Remin project notes

Some early notes from the initial PoC of the Remin project (Replicated MinWin), an attempt to revive bare metal Nano Server.

notes

  • kbdclass parameters (tick)
  • advapi32legacy/kernel32legacy (tick-todo)
  • conhost (tick)
  • shcore (tick)
  • forwarders (add to PATH? - nope!, tick-todo)
  • coniosrv (tick-todo)
  • sorting key set to kernel32legacy (tick-todo) (System\ControlSet001\Control\Nls\Sorting\Ids entries, System\ControlSet001\Control\Nls\Sorting\Versions (Default) -> "00060300", 000603xx -> "kernel32legacy.dll")
  • System\ControlSet001\Control\Nls\CodePage\ACP: "65001"
  • System\ControlSet001\Control\Nls\CodePage\OEMCP: "65001"
  • figure out how to add full servicing components on top of the nucleus image
  • windows\globalization\sorting\sortdefault.nls
  • install order: minimal-drivers before nanoserver-edition
  • hack wcp.dll (to remove hash check - just return true)/cbscore.dll (driverinstalled - is it needed?)
  • control\session manager\subsystems\windows (tick-todo)
  • System\ControlSet001\Control\WinInit -> Headless: 0x1 (WCM config?)
  • System\ControlSet001\Control\ConKbd -> Headless: 0x0, UseBGFX: 0x1 (add WCM config/regkeys to custom thing or so)
  • force usermanager to not be triggered(? if needed)
  • system\setup: SystemSetupInProgress -> 0x0, OOBEInProgress -> 0x0, SetupType -> 0x0 (tick-todo)
  • software\microsoft\windows nt\currentversion\winlogon (tick-todo):
    • ForceUnlockLogon: 0x01
    • FirstUserAccount: "LocalSystem"
    • Shell: "cmd.exe"
    • ShellInfrastructure: ""
    • UserMgrLaunchShell: 0x01
    • UserMgrRestartShellOnCrash: 0x01

packages:

