Step-By-Step: Creating a Windows 10 To Go Key Inside a Hyper-V VM

Windows 10 will include many cool features to enable system administrators in securing client computing.  Testing is key and this blog has detailed many ways IT Professionals can test Windows 10 Technical Preview without the requirement of loading it on a production machine. So I thought I would share some of my findings as I have been testing Windows 10 TP for a few weeks.   Like many IT Professionals,  I downloaded the Windows 10 Technical Preview media and spun it up inside a Virtual machine to see a side by side comparison of my production Windows 8.1 laptop.

During the download, I received word from my boss that his laptop had died.  Convenient as we just received a shipment of Surface Pro 3s and so he was promptly migrated to the new device.  With just the hard drive dead on his old laptop, it provided me with another opportunity to test Windows 10 on existing hardware.  Since we didn’t have a spare drive for his particular model of laptop, the plan was to fire up a Windows 10 to go key to see what it looked like on his laptop. However, I had one small challenge.

My current implementation of Windows 10 was running within a VM enabled through Hyper-v on my Windows 8.1 production machine. This presented a problem as even though I can access the file structure on the key, I was unable to create partitions or for that matter, run the built in Windows to Go Wizard.

In doing a little research and some testing, I was able to workout a solution involving Direct Passthru to the physical disk in Hyper-V and Windows PowerShell cmdlets to generate the content on the key.   Here are the steps I followed:

Step 1: Connecting the USB to the Host environment

  1. Attach a recommended Windows To Go USB drive to the host PC
     
  2. Run Disk Management, right click on the desired USB Key and select Offline
     
    Windows 10 To Go Key Create 001
     
  3. Close Disk Management and open Hyper-V Manager
     
  4. Right click on the created Windows 10 TP WM and select Settings…
     
  5. Select SCSI Controller, select Hard Drive and then select Add
     
    Windows 10 To Go Key Create 002
     
  6. Select the Physical Hard Disk representing the attached USB and select Apply
     
    Windows 10 To Go Key Create 003
     
  7. Select OK

With the USB Disk in Pass thru mode I can now access it directly within the Virtual Machine. 

This could have also been accomplished via PowerShell with the following Cmdlets.

# Identify the USB key which is Greater than 20GB in size

$disk=(GET-DISk) | where { $-.Bustype -eq ‘USB’ -and $-.Size -ge 20GB -and -not $-.isboot }

# Bring the key offline on the Hyper-V Host (Windows 8.1 laptop)

$disk | Set-Disk –isoffline:$True

# Attach said disk to the Virtual machine named “EOT-WIN10-CTP”

$disk | Add-VmHardDiskDrive –vmname EOT-WIN10-CTP

 

Step 2: Partitioning the USB key

Next run the following PowerShell script to partition the key.    This comes courtesy of a Step by Step  article on Technet for creating the Windows To Go key directly without using the Wizard.   The script however is based upon the presumption that the attached disk in question in USB.  But Within the Virtual Machine it will appear as an ordinary disk. In light of this, the script below has been modified (shown in bold) to address this: 

#The following command will set $Disk to all USB drives with >20 GB of storage

$Disk = Get-Disk | Where-Object {$-.Size -gt 20Gb –and $-.Size –le 64GB –and -not $-.IsBoot }

#Clear the disk. This will delete any data on the disk. (and will fail if the disk is not yet initialized. If that happens, simply continue with ‘New-Partition…) Validate that this is the correct disk that you want to completely erase.

# To skip the confirmation prompt, append –confirm:$False

Clear-Disk –InputObject $Disk[0] -RemoveData

# This command initializes a new MBR disk

Initialize-Disk –InputObject $Disk[0] -PartitionStyle MBR

# This command creates a 350 MB system partition

$SystemPartition = New-Partition –InputObject $Disk[0] -Size (350MB) -IsActive

# This formats the volume with a FAT32 Filesystem

# To skip the confirmation dialog, append –Confirm:$False

Format-Volume -NewFileSystemLabel "UFD-System" -FileSystem FAT32 `

-Partition $SystemPartition

# This command creates the Windows volume using the maximum space available on the drive. The Windows To Go drive should not be used for other file storage.

$OSPartition = New-Partition –InputObject $Disk[0] -UseMaximumSize

Format-Volume -NewFileSystemLabel "UFD-Windows" -FileSystem NTFS `

-Partition $OSPartition

# This command assigns drive letters to the new drive, the drive letters chosen should not already be in use.

Set-Partition -InputObject $SystemPartition -NewDriveLetter "S"

Set-Partition -InputObject $OSPartition -NewDriveLetter "W"

# This command toggles the NODEFAULTDRIVELETTER flag on the partition which

prevents drive letters being assigned to either partition when inserted into a different machine.

Set-Partition -InputObject $OSPartition -NoDefaultDriveLetter $TRUE

 

From this point forward the script will work as designed WITHIN the Virtual machine and partition the key ready for the Windows To Go structure.

Note: If you are running this in a Virtual Machine which has disks OTHER than the Bootable C: drive and your Windows To Go key which are bigger than 20gb and smaller than 64gb you THEY WILL BE LOST.   PLEASE just run this inside a virtual machine you could consider a “throwaway” and not something critical to production

Step 3: Creating the Windows To Go key

Going forward as per the instructions from Technet we can run DISM to apply the image.   In the case of this Virtual machine, I have the Windows 10 TP mounted in the DVD drive and will be leveraging it’s WIM file to image this key.   The original document called for leveraging DISM.EXE

dism /apply-image /imagefile:D:\Sources\Install.wim /index:1 /applydir

But instead I’m going to use the PowerShell which does EXACTLY the same thing

Expand-WindowsImage –imagepath D:\Sources\Install.wim –index 1 –ApplyPath W:\

From this point (After some waiting time of the image dropping onto the key of course) we can run this command to make the key bootable

W:\Windows\System32\bcdboot W:\Windows /f ALL /s S:

Normally at this point you would apply the san-policy.xml file using this command in DISM. 

Dism.exe /Image:W:\ /Apply-Unattend:W:\san-policy.xml

Instead we’re going to jump ahead and just use the PowerShell Cmdlet instead (Does somebody out there smell a SINGLE PowerShell script we could use to do all of this now?)

Use-WindowsUnattend –unattendpath .\san-policy.xml –path W:\

Then of course the most critical piece, dropping in an Unattend.xml file to automate the startup of the Windows To Go environment

Copy-item .\Unattend.xml –destination W:\Windows\System32\Sysprep

Then let’s disconnect that Disk from the virtual Machine

Get-VM EOT-WIN10-CTP | Get-VmHarddiskDrive | Where { $-.DiskNumber } | Remove-VMHarddiskDrive

Remove the USB key from the machine and enjoy your new Windows to Go key on another host machine.