Enhanced Write Filter, File-Based Write Filter, and Systems Management Server 2003 Interoperability on Windows XP Embedded Service Pack 2 Feature Pack 2007

  • Article

8/22/2007

Microsoft Corporation.

November 2006.

Summary

Learn how to successfully distribute Systems Management Server (SMS) software packages to Windows® XP Embedded Service Pack 2 Feature Pack 2007 systems running Enhanced Write Filter (EWF) or File-Based Writer Filter (FBWF).

Applies To

Windows XP Embedded Service Pack 2 Feature Pack 2007 systems running EWF or FBWF and subject to run-time image updates using SMS.

Introduction

Prerequisites

Configuration

Extending the Windows XP Embedded Run-Time Image

Sample Automation Scripts

Creating an SMS Package and Advertisement

Notes on Persisting the SMS AC States

Conclusion

Introduction

Many organizations use EWF and FBWF to protect their field-deployed Windows XP Embedded systems’ hard disk volumes and file systems. Many of these organizations also use SMS to manage their Windows XP Embedded systems.

Consider the implications of using SMS to distribute a software package (for example, an update or a hot fix) to Windows XP Embedded systems running EWF or FBWF. EWF and FBWF protect hard disk volumes and file systems by creating overlays to which all writes are redirected. These writes are lost after system restarts unless purposely committed. The challenge is how to disable EWF and FBWF, apply updates, and then re-enable EWF and FBWF.

This white paper provides a procedure for successfully distributing SMS software packages to Windows XP Embedded systems running EWF and FBWF. The procedure comprises the following parts:

  • Extending the Windows XP Embedded run-time image to support persistent registry keys and scripted system restart by adding Registry Filter, Misc. Command Line Tools, and Extra Registry Data for the Registry Filter
  • Writing automation scripts to:
    1. Disable EWF and FBWF
    2. Apply the update
    3. Re-enable EWF and FBWF
  • Posting the scripts and the SMS update to a share folder that is accessible by the SMS server and all affected Windows XP Embedded systems
  • Creating an SMS package for distribution that points to the first script in the share folder on the SMS server

After discussing prerequisites and configuration, we'll look at each of these parts in detail.

Prerequisites

This white paper assumes:

  • Reader familiarity both with Windows XP Embedded Service Pack 2 Feature Pack 2007 and with Windows Embedded Studio for Windows XP Embedded, particularly Target Designer.
  • Reader familiarity with SMS 2003, particularly the SMS Administrator Console.

Configuration

This white paper references the following configuration:

  • Windows XP Embedded systems with SMS Advanced Client (AC).
  • An SMS server named \\sms-server.
  • A share folder on the SMS server called \\sms-server\share-folder that is accessible by the SMS server and all the Windows XP Embedded systems.
  • The SMS server and the Windows XP Embedded systems are all authenticated on the same domain and are all able to communicate with one another.

Extending the Windows XP Embedded Run-Time Image

Use Target Designer to add the Registry Filter component, Misc. Command Line Tools component, and Extra Registry Data for the Registry Filter to the Windows XP Embedded run-time image.

Add Components

Add the following components to the run-time image:

  • Registry Filter
  • Misc. Command Line Tools

Add Extra Registry Data for Registry Filter: RunOnce

Use the following procedures to add ClassKey, FileNameForSaving, and RelativeKeyName Extra Registry Data for RegistryFilter: Runonce.

Add ClassKey

To add ClassKey

  1. Under <configuration_name>.slx, right-click on Extra Registry Data and select Add…. The Add an Extra Registry Entry to the Configuration dialog opens.
  2. Set Root to HKEY_LOCAL_MACHINE.
  3. Set Key name to SYSTEM\CurrentControlSet\Services\regfilter\Parameters\MonitoredKeys\2.
  4. Set Value name to ClassKey,
  5. Set Type to REG_SZ.
  6. Set Value to HKLM.
  7. Select OK. The Add an Extra Registry Entry to the Configuration dialog closes.

Add FileNameForSaving

To add FileNameForSaving

  1. Under <configuration_name>.slx, right-click on Extra Registry Data and select Add…. The Add an Extra Registry Entry to the Configuration dialog opens.
  2. Set Root to HKEY_LOCAL_MACHINE.
  3. Set Key name to SYSTEM\CurrentControlSet\Services\regfilter\Parameters\MonitoredKeys\2.
  4. Set Value name to FileNameForSaving.
  5. Set Type to REG_SZ.
  6. Set Value to runonce.txt.
  7. Select OK. The Add an Extra Registry Entry to the Configuration dialog closes.

Add RelativeKeyName

To add RelativeKeyName

  1. Under <configuration_name>.slx, right-click on Extra Registry Data and select Add…. The Add an Extra Registry Entry to the Configuration dialog opens.
  2. Set Root to HKEY_LOCAL_MACHINE.
  3. Set Key name to SYSTEM\CurrentControlSet\Services\regfilter\Parameters\MonitoredKeys\2.
  4. Set Value name to RelativeKeyName.
  5. Set Type to REG_SZ.
  6. Set Value to SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce.
  7. Select OK. The Add an Extra Registry Entry to the Configuration dialog closes.

Sample Automation Scripts

This section provides the following sample automation scripts:

  • pre-update.vbs
  • apply-update.vbs
  • post-update.vbs

The pre-update.vbs script:

  1. Disables EWF and FBWF.
  2. Sets apply-update.vbs to run after system restart.
  3. Restarts the system.

The apply-update.vbs script:

  1. Sets post-update.vbs to run after system restart.
  2. Applies the update.
  3. Restarts the system.

The post-update.vbs script:

  1. Enables EWF and FBWF.
  2. Restarts the system.

Place these three scripts in \\sms-server\share-folder, which is on the SMS server and accessible by the SMS server and all affected Windows XP Embedded systems.