  • Microsoft-Windows-ServicingStack-OneCore-Package(!!!! first!! will error out :/)
  • Microsoft-Windows-Servicing-Core-Package(!)
  • Microsoft-Windows-ServicingStack-OneCore-Package(again.)
  • Microsoft-Windows-ServicingStack-onecoreadmin-Package (or one msft package will fail)
// CORRECT ORDER
/PackagePath:I:\tmp\packageshit\Microsoft-Windows-Foundation-Group-merged-Package
/PackagePath:I:\tmp\packageshit\en-US\Microsoft-Windows-Foundation-Group-merged-Package
/PackagePath:I:\tmp\packageshit\Microsoft-Windows-BootEnvironment-BootManagers-Package
/PackagePath:I:\tmp\packageshit\en-US\Microsoft-Windows-BootEnvironment-BootManagers-Package
/PackagePath:I:\tmp\packageshit\Microsoft-OneCore-Common-DriverClasses-Core-Package
/PackagePath:I:\tmp\packageshit\en-US\Microsoft-OneCore-Common-DriverClasses-Core-Package
/PackagePath:I:\tmp\packageshit\Microsoft-Windows-Server-Minimal-Drivers-Package
/PackagePath:I:\tmp\packageshit\en-US\Microsoft-Windows-Server-Minimal-Drivers-Package
/PackagePath:I:\tmp\packageshit\Microsoft-Windows-CoreSystem-merged-Package
/PackagePath:I:\tmp\packageshit\en-US\Microsoft-Windows-CoreSystem-merged-Package
/PackagePath:I:\tmp\packageshit\Microsoft-OneCore-Wer-merged-Package
/PackagePath:I:\tmp\packageshit\en-US\Microsoft-OneCore-Wer-merged-Package
/PackagePath:I:\tmp\packageshit\Microsoft-OneCore-Console-Host-Package
/PackagePath:I:\tmp\packageshit\en-US\Microsoft-OneCore-Console-Host-Package
/PackagePath:I:\tmp\packageshit\Microsoft-Windows-Online-Setup-State-Full-Package
/PackagePath:I:\tmp\packageshit\en-US\Microsoft-Windows-Online-Setup-State-Full-Package
/PackagePath:I:\tmp\packageshit\Microsoft-OneCore-CoreSystem-Core-Package
/PackagePath:I:\tmp\packageshit\en-US\Microsoft-OneCore-CoreSystem-Core-Package
/PackagePath:I:\tmp\packageshit\Microsoft-NanoServer-Edition-Core-Package
/PackagePath:I:\tmp\packageshit\en-US\Microsoft-NanoServer-Edition-Core-Package
  • Microsoft-Windows-Foundation-Group-merged-Package
  • en-US\Microsoft-Windows-Foundation-Group-merged-Package
  • Microsoft-Windows-BootEnvironment-BootManagers-Package
  • en-US\Microsoft-Windows-BootEnvironment-BootManagers-Package
  • Microsoft-Windows-Common-DriverClasses-Package
  • en-US\Microsoft-Windows-Common-DriverClasses-Package
  • Microsoft-Windows-Server-Minimal-Drivers-Package
  • en-US\Microsoft-Windows-Server-Minimal-Drivers-Package
  • Microsoft-Windows-ServerCore-Drivers-Package
  • en-US\Microsoft-Windows-ServerCore-Drivers-Package
  • Microsoft-Windows-CoreSystem-merged-Package
  • en-US\Microsoft-Windows-CoreSystem-merged-Package
  • Microsoft-OneCore-Wer-merged-Package
  • en-US\Microsoft-OneCore-Wer-merged-Package
  • Microsoft-Windows-Online-Setup-State-Full-Package
  • en-US\Microsoft-Windows-Online-Setup-State-Full-Package
  • Microsoft-OneCore-CoreSystem-Core-Package
  • en-US\Microsoft-OneCore-CoreSystem-Core-Package
  • Microsoft-OneCore-EnterpriseNetworking-Package
  • en-US\Microsoft-OneCore-EnterpriseNetworking-Package
  • Microsoft-OneCore-Pnp-Full-Package
  • en-US\Microsoft-OneCore-Pnp-Full-Package
  • Microsoft-Windows-Network-Security-Core-Package
  • en-US\Microsoft-Windows-Network-Security-Core-Package
  • Microsoft-Windows-CoreSystem-RemoteFS-Package
  • en-US\Microsoft-Windows-CoreSystem-RemoteFS-Package
  • Microsoft-Windows-RemoteFS-Legacy-Package
  • Microsoft-OneCore-Console-Host-Package
  • en-US\Microsoft-OneCore-Console-Host-Package
  • Microsoft-NanoServer-Edition-Core-Package
  • en-US\Microsoft-NanoServer-Edition-Core-Package
  • Remin-SKU-Foundation-Package
  • en-US\Remin-SKU-Foundation-Package
  • custom deployment with:
    • Microsoft-System-User-Service
    • Microsoft-System-User-Ext
    • Microsoft-System-User-Component
    • Microsoft-Windows-WppRecorderUm
    • Microsoft-Windows-WDF-Usermode Library
    • Microsoft-Windows-DriverFrameworks-UserMode
    • Microsoft-Windows-International-CodePage-Core
    • Microsoft-Windows-StorPort-RegistrySettings
    • Microsoft-Windows-StorPort
    • Microsoft-Windows-Smss
    • Microsoft-Windows-Smss-BootExecute
    • Microsoft-Windows-Winsrv
    • Microsoft-Windows-DeltaCompressionEngine
    • Microsoft-Windows-Autochk
  • from list above, also add:
    • Microsoft-OneCore-Console-Host-Package
    • Microsoft-Windows-Online-Setup-State-Full-Package
  • and to deployment:
    • Microsoft.Windows.Hardware.Devices.ClassInstaller.KEYBOARD-DriverClass (done)
    • Microsoft-Windows-SHCore (done)
    • Product-onecore__Microsoft-Windows-International-Core-SortingVersion-Default (remake it with new version/file, done)
    • Microsoft-Windows-CoreSystem-LegacyPack-Base (remake, kernel32legacy, done)
    • Microsoft-Windows-CoreSystem-BootableSKU-MergedComponents (remake, advapi32legacy, done)
    • Microsoft-OneCore-ReverseForwarders (remake, add OCFW_Enabled, done)
    • Microsoft-Windows-CoreSystem-BootableSKU-BootableCoreSystem-Minkernel (remake, conkbd, rename conkbd lol) (tick)
    • Microsoft-Windows-CoreSystem-State-SM-SYSTEM (remake, also rename conkbd) (tick)
    • ((Microsoft-Windows-Online-Setup-State-Full-Deployment ))
    • Microsoft-Windows-CoreSystem-BootableSKU-BootableCoreSystem-Mincore (remake) (for ForceUnlockLogon/UserMgrLaunchShell/..) (tick)
    • a package with ACP/OEMCP (tick)
  • set WCM config (dism/unattend.xml with Apply-Unattend and offlineServicing):
    • Microsoft-Windows-Wininit/Headless=1
    • Microsoft-Windows-Online-Setup-State-Full-Deployment subpackages for SetupType/such
  • add cat:
    • Microsoft-OneCore-CoreSystem-BootableSKU-merged-Package~31bf3856ad364e35~amd64~~10.0.18945.1001.cat
    • Microsoft-OneCore-BootableSKU-merged-Package~31bf3856ad364e35~amd64~~10.0.18945.1001.cat

