Modern Disaster Recovery with WinPE and DaRT

The original version of this lesson covered Remote Installation Services CD-based images — flat-file copies of Windows 2000 installation media hosted on a RIS server and deployed over the network. That technology was retired when Windows Deployment Services replaced RIS, and WDS itself has moved away from CD-based image support entirely. WDS operated in a transitional mode that supported both formats briefly, then shifted to WIM-only operation from the Windows Server 2008 R2 and 2012 era onward.

On Windows Server 2025, even the traditional WIM-based WDS deployment workflow is restricted. Using boot.wim copied directly from Windows Server 2025, Windows Server 2022, or Windows 11 installation media as a WDS boot image is blocked — administrators who attempt this workflow see a deprecation notice. This does not mean that alternate recovery media has been prohibited. The restriction applies specifically to the WDS installation-media deployment workflow. Custom WinPE images, bare-metal recovery, and PXE-booted recovery environments remain fully supported on Windows Server 2025.

The supported replacement for legacy CD-based recovery images is a customized Windows Preinstallation Environment (WinPE) image, built using the Windows Assessment and Deployment Kit (ADK) and its WinPE add-on.

WinPE is a lightweight, bootable Windows environment designed as a platform for maintenance and recovery operations — not a full operating system. It boots quickly, exposes the Windows driver model, and provides a command environment from which administrators can perform the operations required to recover a failed server. From a WinPE environment, an administrator can:

• Partition and format disks using DiskPart or PowerShell
• Load storage, network, RAID, Fibre Channel, and vendor-specific drivers
• Access network shares and backup repositories
• Apply or capture Windows images using DISM (Deployment Image Servicing and Management)
• Repair the boot environment using BCDBoot and other boot-repair utilities
• Launch a backup vendor's recovery agent to restore from a proprietary backup format
• Execute PowerShell scripts and custom diagnostic utilities

A WinPE image built from the ADK contains only the minimum components needed to boot. For enterprise disaster recovery, the image must be customized before it is useful in production. The customization process uses the ADK's Deployment and Imaging Tools Environment to mount the WinPE WIM file, inject components, and commit the changes.

Components commonly added to a recovery WinPE image include:

• Hardware drivers — storage controllers (RAID, NVMe, SAS), network adapters, Fibre Channel HBAs, and any vendor-specific drivers required to see the server's disks and network interfaces from the recovery environment
• PowerShell — the scripting engine and its dependencies, enabling complex recovery scripts to run within WinPE
• Backup agent executables — vendor-supplied recovery clients that can connect to backup repositories and restore data
• DISM utilities — for applying captured Windows images to target partitions
• Certificates — PKI certificates required to authenticate the WinPE environment to secure backup repositories or internal network services
• Diagnostic and hardware-testing tools — memory testers, disk health utilities, and vendor-supplied hardware diagnostics
• Recovery scripts — automation tailored to the organization's backup platform, disk layout conventions, and recovery runbook

After customization, the image is exported as either an ISO file for media-based delivery or a WIM file for network-based delivery.

A customized WinPE recovery environment can reach a failed server through several delivery methods. Maintaining more than one delivery method is strongly recommended — a recovery design that depends entirely on network infrastructure can fail when the network is itself part of the disaster.

Delivery Method	When to Use
USB flash drive	Local physical access available; fast and reliable; does not depend on network
ISO via remote management controller	Remote recovery without physical access; mount through iDRAC, iLO, Hyper-V console, VMware, or cloud management portal
PXE boot via WDS Transport Server	Network-wide standardized recovery environment; WDS loads the custom WinPE WIM using its supported PXE transport role — not the deprecated end-to-end deployment workflow
Microsoft Configuration Manager	Environments with MECM infrastructure; MECM's native PXE responder loads the custom boot image without requiring a separate WDS installation
Optical media (CD/DVD)	Legacy hardware or isolated environments without USB or network boot capability

WinPE is a boot environment, not a backup system. It provides the tools and drivers needed to perform a recovery — but it must be paired with a backup that contains the data to restore. Three recovery mechanisms typically work together in a complete disaster-recovery design:

• WinPE recovery media — the bootable maintenance environment with drivers and tools
• Bare-metal backup — a backup of the OS volumes and configuration captured for full server restoration
• Windows Recovery Environment (WinRE) — the built-in repair and recovery functions available on an installed Windows system

Microsoft-Native Bare-Metal Recovery Options

• Windows Server Backup — creates a Bare Metal Recovery backup containing all critical volumes required to restore the operating system. Microsoft recommends BMR backups for scenarios such as Active Directory forest recovery because the backup can be restored to replacement hardware of a different configuration.
• System Center Data Protection Manager (DPM) — provides system-state and bare-metal protection with centralized management across multiple servers.
• Microsoft Azure Backup Server (MABS) — extends DPM capabilities with Azure-integrated backup retention and offsite protection.

