Saturday, February 20, 2016

Remote connect to Windows PE with VNC

A few years ago, I came across this neat trick while trying to upgrade my WD Sentinel DX4000 from Windows Storage Server 2008 R2 Essentials to Windows Server 2012 R2 Standard. The challenge in this was that the DX4000 is a headless system. To interact with the DX4000, someone came up with the good idea of injecting a TightVNC server into the Windows PE boot media of the installation. You could then interact with the installation from a remote computer. In this guide, we are going to show you how you do that.

To see the original article about installing Windows Server 2012 onto a WD Sentinel DX4000, click here.

Download and install TightVNC

The first step is to download TightVNC from and install it onto a reference computer. We're using the 64-bit version of TightVNC 2.7.10 for this guide. Perform a Complete install of TightVNC accepting any defaults. When prompted to set a password for our TightVNC server, we have chosen not to use a password for the purpose of this guide.

After installing TightVNC, the next step is to configure your TightVNC server with all the settings you want and then open up the registry to HKLM\SOFTWARE\TightVNC\Server.

Export that key to a file called TightVNCServerSettings.reg and save the file to the installation directory of TightVNC, C:\Program Files\TightVNC. Your .reg file should look similar to the following.
Windows Registry Editor Version 5.00


Download and install the Windows Assessment and Deployment Kit (ADK)

Windows PE is a part of the Windows Assessment and Deployment Kit (ADK). For this exercise, we're using Windows ADK for Windows 10. You can download Windows ADK for Windows 10 from here.

Run adksetup.exe. When you get to the part where you select the features you want to install, select Deployment Tools and Windows Preinstallation Environment (Windows PE). We only need these components for this exercise.

Create the Windows PE image and inject TightVNC

Run the Deployment and Imaging Tools Environment command prompt as an administrator. The shortcut should be in your Start menu after you install ADK.

Using the following article as a guide to create and mount a Windows PE image. We're using the 64-bit for our example.

Step 1. Create your Windows PE image with the working directory C:\WinPE_amd64.
copype amd64 C:\WinPE_amd64

Step 2. Mount your Windows PE image so that it can be edited.
Dism /Mount-Image /ImageFile:C:\WinPE_amd64\media\sources\boot.wim /Index:1 /MountDir:C:\WinPE_amd64\mount

Step 3. Copy the installation directory of TightVNC, C:\Program Files\TightVNC with the .reg file we created earlier in it to C:\WinPE_amd64\mount\Program Files\.

Step 4. Configure TightVNC to start up automatically in your Windows PE image by editing C:\WinPE_amd64\mount\Windows\System32\startnet.cmd in notepad. Add the following lines to startnet.cmd. This is a quick and dirty method.
%WINDIR%\System32\wpeutil.exe InitializeNetwork
%WINDIR%\System32\wpeutil.exe DisableFirewall
%WINDIR%\regedit.exe -s "%SYSTEMDRIVE%\Program Files\TightVNC\TightVNCServerSettings.reg"
"%SYSTEMDRIVE%\Program Files\TightVNC\tvnserver.exe" -install -silent
"%SYSTEMDRIVE%\Program Files\TightVNC\tvnserver.exe" -start -silent

Step 5. Unmount and save your Windows PE image.
Dism /Unmount-Image /MountDir:C:\WinPE_amd64\mount /Commit

Step 6. Once your Windows PE image is saved and unmounted, create your Windows PE media using the command MakeWinPEMedia. Below is an example for a USB drive on D:\.
MakeWinPEMedia /ufd C:\WinPE_amd64 D:

Boot Windows PE and remote in

Test your TightVNC enabled Windows PE boot media by booting a computer with your Windows PE boot media. On another computer on the same network, connect to your Windows PE machine with TightVNC viewer. You'll need the IP address of the Windows PE computer. How you work this out, we'll leave up to you.


  1. Really great write-up, thanks so much. Testing this method on a virtual machine on Microsoft Hyper-V host, all I get is a black screen. This is using the PE from WADK 2004. I've tried all possible combinations of the display related settings (UseMirrorDriver, UseD3D, etc) and can't get it to work. If I run TightVNC server as an application instead of a service within the VM, then I can see the remote display, but I can't interact with any UAC windows. I have seen posts about related issues in TightVNC with a certain windows 10 build (or higher) when there is no physical monitor, so it's possible that's related. I will test on a physical machine and update this post.

    1. I'm seeing the same symptom on physical machines with monitor attached. So something else is going on. I can only make TightVNC work on PE when running as an application, not a service. Running as application mode isn't a good workaround, as I can't access any admin windows (UAC windows). I will stick with UltraVNC on my boot disks - it works, I can actually see the display, just I can't access UAC windows on UltraVNC either.