notes

servicing.exe
copy /y I:\tmp\image-repro\wcp.dll V:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18945.1001_none_c944f4cc2876ca60\wcp.dll
copy /y "I:\tmp\insider_tmps\tmp6\files\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-CoreSystem-BootableSKU-merged-Package~31bf3856ad364e35~amd64~~10.0.18945.1001.cat" "V:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}"
copy /y "I:\tmp\insider_tmps\tmp6\files\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-BootableSKU-merged-Package~31bf3856ad364e35~amd64~~10.0.18945.1001.cat" "V:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}"

DISM ADD

dism /image:V:\ /add-package /packagepath:"I:\tmp\packageshit\Microsoft-Windows-ServicingStack-OneCore-Package.cab"
dism /image:V:\ /add-package /packagepath:"I:\tmp\packageshit\Microsoft-Windows-Servicing-Core-Package.cab"
dism /image:V:\ /add-package /packagepath:"I:\tmp\packageshit\Microsoft-Windows-ServicingStack-OneCore-Package.cab"
dism /image:V:\ /add-package /packagepath:"I:\tmp\packageshit\Microsoft-Windows-ServicingStack-OneCoreadmin-Package.cab"

BIG ADD

dism /image:V:\ /add-package /PackagePath:I:\tmp\packageshit\Microsoft-Windows-Foundation-Group-merged-Package.cab /PackagePath:I:\tmp\packageshit\en-US\Microsoft-Windows-Foundation-Group-merged-Package.cab /PackagePath:I:\tmp\packageshit\Microsoft-Windows-BootEnvironment-BootManagers-Package.cab /PackagePath:I:\tmp\packageshit\en-US\Microsoft-Windows-BootEnvironment-BootManagers-Package.cab /PackagePath:I:\tmp\packageshit\Microsoft-Windows-Common-DriverClasses-Package.cab /PackagePath:I:\tmp\packageshit\en-US\Microsoft-Windows-Common-DriverClasses-Package.cab /PackagePath:I:\tmp\packageshit\Microsoft-Windows-Server-Minimal-Drivers-Package.cab /PackagePath:I:\tmp\packageshit\en-US\Microsoft-Windows-Server-Minimal-Drivers-Package.cab /PackagePath:I:\tmp\packageshit\Microsoft-Windows-ServerCore-Drivers-Package.cab /PackagePath:I:\tmp\packageshit\en-US\Microsoft-Windows-ServerCore-Drivers-Package.cab /PackagePath:I:\tmp\packageshit\Microsoft-Windows-CoreSystem-merged-Package.cab /PackagePath:I:\tmp\packageshit\en-US\Microsoft-Windows-CoreSystem-merged-Package.cab /PackagePath:I:\tmp\packageshit\Microsoft-OneCore-Wer-merged-Package.cab /PackagePath:I:\tmp\packageshit\en-US\Microsoft-OneCore-Wer-merged-Package.cab /PackagePath:I:\tmp\packageshit\Microsoft-Windows-Online-Setup-State-Full-Package.cab /PackagePath:I:\tmp\packageshit\en-US\Microsoft-Windows-Online-Setup-State-Full-Package.cab /PackagePath:I:\tmp\packageshit\Microsoft-OneCore-CoreSystem-Core-Package.cab /PackagePath:I:\tmp\packageshit\en-US\Microsoft-OneCore-CoreSystem-Core-Package.cab /PackagePath:I:\tmp\packageshit\Microsoft-OneCore-EnterpriseNetworking-Package.cab /PackagePath:I:\tmp\packageshit\en-US\Microsoft-OneCore-EnterpriseNetworking-Package.cab /PackagePath:I:\tmp\packageshit\Microsoft-OneCore-Pnp-Full-Package.cab /PackagePath:I:\tmp\packageshit\en-US\Microsoft-OneCore-Pnp-Full-Package.cab /PackagePath:I:\tmp\packageshit\Microsoft-Windows-Network-Security-Core-Package.cab /PackagePath:I:\tmp\packageshit\en-US\Microsoft-Windows-Network-Security-Core-Package.cab /PackagePath:I:\tmp\packageshit\Microsoft-Windows-CoreSystem-RemoteFS-Package.cab /PackagePath:I:\tmp\packageshit\en-US\Microsoft-Windows-CoreSystem-RemoteFS-Package.cab /PackagePath:I:\tmp\packageshit\Microsoft-Windows-RemoteFS-Legacy-Package.cab /PackagePath:I:\tmp\packageshit\Microsoft-OneCore-Console-Host-Package.cab /PackagePath:I:\tmp\packageshit\en-US\Microsoft-OneCore-Console-Host-Package.cab /PackagePath:I:\tmp\packageshit\Microsoft-NanoServer-Edition-Core-Package.cab /PackagePath:I:\tmp\packageshit\en-US\Microsoft-NanoServer-Edition-Core-Package.cab /PackagePath:I:\tmp\packageshit\Remin-SKU-Foundation-Package.cab /PackagePath:I:\tmp\packageshit\en-US\Remin-SKU-Foundation-Package.cab 

