Fbreseal problesm with SP2.

M

Mark K Vallevand

I've been having problems with fbreseal in SP2. It works differently from
SP1. We've had no problems with SP1. We do things correctly, AFAIK.

Include System Cloning Tool. Reseal phase 0. Other advanced flags set as
we want them.
Boot thru FBA on HD.
Create CF with RAM REG EWF.
Boot CF. Configure and adjust OS. Install our applications. Commit EWF,
reboot, test. Repeat until golden.
Commit EWF. Fbreseal. Shutdown. Capture CF image.
Duplicate CF image.
Boot duplicated image at customer site or in factory during customer's
personal setup..
First boot takes a longer time because the SID change is occurring.
Fbreseal.exe self-deleted.
Commit EWF, reboot, perform the customer-unique setup.

Using SP2, when the first boot of a duplicated image is done, the
fbreseal.exe file is still present. The first boot takes a long time and
the SID change seems to occur. But, fbreseal didn't self-delete.
*** Did a SID change occur? ***
*** Why is fbreseal.exe still present? ***

If you commit EWF and run fbreseal again, it behaves correctly. The first
boot takes a long time and the SID change seems to occur and fbreseal.exe is
deleted.

I've been told that running fbreseal with EWF enabled isn't a good idea. If
so, how do you clone? It probably won't hurt the CF to disable EWF,
fbreseal, enable. But, that takes a couple of reboots. The
commitanddisable live feature causes a BSOD, so I'm not considering that
seriously yet. Sysinternals's NewSid is attractive, but broken. NewSid
doesn't update COM security information correctly.

I'm considering releasing CF with fbreseal run twice.
 
D

Doug Hoeffel

Mark:
*** Did a SID change occur? ***
Click to expand...

Try running this before and after reaseal to see if the SID actually
changes:

WScript.Echo "User SID: " & GetUserSID

Function GetUserSID()
Dim sUserSID, oWshNetwork, oUserAccount
Set oWshNetwork = CreateObject("WScript.Network")
sUserSID = ""

On Error Resume Next
Set oUserAccount=GetObject( _
"winmgmts://" & oWshNetwork.UserDomain & "/root/cimv2") _
.Get("Win32_UserAccount.Domain='" & oWshNetwork.ComputerName & "'" _
& ",Name='" & oWshNetwork.UserName & "'")

GetUserSID = oUserAccount.SID
End Function

HTH... Doug
 
M

Mark K Vallevand

I'll try it.

I'm pretty sure that its changing the SID the first time. After the second
time, there are some security settings that are messed up in IIS and COM.

Anyone else see this problem?
Anyone using fbreseal and SP2?
 
M

Mark K Vallevand

OK. What kind of file is this? I put this in UserSID.vbs and there are no
errors when it runs, but the User SID is blank.
 
D

Doug Hoeffel

Mark:

vbs is correct. I've run this on my XP Pro and XPe boxes without issue.
What WMI components do you have in your image?

.... Doug
 
K

KM

Mark,

How about just checking the registry?
Look under [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList] and see if the SIDs have changed.
 
M

Mark K Vallevand

Actually, I tried it on my WinXP Pro SP1 machine. Do I need to install WMI
on XP Pro? I have it (I think) on XPe. I'll try it there, too.
 
M

Mark K Vallevand

Well, that should be easy! I'm just about to test again...

--
Regards.
Mark K Vallevand
KM said:
Mark,

How about just checking the registry?
Look under [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
Click to expand...
NT\CurrentVersion\ProfileList] and see if the SIDs have changed.
 
D

Doug Hoeffel

Mark:

Not sure what the deal is as I've not had problems with it.

Just go with KM's solution of looking in the registry if all else fails ;-)

.... Doug
 
M

Mark K Vallevand

I couldn't see any changes in that key after fbreseal. I should have
exported the registry key and compared in detail. But, it appears that no
changes occured.

Microsoft? Anyone?
Does fbreseal work in SP2?

--
Regards.
Mark K Vallevand
Mark K Vallevand said:
Well, that should be easy! I'm just about to test again...

--
Regards.
Mark K Vallevand
KM said:
Mark,

How about just checking the registry?
Look under [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
Click to expand...
NT\CurrentVersion\ProfileList] and see if the SIDs have changed. are
no
Click to expand...
Click to expand...
 
D

Doug Hoeffel

Mark:

FWIW... I also see a blank sid using my vbs app. when I log onto my box with
a domain account. I do see a sid when I log on with a local account. This
was with XP Pro SP2. Also, WMI is built in with a standard install of XP
Pro, ie. you don;t have to load extra options to get WMI.

HTH... Doug
Mark K Vallevand said:
I couldn't see any changes in that key after fbreseal. I should have
exported the registry key and compared in detail. But, it appears that no
changes occured.

