Installation of Active Directory) and this policy has to be hand set at the domain level, it does not exist so the machine is being slow about it. In the real world, the Administrator of the Domain may have set it and then it will have to be checked and possibly removed.

  9. Post Reboot Procedures

  10. Restart the system properly by clicking Start > Shutdown > Restart. When the system reboots NTLDR will display a new choice in the boot menu. This means that the installation of the command console included an alteration to the BOOT.INI file. Select the Recovery Console:



    Please select the operating system to start:


        Microsoft Windows 2000 Advanced Server
        Microsoft Windows 2000 Recovery Console

    Use  and  to move the highlight to your choice.
    Press enter to choose.
    Seconds until highlighted choice will be started automatically: 21




    For troubleshooting and advanced startup options, Press F8

  11. This screen appears:

    Windows 2000 Recovery Console V5.0







    Press F6 is you need to install third party SCSI or RAID drivers...

    If you do not need to install the drivers (if you had to do this during the original installation process then do it now as well) wait until the message disappears and the Recovery Console will load:

    Windows 2000 Recovery Console V5.0


    ..........





  12. NEW! Special Addendum: Thanks to former student Boaz Pressman for the details! The Recovery Console normally requires the user to logon to the Windows installation if it finds a folder that it detects all or part of Windows 2000 within and it is capable of reading the Registry. However, and this is the discovery, if it does not detect a Registry or cannot read it on any locally attached disk and that is the one chosen for the "logon to" then the Command Console will not ask for a user name and password and proceed straight to the console prompt. Furthermore if security restriction was removed while in Windows (which of course requires Administrative rights while it is up and running) then all drives are accessible not just the one chosen.

    Because of the security policy change requirement it appears to be still somewhat secure as far as attempting to access a stolen drive, for example. But this fix does give the user the ability to prepare for disaster on a system such that even if passwords are forgotten the system is still accessible in entirety. In this example only one installation of Windows 2000 exists on the drive and it is numbered "1" At this prompt type the digit "1" then press [Enter]:

    Microsoft Windows 2000(TM) Recovery Console.

    The Recovery Console provides system repair and recovery functionality.

    Type EXIT to quit the Recovery Console and restart the computer.


    1: C:\WINNT

    Which Windows 2000 installation would you like to log onto
    (to Cancel press Enter)?


  13. Now the Recovery Console checks the registry to obtain information about the Administrator's account so that it can validate the logon which it now offers. Type in the Administrator's password and press [Enter]:

    Microsoft Windows 2000(TM) Recovery Console.

    The Recovery Console provides system repair and recovery functionality.

    Type EXIT to quit the Recovery Console and restart the computer.


    1: C:\WINNT

    Which Windows 2000 installation would you like to log onto
    (to Cancel press Enter)? 1
    Type the Administrator password:


  14. Now the Recovery Console checks the password with the information in the registry. if it is correct and can be validated (i.e. the Registry is not damaged) then the Recovery Console will offer the command prompt:

    Microsoft Windows 2000(TM) Recovery Console.

    The Recovery Console provides system repair and recovery functionality.

    Type EXIT to quit the Recovery Console and restart the computer.


    1: C:\WINNT

    Which Windows 2000 installation would you like to log onto
    (to Cancel press Enter)? 1
    Type the Administrator password: *****
    C:\WINNT>

    To enable the access to the floppy a "SET" command must be issued. These are case sensitive and it looks like this:

    Microsoft Windows 2000(TM) Recovery Console.

    The Recovery Console provides system repair and recovery functionality.

    Type EXIT to quit the Recovery Console and restart the computer.


    1: C:\WINNT

    Which Windows 2000 installation would you like to log onto
    (to Cancel press Enter)? 1
    Type the Administrator password: *****
    C:\WINNT>set AllowRemovableMedia = TRUE
    C:\WINNT>

    To enable write access to all local drives, this is the "set" command (note the spaces before and after the "=" are necessary):

    Microsoft Windows 2000(TM) Recovery Console.

    The Recovery Console provides system repair and recovery functionality.

    Type EXIT to quit the Recovery Console and restart the computer.


    1: C:\WINNT

    Which Windows 2000 installation would you like to log onto
    (to Cancel press Enter)? 1
    Type the Administrator password: *****
    C:\WINNT>set AllowRemovableMedia = TRUE
    C:\WINNT>set AllowAllPaths = TRUE
    C:\WINNT>

    To enable usage of wild cards in commands, this is the "set" command (note that the COPY command still does NOT allow wild cards ... quite a nuissance):

    Microsoft Windows 2000(TM) Recovery Console.

    The Recovery Console provides system repair and recovery functionality.

    Type EXIT to quit the Recovery Console and restart the computer.


    1: C:\WINNT

    Which Windows 2000 installation would you like to log onto
    (to Cancel press Enter)? 1
    Type the Administrator password: *****
    C:\WINNT>set AllowRemovableMedia = TRUE
    C:\WINNT>set AllowAllPaths = TRUE
    C:\WINNT>set AllowWildCards = TRUE
    C:\WINNT>

    The best thing to remember about this prompt is that it is only roughly DOS-like. You can type "help" (no quotes!) to get a listing of the available commands. Also remember that this console does not appear to be capable of running external executables (i.e. DOS programs) again because it is not a version of DOS, just a text only interface that allows access to the drive.