Script Expectations

The scripts operate with the following expectations:

  • The update requires at most one system restart.
  • The update completes all its tasks, except for one system restart, within 60 seconds of its exit. This value may be tweaked.
  • The update completes all its tasks after the one system restart within 120 seconds of the restart. The value may be tweaked.

Please note that these sample scripts are samples only and are provided as general guidelines. Customize the scripts appropriately to fit your needs.

pre-update.vbs

' Create Shell object
Set WshShell = WScript.CreateObject("WScript.Shell")

' Disable EWF and FBWF
WshShell.Run "%WINDIR%\system32\ewfmgr.exe %systemdrive% -disable"
WshShell.Run "%WINDIR%\system32\fbwfmgr.exe /disable"

' Apply update after restart
WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\apply-update", "\\sms-server\share-folder\apply-update.vbs", "REG_SZ"

' Restart in 10 seconds
WshShell.Run "%WINDIR%\system32\shutdown -r -t 10"

apply-update.vbs

' Create Shell object
Set WshShell = WScript.CreateObject("WScript.Shell")

' Enable EWF and FBWF after restart
WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\post-update", "\\sms-server\share-folder\post-update.vbs", "REG_SZ"

' Apply update
WshShell.Run "\\sms-server\share-folder\update.exe", 1, True

' Restart in 60 seconds if update does not auto-restart
WshShell.Run "%WINDIR%\system32\shutdown -r -t 60"

post-update.vbs

' Create Shell object
Set WshShell = WScript.CreateObject("WScript.Shell")

' Enable EWF and FBWF
WshShell.Run "%WINDIR%\system32\ewfmgr.exe %systemdrive% -enable"
WshShell.Run "%WINDIR%\system32\fbwfmgr.exe /enable"

' Restart in 120 seconds
WshShell.Run "%WINDIR%\system32\shutdown -r -t 120"

Creating an SMS Package and Advertisement

Open SMS Administrator Console to create an SMS package, a distribution point, a new program for the package, and an advertisement for it, using the following procedures. In these procedures, replace <site code> with your SMS site code and replace <update name> with the name of your SMS update.

Creating a New Package

To create a new package

  1. Expand Site Database (<site code>– MS).
  2. Right-click Packages. Select New, then select Package. The Package Properties dialog opens.
  3. Select the General tab.
  4. Set Name to <update name>.
  5. Select the Data Source tab.
  6. Select This package contains source files.
  7. Select Set.
  8. Set the Network path (UNC name) to the Source directory to \\sms-server\share-folder. Select OK.
  9. Select the Distribution Settings tab.
  10. Set Sending priority to High.
  11. Select OK. The Package Properties dialog closes.

Creating a New Distribution Point for the Package

To create a new distribution point for the package

  1. Expand Packages, then expand the <update name> package.
  2. Right-click Distribution Points Select New, then select Distribution Points. The New Distribution Points dialog opens.
  3. Select the distribution point.
  4. Select Finish. The New Distribution Points dialog closes.

Creating a New Program for the Package

To create a new program for the package

  1. Right-click Programs. Select New, then select Program. The Program Properties dialog opens.
  2. Select the General tab.
  3. Set Name to <update name>.
  4. Select Browse.
  5. Set Files of type to All Files (*.*) and File name to pre-update.vbs, then select Open.
  6. Select the Environment tab.
  7. Set Program can run to Whether or not a user is logged on.
  8. Select OK. The Program Properties dialog closes.

Creating a New Advertisement

To create a new advertisement

  1. Expand Site Database (<site code> – MS).
  2. Right-click Advertisements. Select New, then select Advertisement. The Advertisement Properties dialog opens.
  3. Select the General tab.
  4. Set Name to <update name>.
  5. Set Package to <update name>.
  6. Set Program to <update name>.
  7. Select Browse.
  8. Select All Systems, then select OK.
  9. Select the Schedule tab.
  10. Set Priority to High.
  11. Select OK. The Advertisement Properties dialog closes.

Notes on Persisting the SMS AC States

This section discusses how to persist the SMS AC states. The SMS AC maintains its data in the Registry and in a number of system folders. To persist the SMS AC states, use the Registry Filter and FBWF.

Specifically, use Target Designer to add the following registry keys as Extra Registry Data for the Registry Filter:

  • HKLM\Software\Microsoft\CCM
  • HKLM\Software\Microsoft\SMS

See the section Add Extra Registry Data for Registry Filter: RunOnce for help with the Registry Filter.

Then add the following system folders to FBWF Exclusion List:

  • %systemdrive%\windows\system32\ccmsetup
  • %systemdrive%\windows\system32\ccm
  • %systemdrive%\windows\system32\wbem

See Windows Embedded SP2 FP2007 Help to learn about FBWF and its exclusion list.

Please note that persisting %systemdrive%\windows\system32\wbem may also persist WMI data used by other applications.

It is not possible to persist the SMS AC states using EWF because EWF does not support exclusion lists to allow file and folder write through.

Conclusion

The procedures provided in this white paper enable the successful distribution Systems Management Server (SMS) software packages to Windows® XP Embedded Service Pack 2 Feature Pack 2007 systems running Enhanced Write Filter (EWF) or File-Based Writer Filter (FBWF).