ADD PRODUCTOPTIONS AND OTHER REG FIXES (disable mpssvc, bfe, set subsystems, setup state, wininit, product policy)

AS SYSTEM

copy /y V:\windows\system32\boot\winload.efi V:\windows\system32
copy /y V:\windows\system32\boot\en-us\winload.efi.mui V:\windows\system32\en-us

copy /y I:\tmp\insider_tmps\tmp6\files\windows\system32\nihost.exe V:\windows\system32
copy /y I:\tmp\insider_tmps\tmp6\files\windows\system32\nsrc.exe V:\windows\system32
copy /y I:\tmp\insider_tmps\tmp6\files\windows\system32\en-us\nihost.exe.mui V:\windows\system32\en-us
copy /y I:\tmp\insider_tmps\tmp6\files\windows\system32\en-us\nsrc.exe.mui V:\windows\system32\en-us

MAKE BOOTABLE

bcdboot C:\windows /s X: /f UEFI /p /d
bcdedit /store X:\efi\Microsoft\boot\bcd
bcdedit /store X:\efi\Microsoft\boot\bcd /set {default} osdevice hd_partition=v:
bcdedit /store X:\efi\Microsoft\boot\bcd /set {default} device hd_partition=v:
bcdedit /store X:\efi\Microsoft\boot\bcd /set {default} testsigning on
bcdedit /store X:\efi\Microsoft\boot\bcd /set {bootmgr} device hd_partition=x:

bcdedit /store X:\efi\Microsoft\boot\bcd /set {default} debug off
bcdedit /store X:\efi\Microsoft\boot\bcd /dbgsettings serial debugport:1 baudrate:115200
bcdedit /store X:\efi\Microsoft\boot\bcd /set {default} bootdebug off
bcdedit /store X:\efi\Microsoft\boot\bcd /set {bootmgr} bootdebug off

list

  • TODO: CreatePolicyDatabaseOnFirstBoot (added)
  • TODO: ADD APISETSCHEMA!! (added)
  • TODO: NumberOfInitialSessions (added)
  • fix session manager subsystems (how? unattend.xml not working :/ )
  • add SOFTWARE\Microsoft\Windows NT\CurrentVersion\Server\ServerLevels NanoServer for pwsh (added?)
  • add mpr.dll and deps? (Microsoft-OneCore-EnterpriseNetworking-Package)
  • add Microsoft-Windows-RemoteFS-Legacy-Package~31bf3856ad364e35~amd64~~10.0.18945.1001 (ok)
  • add Microsoft-Windows-CoreSystem-RemoteFS-Package? (ok)
  • set time zone (ok?)
  • tcpip\parameters\hostname? (and domain/searchlist or dns will be broken - done)
  • add pnp package (done?)
  • specify workgroup in lsa primary domain policy (how? does this get provisioned at first boot if set properly?)
  • fix firewall policy (post-install step, to disable mpssvc/bfe?)
  • make pwsh package with hacks?

