I am trying to undo the effects of Sysprep.exe on Windows Server 2008.

Posted on 2010-08-19
Last Modified: 2012-05-10
while trying to configure Windows Deployment Services in Windows Server 2008 Enterprise, I made an error using Sysprep.exe to create a boot image that would be used to boot up in to a another new installation of the Windows Server 2008 in Dell PE2650. The latter does not have a DVD ROM, and I could not use the Win 2K08 DVD to do an install. So, I tried this cute setup, while tired, hungry and exhausted I might add and created a whole set of problems on the domain controller. This morning, I restarted the domain controller only to find out that it was starting a mini-setup wizard, trying to change the SID and so forth. I to stoped it on its track before it did further damage. Anyone can suggest how I can recover to the original state , before or just after I added the WDM server role and before configuring  the role? Would appreciate any help.

Note: Microsoft has KB articcle 287506 where it outlines a solution on how to disable the mini-setup wizard on which SYSPREP.EXE was used. But the solution was designed for Windows Server 2000. The artilce states that it sysprep.exe makes changes to the registry  to load SETUPCL.EXE, which starts the mini-setup wizard. I tried to locate a regitry entry for the SETUPCLE.EXE. I could not find any. Which could mean that SYSPREP.EXE doest it  differently in Widows Server 2008. Here is link for KB287506. Assume I have no backup of system or registry files. I am booting Win 2K08 from a VMWare.  I have tried the usual "Last KNown Good Configuration". No dice. Your suggestions are appreciated. Here is a link to the KB article.
Question by:modathir
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 79

Expert Comment

ID: 33486102
Don't know how to address the issue at hand, but do you have a VMWARE snapshot of the system prior to you running sysprep.
Since this is a domain controller, rolling back a VMWARE snapshot might not be helpful if there are other DCs.  Be very careful.

In the registry, you may want to look for runonce etc. type of setting.
Also check the boot directive or perhaps the master boot record.

Author Comment

ID: 33486310
Hi, thanks for your attention. The VMWARE is a non-issue at this point. It is not the source of the cause. It is doing a good job as a platform. It is loading ntloader fine, after which the problem starts. But the cause of the Win2K08 bootup failure is directly related to registry changes made by running the Sysprep.exe. Trouble is, I dont know what changes it made. The microsoft article I linked to shows a roadmap for an exact problem in Windows 2000 server. Mine is 2008. And the culprit cited in the solution is Setupcpl.exe, an entry for which I did not find in the Win2K08 registry. So, I am stuck. My hunch is Sysprep.exe works differently in Win2K08 than it does in Win2K.
So, it appears my options are 1. Let the mini-setup wizard take its course and determine what comes next. or, 2. Roll back the OS to the pre Sysprep.exe configuration changes. The latter is my choice if I can know how to roll it back. Alternately, I will see if there is a way to let Win2K08 startup repair.
LVL 23

Expert Comment

ID: 33486562
I recommend the RollBack option. Letting the mini-setup wizard finish and you might not recover.

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

LVL 41

Expert Comment

by:Adam Brown
ID: 33486632
Sysprep, unfortunately, can't be undone. A big part of the sysprep operation is the removal of all SIDs on the system, which makes syspreping a Domain Controller completely disastrous. There is no System Recovery in Windows 2008, so you will need to restore the server from a backup. This can be a pretty involved process and involves reinstalling the OS on a clean server. If your system *is* running on VMWare, you really should restore from a snapshot if you have one. Here's a link with info on performing a system recovery for a Domain Controller: 
If you don't have a recent backup of your server, I hate to say it but you're pretty much hosed.
LVL 41

Expert Comment

by:Adam Brown
ID: 33486660
To clarify, when I say there is no system recovery in windows 2008, I mean that there is no option available to roll back to a previous time as you can with Windows XP/Vista/7. Such a feature, if included on a server, could have some very disastrous consequences if used on an important server. Thus, Microsoft chose to leave it out of the system.

Author Comment

ID: 33487154
To acbrown2010: the solution you proposed requires that you " have a full server backup available." I stated in my first post that I do not have backup and this was a new DC config. And I am aware there is no option in Win2K08 for system recovery a la Win XP, or Vista.
The mini-setup wizard is being started at bootup due to changes that were made by sysprep.exe to the registry. There is no other explanation. So, the trick is to find what changes were made in the registry and reinstate them to what they were before. As I stated, there is an identical symptom and solution to Windows Server 2000 explained in MS KB article. But it states there is an entry for Setupcl.exe run during bootup, which starts the mini-setup wizard. However I have not found such entry in the registry of the Win2K08 DC. I searched thorougly.
So, the trick is to determine the exact changes. And they are very specific.
Does anybody know if Windows Server routinely creates a backup copy of its registry?
LVL 85

Expert Comment

ID: 33498744
If this is the only DC for the domain, you're completely s.o.l., I'm afraid; the domain will have to be rebuilt from scratch.
One of the first things Sysprep does when it's run on a domain member is to remove the domain membership. In other words: this DC already isn't a domain member anymore. Even if you were to find a way to deactivate the mini-setup wizard, it would be a moot point, since there is absolutely no way to get AD running anymore.
What is Sysprep?
"Sysprep runs only if the computer is a member of a workgroup, not a domain. If the computer is joined to a domain, Sysprep removes the computer from the domain."

If you have another DC, you can clean out the meta data of the sysprepped DC on the other DC, seize all FSMO roles, finish the setup wizard, rejoin the machine to the domain, and run dcpromo again.

Accepted Solution

modathir earned 0 total points
ID: 33559674
I Just completed the Wizard. Nothing happend after that! everthing was working fine.
Thank everyone!

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations.  For example, if a use…
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Suggested Courses

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question