Creating Deployable Encrypted Windows Images

Every once in a while I wipe down my laptop's hard drive and re-image it a different way. Two times ago, I set it up as a dual boot system with Windows XP Pro and Ubuntu. The most recent one was Windows XP encrypted with Compu-Sec full hard drive encryption. I had VMWare installed so I could still play around with Ubuntu if I liked, but running Ubuntu through VMWare just isn't the same to me as having it directly installed.

Anyway, I decided it was time to image my machine again, this time I am going to install Sabayon Linux only. I will install Linux VMWare version and put Windows on it this time. Before I do that though, I want to "ghost" my current configuration so I can go back to that if I want. The problem is that the entire hard drive is encrypted.

What one normally does to create a deployable image is to run sysprep then reboot the computer to a boot disk or CD of some kind whether it is Symantec's Ghost or, my favorite, The Ultimate Boot CD for Windows and create a bit by bit image of the hard drive. The problem with my setup is that when I reboot to the bootable CD, the imaging program doesn't see anything on the disk. Everything is encrypted so I can't create the image, because these bootable disks only see a blank hard drive.

What I decided to do is to create the image while Windows is running using the installable Drive Image XML. If your laptop is going to be joined to a domain, or is already joined to a domain, you will want to disjoin it and put it in a workgroup first. You will also want to create your sysprep folder and sysprep.inf file in the root of your system drive. You will not run sysprep though.

After you have the computer in workgroup mode, with the sysprep folder ready, you will download and install Drive Image XML. Once installed use the backup option and follow the wizard. When prompted, select the option to try Volume Shadow Services (Volume locking will not work while Windows is running). Now backup the drive.

When you are ready to deploy the image to another similar computer (It has to have the same hardware like all operating system images) Boot it up using The Ultimate Boot CD For Windows, follow the step I outlined in a previous post here for restoring the operating system image. After you boot up the newly imaged computer and login, now is the time you will want to run sysprep and re-join the laptop to your domain.

If this doesn't make sense to you, or if you have any questions, hit me up in the comments!