Microsoft? Anyone?
Does fbreseal work in SP2?

--
Regards.
Mark K Vallevand
Mark K Vallevand said:
Well, that should be easy! I'm just about to test again...

--
Regards.
Mark K Vallevand
KM said:
Mark,

How about just checking the registry?
Look under [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
Click to expand...
NT\CurrentVersion\ProfileList] and see if the SIDs have changed.
--
Regards,
KM, BSquare Corp.


OK. What kind of file is this? I put this in UserSID.vbs and there
Click to expand...
are
no
errors when it runs, but the User SID is blank.

--
Regards.
Mark K Vallevand
I'll try it.

I'm pretty sure that its changing the SID the first time. After the
second
time, there are some security settings that are messed up in IIS
Click to expand...
and
COM.
Anyone else see this problem?
Anyone using fbreseal and SP2?

--
Regards.
Mark K Vallevand
Mark:

*** Did a SID change occur? ***

Try running this before and after reaseal to see if the SID actually
changes:

WScript.Echo "User SID: " & GetUserSID

Function GetUserSID()
Dim sUserSID, oWshNetwork, oUserAccount
Set oWshNetwork = CreateObject("WScript.Network")
sUserSID = ""

On Error Resume Next
Set oUserAccount=GetObject( _
"winmgmts://" & oWshNetwork.UserDomain & "/root/cimv2") _
.Get("Win32_UserAccount.Domain='" & oWshNetwork.ComputerName
Click to expand...
&
"'" _
& ",Name='" & oWshNetwork.UserName & "'")

GetUserSID = oUserAccount.SID
End Function

HTH... Doug
I've been having problems with fbreseal in SP2. It works differently
from
SP1. We've had no problems with SP1. We do things correctly, AFAIK.

Include System Cloning Tool. Reseal phase 0. Other advanced flags
set
as
we want them.
Boot thru FBA on HD.
Create CF with RAM REG EWF.
Boot CF. Configure and adjust OS. Install our applications. Commit
EWF,
reboot, test. Repeat until golden.
Commit EWF. Fbreseal. Shutdown. Capture CF image.
Duplicate CF image.
Boot duplicated image at customer site or in factory during customer's
personal setup..
First boot takes a longer time because the SID change is occurring.
Fbreseal.exe self-deleted.
Commit EWF, reboot, perform the customer-unique setup.

Using SP2, when the first boot of a duplicated image is done, the
fbreseal.exe file is still present. The first boot takes a
Click to expand...
long
time
and
the SID change seems to occur. But, fbreseal didn't self-delete.
*** Did a SID change occur? ***
*** Why is fbreseal.exe still present? ***

If you commit EWF and run fbreseal again, it behaves
Click to expand...
correctly.
The
first
boot takes a long time and the SID change seems to occur and
fbreseal.exe
is
deleted.

I've been told that running fbreseal with EWF enabled isn't a good
idea.
If
so, how do you clone? It probably won't hurt the CF to
Click to expand...
disable
EWF,
fbreseal, enable. But, that takes a couple of reboots. The
commitanddisable live feature causes a BSOD, so I'm not considering
that
seriously yet. Sysinternals's NewSid is attractive, but broken.
NewSid
doesn't update COM security information correctly.

I'm considering releasing CF with fbreseal run twice.
Click to expand...
Click to expand...
Click to expand...
 
M

Mark K Vallevand

Yep. Using domains on my workstation. Login local (XP or XPe) works as
advertised.

I'm still wondering if fbreseal really works in SP2.
If someone at Microsoft has an answer...

--
Regards.
Mark K Vallevand
Doug Hoeffel said:
Mark:

FWIW... I also see a blank sid using my vbs app. when I log onto my box with
a domain account. I do see a sid when I log on with a local account. This
was with XP Pro SP2. Also, WMI is built in with a standard install of XP
Pro, ie. you don;t have to load extra options to get WMI.

HTH... Doug
Mark K Vallevand said:
I couldn't see any changes in that key after fbreseal. I should have
exported the registry key and compared in detail. But, it appears that no
changes occured.

Microsoft? Anyone?
Does fbreseal work in SP2?

--
Regards.
Mark K Vallevand
Mark K Vallevand said:
Well, that should be easy! I'm just about to test again...

--
Regards.
Mark K Vallevand
Mark,

How about just checking the registry?
Look under [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\ProfileList] and see if the SIDs have changed.

--
Regards,
KM, BSquare Corp.


OK. What kind of file is this? I put this in UserSID.vbs and
Click to expand...
there
are
no
errors when it runs, but the User SID is blank.

--
Regards.
Mark K Vallevand
I'll try it.

I'm pretty sure that its changing the SID the first time. After the
second
time, there are some security settings that are messed up in IIS and
COM.