  15. In the event that the installed command console cannot launch because either the MBR, DBR, NTLDR, BOOT.INI, or the file system has been damaged there is still a way to attempt to launch the Recovery Console that has been installed on the HDD from a boot floppy. See the tutorial on how to create a Windows 2000 Boot Floppy, and once one has been created add the following line to the BOOT.INI on the floppy:

      C:\CMDCONS\BOOTSECT.DAT="Windows 2000 Recovery Console" /cmdcons 
    

    If the corruption is limited to the system's OS loader code, NTLDR or BOOT.INI this entry should be able to launch the Recovery Console already installed on the system's HDD.

  16. In the event that the Recovery Console has not already been installed on the system and needs to be launched and the CD-ROM media is not available, or the system will not boot to a CD-ROM then the command console can be launched from the Windows 2000 Setup diskettes also. (See Creating the Windows 2000 Setup Diskettes). Insert diskette #1 and boot the system to it. The setup program will begin automatically and prompt for the insertion of each subsequent diskette that it needs. It loads the same setup program as the CD-ROM meaning that it will reach the point where the repair choice and the "manually" choices can be made which launches the recovery console built into setup. This one obviously will not run with the floppy diskette support and it will treat C:\WINNT as the effective root of the session (cannot create new directories or copy files out of C:\WINNT).

  17. The Windows 2000 Recovery Console can be installed on a Windows NT 4.0 system. NT 4.0 did not include the Recovery Console but the WIndows 2000 Recovery Console is a standalone mini-OS that allows access to the NTFS partitions files and directories and is fully backwards compatible with Windows NT 4.0 and can be installed on systems using these operating systems. This was done in the lab on a Windows NT 4.0 Workstation with Service Pack 1 applied so it works on fairly old configurations. Perform the installation from the OEM Windows 2000 CD-ROM as described above on any system running Windows NT 4.0. To achieve the freedom to use the floppy drive and work outside of the C:\WINNT folder copy and paste the following into a file named cmdconpolicy.reg then double-click it to merge it into the registry:

    REGEDIT4
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole]
    "SetCommand"=dword:00000001
    "SecurityLevel"=dword:00000000
    

    To run the SET commands needed as the Recovery Console starts; copy and paste the following into notepad and save as sets.bat in C:\WINNT then when the command console reaches the prompt enter the command: batch sets.bat and the SET commands will be enabled for the session:

    set AllowWildCards = TRUE
    set AllowAllPaths = TRUE
    set AllowRemovableMedia = TRUE
    

    Be aware that upon installing the Windows 2000 Recovery Console on the Windows NT 4.0 system, NTLDR has been changed to the Windows 2000 version. When restarting to the native Windows NT 4.0 operating system the font on the kernel initialization blue screen is obviously different indicating that the Windows 2000 NTLDR did not set the ROM font for the text mode the same as the one set by the older Windows NT 4.0 NTLDR. It should be noted that this should not be a problem, the Windows 2000 NTLDR was designed to be fully backwards compatible and it is able to launch Windows NT 4.0.

  18. Windows XP/Server 2003 has its own Recovery Console that can be installed from the OEM CD-ROM using the same installation methods used above. Because these operating systems cannot be "forward compatible" (they cannot anticipate future changes to the operating system design and functionality) it is certainly NOT recommended to use the Windows 2000 Recovery Console on XP/2003 systems. Although their Recovery Consoles should work fine on Windows 2000 generation machines because they can be designed for backwards compatibility.

  19. The recovery console can also be launched across the wire, the system can boot to it if it has a NIC with a PXE compliant boot ROM or that can use the PXE boot ROM emulator that the Server can create. And the server must have RIS installed and configured. In the lab the PXE boot ROM emulating boot floppy also described in the RIS module will be used.

  20. Once the RIS has been fully installed and configured on the server, and Windows 2000 Professional has been installed on the client PC copy and paste the following to a file and name it cmdcon.sif:

    [data]
    floppyless = "1"
    msdosinitiated = "1"
    OriSrc = "\\%SERVERNAME%\RemInst\%INSTALLPATH%"
    OriTyp = "4"
    LocalSourceOnCD = 1
    [SetupData]
    OsLoadOptions = "/noguiboot /fastdetect"
    SetupSourceDevice ="\Device\LanmanRedirector\%SERVERNAME%\RemInst\%INSTALLPATH%"
    [UserData]
    FullName = "%USERFULLNAME%"
    OrgName = "%ORGNAME%"
    ComputerName = %MACHINENAME%
    [RemoteInstall]
    Repartition = no
    [OSChooser]
    Description ="Microsoft Windows 2000 Professional - Recovery Console"
    Help ="Allows user to perform repair operations, without local media,
           of a Windows Professional installation." <=on the line above
    LaunchFile = "%INSTALLPATH%\%MACHINETYPE%\templates\startrom.com"
    ImageType =Flat
    Version="5.0" 
    

    (Obtained from Microsoft at KB222478)

    Copy this file to the E:\RemoteInstall\Setup\English\Images\win2000.pro\i386\templates folder on the RIS server setup in that module. Boot the client PC with the PXE bootROM emulating floppy diskette and press F12 when prompted. Press [Emter] at the welcome screen (delivered from the RIS server already), logon to the domain as Administrator, a second menu choice is provided entitled "Windows 2000 Professional - Recovery Console" select it and follow the prompts. When setup offers the menu choice choose [R] for Repair and then choose [C] for Recovery Console. The console will start and request a logon to the local C:\WINNT Administrator's account. After logging on the recovery console will be at the C:\WINNT prompt. It has been delivered across the network using the RIS server. NOTE: Microsoft warns that this will damage the installation of Windows 5.x on the local HDD and should only be used for extreme emergencies as a method of accessing and rescuing files.

Back to Top

Copyrightę2000-2004 Brian Robinson ALL RIGHTS RESERVED