How to change uEFI boot order

I’ve been doing a lot of USB and PXE installations on uEFI physical hardware lately. Most of the machines I’ve used in the past have been Lenovo/Dell/HP machines that support F9 or F12 boot overrides, however my Surface test machines ( Surface Pro (1), Surface Pro 3, and Surface 3) don’t support the typical F9 or F12 overrides, instead you have to hold down the Vol-Up key while pressing power on.

Well sometimes I get distracted, and forget to press the button, or sometimes my machine is just slow.

BIOS

Back in the BIOS days, it was easy for me to change the default boot order, for starters, I always set the Hard Disk to 1st priority, I never set PXE or USB to higher priority, that’s a security vulnerability. So on a BIOS machine, all you have to do is disable the active bit on the local hard disk system partition, and the BIOS will boot to the next item in the list.

Here is a script I wrote to do this:
SABOTAGE.CMD

 
@if not defined debug echo off

@echo.
@echo  This script will SABOTAGE the main hard disk and reboot the machine.
@echo.

pause

if exist c:\minint rd /s /q c:\Minint
if exist d:\minint rd /s /q d:\Minint
if exist e:\minint rd /s /q e:\Minint
if exist c:\_SMSTaskSequence rd /s /q c:\_SMSTaskSequence

(
@echo List Disk
@echo Select Disk 0
@echo List Partition 
@echo Select Partition 1
@echo Inactive
@echo Select Partition 2
@echo Inactive
@echo Exit
) | diskpart.exe

WPEUtil.exe reboot
shutdown.exe -s -f -t 0

The script will try to inactivate two different partitions just to be sure, and I run two different commands to reboot, one for Full Windows, and one for WinPE.

Additionally, if you decide later on that you don’t want to wipe the machine and install a new OS, you can boot into WinPE, and re-activate the System partition, and you got your full OS back.

uEFI

Well uEFI is a bit harder, and I finally think I’ve come across a way to disable booting from the system partition. The challenge is that the files on the System Partition are on a volume that does not have a drive letter, so it’s harder to gain access, but not totally impossible. Turns out that we can use the volume mount points to gain access.

On most of my test machines the System partition is on Disk 0 Partition 2, so the mount point is \\?\HardDiskVolume2

Example:
mount

We just enumerate through all partitions till we find the correct one.

(Please don’t ask about accessing these \\?\HardDiskVolume2 mount points in Powershell, it’s hard).

uEFISabotage.cmd

@if not defined debug echo off 

@echo.
@echo  This script will SABOTAGE the main hard disk and reboot the machine.
@echo.

pause

for /L %%i in ( 1,1,10 ) do (
  if exist \\?\HarddiskVolume%%i\efi\boot\bootx64.* (
    echo Found uEFI drive \\?\HarddiskVolume%%i
    rename \\?\HarddiskVolume%%i\efi\boot\*.efi *.bak
    rename \\?\HarddiskVolume%%i\efi\Microsoft\boot\*.efi *.bak
    WPEUtil.exe reboot
    shutdown.exe -s -f -t 0
  )
)
echo No uEFI drive found
pause

Be careful about USB drives that are mounted on the local system, the script should search and find the local volumes first, but just to be sure remove your USB stick.

Additionally, if you find that you want to keep your existing OS, just boot into WinPE, and rename all the *.bak files to *.efi.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s