We had a huge problem with Windows Operating systems when recovering from dissimilar hardware (IBM Blade series to HP/Dell) and it had to with the software from the OS (IBM Director mainly). My company actually had to tell customers they were unrecoverable or fail those boxes until I with limited programming experience devised a solution.
While I can work with C++ and Linux Shells I am nowhere near a programmer or pretend to be. With that said, I decided that I needed to start playing detective and look at my root issues at hand. While blue screens after a complete restore are normal the thing you need to decide first is if its caused by a corrupt system state, Antivirus Software, old drivers, corrupt registry entry, bad .dll or sometime a java hook on the C drive trying to find a file unrestored on a secondary drive etc. There are plenty of causes but in my case I already knew that the original hardware was an HS41 and that it had been problematic in the past.
My first move to see if I could boot into safe mode without networking which I did ruling out a corrupt system state and OS failure. I got into Windows services and put almost everything listed from automatic to manual upon startup so I could rule out software issues which also didn’t work. After multiple reboots no change so then I looked at the drivers in Device manager and cleaned those up to avail. I lastly tried an in place upgrade which didn’t work either because the server went in a continuous reboot loop so now my options were now very limited to recover this
Knowing that it had to be the proprietary software that came with the original OS prior to recovery the only way to really figure out how to do this was to reverse engineer a solution from that. So here we go
- I created a Virtual Machine with the Windows server OS
- I then went to the HW manufacturers website drilled down to the exact model HW and then clicked on support. From here knowing that it wasn’t the drivers I went to the software section and found that the main software was IBM Director.
- Downloaded the software into my virtual machine
- Next I browsed around the support forums and found that there were two files that cause the auto reboot ibmasrw.sys & ibmasrw.sys which can be removed from a command line. ibm_utl_asr_wap4XXa_winsrvr_i386.exe -s -a –remove XX is where the version goes
- Next I downloaded Install Watch Pro “freeware”
So now that we have everything lined up we can start the installations. Double click on Install Watch Pro and hit Next
Click through the obvious Nexts..
And Some more
I usually just go with the default destination nothing too fancy.
That should wrap up the install and we can now launch the application.
Once its open go to the lightning bolt at the top left that says install, it will take you to a Pop up Screen; choose configure
Select the Drive you install applications to; wherein my case it’s always C: Choose Next
Choose Next to allow the snapshot to read all current registry and directories
Next we will be able to choose the OS software in question that we downloaded earlier. First hit the little box next to installation program to run then use explorer to browse to the installation executable.
After we choose the package just go through the normal installation the way you normally would choosing the same settings you have in production.
After the installation is complete DO NOT HIT RESTART choose NO. The machine may blue screen just like in recovery and we wont be able to capture the results.
Once we’ve denied the reboot a popup should appear asking us to search all changes made. Hit Next
Now is where the cross comparison happens of all changes made to the system since installing the Software in question.
We are now asked to name the installation so that we can use it for inspection at any point.
Now we are ready to see what that software did to the OS
We now come to a screen that has monitored and captured all of the changes made.
- So firstly let’s take note of all of the added files and in what directories they belong to
- Expand the .INI files link to show the location of all the .INI files that were installed. When we start to script I will blow away the entire parent folder.
- Right Click on the added registry Keys header and export registry details to Text.
- Now go below and click on Modified Registry keys and choose to export Original registry entries.
Now have captured everything that the software has changed on our OS so it’s time to start reversing it.
- Make a backup of your current registry and export the entire thing to your desktop
- Right click on the first registry export added from Install Watch registry export and choose edit (it will open in Notepad)
- Go to edit Replace and in find what use [H and then under it in Replace with enter [-H (This will delete all of the corresponding keys in the list.
- Once that has run go to file save as “to_delete.reg” where ever your preference of location
- We now will create a .bat script to delete those directories discovered earlier.
It should look like this
You can download my copy here
- So we now have everything we need to reverse the issue of recovering to dissimilar hardware. So to be vigilant about your DR issue I suggest keeping this file on a secondary drive that is backed up every night.
Next is a personal choice of whether to combine the batch script with the 2 registry files into a single .VBS script or just Zip them up together. The .VBS I have found when trying to save to a C: drive makes antivirus scanners have a conniption so my suggestion is to just Zip them together and sometimes if the AV is extra paranoid just put a Zip password on so it can’t see your files.
This way at the time of DR after you restore your server from backup the file will be there to run prior to reboot. Sometimes whether you’re using a USB etc your server won’t have those new drivers yet until you install them. This way it won’t be a concern and after you run this batch script DON’T FORGET TO UPDATE YOUR ARRAY CONTROLLER PRIOR TO REBOOT!