Example Recovery Sequence

1. Boot the failed server from customized WinPE media (USB, ISO mount, or PXE)
2. Load storage and network drivers for the server's hardware
3. Connect to the backup repository — a network share, cloud storage, or tape library
4. Apply the bare-metal backup to the target disk using DISM or the backup vendor's restore agent
5. Reconstruct the boot environment using BCDBoot to write the boot record and BCD store
6. Reboot from the restored OS and verify application and service availability

Windows Deployment Services remains installable on Windows Server 2025 and continues to serve as a PXE transport provider for booting custom WinPE recovery images over the network. This is its primary supported role in the current release. Administrators should not import boot.wim directly from installation media and expect a supported WDS end-to-end deployment workflow for Windows Server 2025, 2022, or Windows 11.

The supported PXE recovery workflow using WDS is:

1. Build a custom WinPE image using the ADK with required drivers and tools
2. Add the custom WinPE WIM to WDS as a boot image through the WDS console
3. Configure WDS to serve the image via PXE to target hardware
4. Boot the server into WinPE — WDS's role ends at PXE boot; the WinPE environment handles all recovery operations

Organizations that require full OS deployment infrastructure should use Microsoft Endpoint Configuration Manager (MECM). Its native PXE responder — enabled by selecting "Enable a PXE responder without Windows Deployment Service" in the distribution point properties — removes the WDS dependency entirely while providing a supported path for deploying Windows Server 2025.

Note on MDT: Microsoft retired the Microsoft Deployment Toolkit in 2026. MDT is no longer receiving updates and is not supported for Windows 11 or Windows Server 2025. It should not be recommended as a current deployment or recovery path. Configuration Manager, custom WinPE media, Windows Server Backup, DPM, and Azure Backup Server are the appropriate current references.

The Microsoft Diagnostics and Recovery Toolset is a Microsoft Desktop Optimization Pack (MDOP) product that builds recovery ISO and WIM images on top of Windows Recovery Environment. DaRT adds specialized diagnostic and repair tools to WinRE that go beyond what Windows provides by default:

• Crash Analyzer — examines memory dump files to identify the driver or component that caused a system crash
• Registry Editor — accessible from the recovery environment to repair registry corruption without booting the installed OS
• File Restore — recovers deleted files from NTFS volumes
• Lockout Tool — resets local account passwords and unlocks accounts when normal login is not possible
• Disk Commander — repairs partition tables and volume structures
• TCP/IP connectivity — provides network access from within the DaRT recovery environment for remote diagnostics and file transfers

Important qualification for Windows Server 2025: DaRT 10 documentation and its supported-configuration matrix are from the Windows 10-era Microsoft Desktop Optimization Pack. DaRT 10 should not be presented as a fully verified Windows Server 2025 disaster-recovery platform without confirming current licensing availability through MDOP, supported operating system configurations for Server 2025, and active Microsoft support status. For Windows Server 2025 disaster recovery, customized WinPE, Windows Server Backup, and enterprise backup software are the primary recommendations. DaRT remains a useful supplemental tool in Windows client recovery scenarios where its support status has been confirmed.

A recovery image created once and stored indefinitely will not be ready when a disaster occurs. Recovery media must be treated as a living operational asset with its own maintenance schedule. Administrators should establish procedures to:

• Update the WinPE image with current ADK security and servicing updates on a defined schedule
• Inject updated drivers when server hardware is refreshed or new storage controllers are deployed
• Test UEFI and Secure Boot compatibility for each server model in the environment
• Store BitLocker recovery keys in a location that is accessible independently from the affected server — ideally in Active Directory or a dedicated secrets management system
• Confirm that the WinPE environment can authenticate to backup repositories using current credentials and valid certificates
• Test recovery from an isolated network segment to verify that the process works without production infrastructure
• Maintain offline or immutable backup copies that ransomware or a compromised administrator account cannot reach or delete
• Document disk layouts, firmware versions, storage controller configuration, RAID group membership, and the exact recovery command sequence for each server role
• Perform periodic bare-metal restoration tests on isolated hardware — a successful backup log confirms that data was written, not that it can be restored