I:\tmp\images-repro\disk.vhd

@echo off
xcopy /y /e components\*.manifest I:\tmp\wsrv\18945\windows\winsxs\manifests\
xcopy /y /e components\* I:\tmp\wsrv\18945\windows\winsxs\
xcopy /y /e packages\*.mum I:\tmp\wsrv\18945\Windows\servicing\Packages\
copy /y I:\tmp\wsrv\18945\windows\servicing\packages\Windows-Defender-Server-Core-Group-Package~31bf3856ad364e35~amd64~en-US~10.0.18945.1001.cat I:\tmp\wsrv\18945\windows\servicing\packages\Remin-SKU-Foundation-Package.cat
copy /y I:\tmp\wsrv\18945\windows\servicing\packages\Windows-Defender-Server-Core-Group-Package~31bf3856ad364e35~amd64~en-US~10.0.18945.1001.cat I:\tmp\wsrv\18945\windows\servicing\packages\Remin-SKU-Foundation-Package-en-US.cat

copy /y amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18945.1001_none_c944f4cc2876ca60.manifest I:\tmp\ss-18945\manifest.txt
copy /y amd64_microsoft-windows-d..ing-management-core_31bf3856ad364e35_10.0.18945.1001_none_eb19b9888beb6b30.manifest I:\tmp\ss-18945\dism-core.manifest
copy /y amd64_microsoft-windows-d..gement-winproviders_31bf3856ad364e35_10.0.18945.1001_none_77334d1b06186fc7.manifest I:\tmp\ss-18945\dism-providers.manifest
copy /y amd64_microsoft-windows-d..ervicing-management_31bf3856ad364e35_10.0.18945.1001_none_1e8f369b6ed8bb42.manifest I:\tmp\ss-18945\dism.manifest
copy /y amd64_microsoft-windows-d..cing-management-api_31bf3856ad364e35_10.0.18945.1001_none_66a76be4c078727f.manifest I:\tmp\ss-18945\dism-api.manifest
copy /y amd64_microsoft-windows-pantherengine_31bf3856ad364e35_10.0.18945.1001_none_6df70314070307d0.manifest I:\tmp\ss-18945\panther.manifest
copy /y amd64_microsoft-windows-packagemanager_31bf3856ad364e35_10.0.18945.1001_none_acbd579f547095a3.manifest I:\tmp\ss-18945\pkgmgr.manifest

xcopy /y /e I:\tmp\wsrv\18945\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18945.1001_none_c944f4cc2876ca60\* I:\tmp\ss-18945\
xcopy /y /e I:\tmp\wsrv\18945\windows\winsxs\amd64_microsoft-windows-d..ing-management-core_31bf3856ad364e35_10.0.18945.1001_none_eb19b9888beb6b30\* I:\tmp\ss-18945\
xcopy /y /e I:\tmp\wsrv\18945\windows\winsxs\amd64_microsoft-windows-d..gement-winproviders_31bf3856ad364e35_10.0.18945.1001_none_77334d1b06186fc7\* I:\tmp\ss-18945\
xcopy /y /e I:\tmp\wsrv\18945\windows\winsxs\amd64_microsoft-windows-d..ervicing-management_31bf3856ad364e35_10.0.18945.1001_none_1e8f369b6ed8bb42\* I:\tmp\ss-18945\
xcopy /y /e I:\tmp\wsrv\18945\windows\winsxs\amd64_microsoft-windows-d..cing-management-api_31bf3856ad364e35_10.0.18945.1001_none_66a76be4c078727f\* I:\tmp\ss-18945\
xcopy /y /e I:\tmp\wsrv\18945\windows\winsxs\amd64_microsoft-windows-pantherengine_31bf3856ad364e35_10.0.18945.1001_none_6df70314070307d0\* I:\tmp\ss-18945\
xcopy /y /e I:\tmp\wsrv\18945\windows\winsxs\amd64_microsoft-windows-packagemanager_31bf3856ad364e35_10.0.18945.1001_none_acbd579f547095a3\* I:\tmp\ss-18945\

:: REMOVE EVENTS FROM DISM.MANIFEST!

Revision #2
Created Mon, Jan 20, 2020 5:59 PM by nta
Updated Mon, Jan 20, 2020 6:04 PM by nta