Do you know what a System Administrator fears the most when it comes to Windows Server 2003? The infamous Blue Screen of Death (BSoD). An appropriate name. But, there is something worse. You ask, 'what could be worse than the infamous BSoD?

Windows could not start becuase the following file is missing or corrupt:
[windows_root]\system32\ntoskrnl.exe.  Please reinstall a copy of the above file.

Okay, something missing? Well, that's a job for Windows Recovery Console (WRC)! Okay, just pop in your CD, press the key to boot to it... and press 'r' when prompted... okay, now what I have to do is type a specific code, to copy the file from the CD over to the System32 folder. Since the file stored on the server is in the i386 folder, it is non-executable (extension is *.ex_ - if you don't understand this, don't worry about it, it's not important). Therefore the 'copy' command is useless.


You need to use 'expand'.


Thus:

expand [CD]\i386\ntoskrnl.ex_ [System]\windows\system32

In my case:

expand d:\i386\ntoskrnl.ex_ c:\windows\system32

Then press enter.

Access is Denied

WHAT? (I shouted to the heavens) That cannot be true, for I am Admin, god of the server! How is it possible? So, I pressed the 'up' arrow on the keyboard, tried to enter the command again.

Access is Denied

Then I typed 'set'. This is what I saw:

AllowWildCards = FALSE
AllowAllPaths = FALSE
AllowRemovableMedia = FALSE
NoCopyPrompt = FALSE

On different versions of Windows, this command does different things. On Windows Server 2003, it lists a bunch of settings that is created in the group policy editor in the Windows environment. What that means is that unless you have access to the system, you cannot change these settings. Which means, if you system is corrupt, as it was for me, you cannot do anything about it. As you can see, 'AllowAllPaths = FALSE'. that means that the path to Windows/System32 is not allowed, which means, even as Administrator, I cannot have access to this folder. So, I cannot fix the problem with the simple 'expand' key, which would have fixed it by the time you stopped reading this paragraph.

----------End Example------------

But noooooooooooooo. Windows wants to make it difficult.


What I had to do was restore from a backup, but if I had done proper preparations, then this would have been solved in about 2 minutes! So, to prevent you from suffering my gruesome fate, follow these easy steps.


In order to prevent this absurdity, you must set these properties to be true while your Windows 2003 is running. This setting should be ENABLED by default, not the other way around. Why would they disable such a vital and important command! It's ridiculous! I understand that it's about security, but a malicious user would need to be physically on your machine, and then there are numerous other ways to bypass a system than using the WRC! Stupid, stupid, stupid.


So, this is what you have to do.

1. Go to: Start > Run > Type 'gpedit.msc'
2. In the left-pane, expand 'Local Computer Policy'
• click on the small + button to expand the menus
3. Expand 'Computer Configuration'
4. Expand 'Windows Settings'
5. Expand 'Security Settings'
6. Expand 'Local Policies'
7. Select 'Security Options' on the left
8. On the right, double click the entry 'Recovery Console'
9. Select 'Allow Floppy Copy And Access To All Drives And All Folders'
10. Click OK