I’ve been doing a lot of USB and PXE installations on uEFI physical hardware lately. Most of the machines I’ve used in the past have been Lenovo/Dell/HP machines that support F9 or F12 boot overrides, however my Surface test machines ( Surface Pro (1), Surface Pro 3, and Surface 3) don’t support the typical F9 or F12 overrides, instead you have to hold down the Vol-Up key while pressing power on.
Well sometimes I get distracted, and forget to press the button, or sometimes my machine is just slow.
Back in the BIOS days, it was easy for me to change the default boot order, for starters, I always set the Hard Disk to 1st priority, I never set PXE or USB to higher priority, that’s a security vulnerability. So on a BIOS machine, all you have to do is disable the active bit on the local hard disk system partition, and the BIOS will boot to the next item in the list.
Here is a script I wrote to do this:
@if not defined debug echo off @echo. @echo This script will SABOTAGE the main hard disk and reboot the machine. @echo. pause if exist c:\minint rd /s /q c:\Minint if exist d:\minint rd /s /q d:\Minint if exist e:\minint rd /s /q e:\Minint if exist c:\_SMSTaskSequence rd /s /q c:\_SMSTaskSequence ( @echo List Disk @echo Select Disk 0 @echo List Partition @echo Select Partition 1 @echo Inactive @echo Select Partition 2 @echo Inactive @echo Exit ) | diskpart.exe WPEUtil.exe reboot shutdown.exe -s -f -t 0
The script will try to inactivate two different partitions just to be sure, and I run two different commands to reboot, one for Full Windows, and one for WinPE.
Additionally, if you decide later on that you don’t want to wipe the machine and install a new OS, you can boot into WinPE, and re-activate the System partition, and you got your full OS back.
Well uEFI is a bit harder, and I finally think I’ve come across a way to disable booting from the system partition. The challenge is that the files on the System Partition are on a volume that does not have a drive letter, so it’s harder to gain access, but not totally impossible. Turns out that we can use the volume mount points to gain access.
On most of my test machines the System partition is on Disk 0 Partition 2, so the mount point is \\?\HardDiskVolume2
We just enumerate through all partitions till we find the correct one.
(Please don’t ask about accessing these \\?\HardDiskVolume2 mount points in Powershell, it’s hard).
@if not defined debug echo off @echo. @echo This script will SABOTAGE the main hard disk and reboot the machine. @echo. pause for /L %%i in ( 1,1,10 ) do ( if exist \\?\HarddiskVolume%%i\efi\boot\bootx64.* ( echo Found uEFI drive \\?\HarddiskVolume%%i rename \\?\HarddiskVolume%%i\efi\boot\*.efi *.bak rename \\?\HarddiskVolume%%i\efi\Microsoft\boot\*.efi *.bak WPEUtil.exe reboot shutdown.exe -s -f -t 0 ) ) echo No uEFI drive found pause
Be careful about USB drives that are mounted on the local system, the script should search and find the local volumes first, but just to be sure remove your USB stick.
Additionally, if you find that you want to keep your existing OS, just boot into WinPE, and rename all the *.bak files to *.efi.