Anyone else see this problem?
Anyone using fbreseal and SP2?

--
Regards.
Mark K Vallevand
Mark:

*** Did a SID change occur? ***

Try running this before and after reaseal to see if the SID actually
changes:

WScript.Echo "User SID: " & GetUserSID

Function GetUserSID()
Dim sUserSID, oWshNetwork, oUserAccount
Set oWshNetwork = CreateObject("WScript.Network")
sUserSID = ""

On Error Resume Next
Set oUserAccount=GetObject( _
"winmgmts://" & oWshNetwork.UserDomain & "/root/cimv2") _
.Get("Win32_UserAccount.Domain='" &
Click to expand...
Click to expand...
oWshNetwork.ComputerName
& done,
the a
good
Click to expand...
Click to expand...
 
M

Mark K Vallevand

Still no idea if fbreseal really works with SP2.

--
Regards.
Mark K Vallevand
Mark K Vallevand said:
Yep. Using domains on my workstation. Login local (XP or XPe) works as
advertised.

I'm still wondering if fbreseal really works in SP2.
If someone at Microsoft has an answer...

--
Regards.
Mark K Vallevand
Doug Hoeffel said:
Mark:

FWIW... I also see a blank sid using my vbs app. when I log onto my box with
a domain account. I do see a sid when I log on with a local account. This
was with XP Pro SP2. Also, WMI is built in with a standard install of XP
Pro, ie. you don;t have to load extra options to get WMI.

HTH... Doug
Click to expand...
that
no
changes occured.

Microsoft? Anyone?
Does fbreseal work in SP2?

--
Regards.
Mark K Vallevand
Well, that should be easy! I'm just about to test again...

--
Regards.
Mark K Vallevand
Mark,

How about just checking the registry?
Look under [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\ProfileList] and see if the SIDs have changed.

--
Regards,
KM, BSquare Corp.


OK. What kind of file is this? I put this in UserSID.vbs and there
are
no
errors when it runs, but the User SID is blank.

--
Regards.
Mark K Vallevand
I'll try it.

I'm pretty sure that its changing the SID the first time.
Click to expand...
After
the
second
time, there are some security settings that are messed up in
Click to expand...
IIS
and
COM.

Anyone else see this problem?
Anyone using fbreseal and SP2?

--
Regards.
Mark K Vallevand
Mark:

*** Did a SID change occur? ***

Try running this before and after reaseal to see if the SID
actually
changes:

WScript.Echo "User SID: " & GetUserSID

Function GetUserSID()
Dim sUserSID, oWshNetwork, oUserAccount
Set oWshNetwork = CreateObject("WScript.Network")
sUserSID = ""

On Error Resume Next
Set oUserAccount=GetObject( _
"winmgmts://" & oWshNetwork.UserDomain & "/root/cimv2") _
.Get("Win32_UserAccount.Domain='" &
Click to expand...
oWshNetwork.ComputerName
&
"'" _
& ",Name='" & oWshNetwork.UserName & "'")

GetUserSID = oUserAccount.SID
End Function

HTH... Doug
I've been having problems with fbreseal in SP2. It works
differently
from
SP1. We've had no problems with SP1. We do things correctly,
AFAIK.

Include System Cloning Tool. Reseal phase 0. Other advanced
flags
set
as
we want them.
Boot thru FBA on HD.
Create CF with RAM REG EWF.
Boot CF. Configure and adjust OS. Install our applications.
Commit
EWF,
reboot, test. Repeat until golden.
Commit EWF. Fbreseal. Shutdown. Capture CF image.
Duplicate CF image.
Boot duplicated image at customer site or in factory during
customer's
personal setup..
First boot takes a longer time because the SID change is
occurring.
Fbreseal.exe self-deleted.
Commit EWF, reboot, perform the customer-unique setup.

Using SP2, when the first boot of a duplicated image is done,
the
fbreseal.exe file is still present. The first boot takes
Click to expand...
a
long
time
and
the SID change seems to occur. But, fbreseal didn't
self-delete.
*** Did a SID change occur? ***
*** Why is fbreseal.exe still present? ***

If you commit EWF and run fbreseal again, it behaves correctly.
The
first
boot takes a long time and the SID change seems to occur and
fbreseal.exe
is
deleted.

I've been told that running fbreseal with EWF enabled
Click to expand...
Click to expand...
isn't
a
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Runonce after fbreseal... partitioning and formatting a 2nd disk... 1
Fbseal, EWF and SID corruption. 5
What is going on with fbreseal? 2
fbreseal 6
USB devices and fbreseal ?? 4
Image changes after cloning 2
Disable EWF operation hang in RAM Reg mode of Removable CF. 1
SP1 with EWF and Wise installer 1

Top