Many of my students asked how to create a "Windows VHD " in order to use the boot from VHD feature in Winows 7, after some searching, I found the following steps:
Windows 7 and Server 2008 R2 add the ability for an OS to be installed onto a virtual hard disk (VHD) file to boot physical hardware. To do this, perform the following steps:
- Boot from the Windows 7 or Server 2008 R2 media.
- Select language options and click Next.
- At the Install Now screen, press Shift and F10 simultaneously to open a command prompt window. You'll partition the disks and create your VHD file in this window.
- Select the disk and wipe all of its existing content using the following commands.
select disk 0
- Create a 200 MB system partition using the following commands. The Windows 7 and Server 2008 R2 installation procedures normally create this partition automatically.
create part primary size=200
format fs=ntfs label="System" quick
- Create a partition using the rest of the space on the disk. This partition will hold the VHD files. I call the partition Boot, but you can call whatever makes sense for you. Also, I've used the C drive, but when you boot to the VHD the drive letters will shift. If you assign a different letter, make sure to use the new letter in step 7.
create part primary
format fs=ntfs label="Boot" quick
- Create a VHD file on the C drive. In this example, I've created it as a 25 GB file that is an expandable disk. You can use "type=fixed" instead of "type=expandable" to create a fixed-size VHD. A fixed-size VHD will use space on the physical disk equal to its full size as soon as the VHD is created but will give better performance, so I recommend fixed-size disks for uses other than testing.
create vdisk file=c:\win7ult.vhd maximum=25000 type=expandable
select vdisk file=c:\win7ult.vhd
create partition primary
format fs=ntfs label="Win7Boot" quick
- You can now list your volumes with the command
An example list is shown here.
- Exit Diskpart and close the command prompt window by entering the "exit" twice.
- Proceed with the installation. When you're asked to select the installation target, choose the VHD partition you created. The installer will warn that you cannot install it on the partition, but you can ignore the warning.
Installation will now progress as usual. Once installation is finished, you can see that the VHD partition is now the C drive while the partition containing the VHD files is demoted down to the D drive, as shown here. If you look at the contents of the drives, you'll see D contains the VHD file and C, the content of the VHD, looks like a standard drive with a Windows installation. The 200 MB partition you created doesn't have a drive letter and is essentially invisible to the OS.
How to Apply Local Policies to all Users Except Administrators on Windows XP in a Workgroup Setting
This article describes how to apply local policies to all users, except administrators, on a Windows 2000-based computer that is in a workgroup setting.
When you use either a Windows XP Professional-based or Windows XP Server-based computer in a workgroup setting (not a domain), you may need to implement local policies on that computer that can apply to all users of that computer, but not to administrators. This exception enables the administrator to have unlimited access and control of the computer, and to be able to restrict the users that can log on to that computer.
The Windows XP Professional-based computer or Windows XP-based member server must be in a workgroup setting for this procedure to work. In this situation the domain policies cannot overwrite the local policies because the domain policies do not exist. It is recommended to make backup copies of all the files that are edited.
To implement local policies to all users, except administrators:
1. Log on to the computer as an administrator.
2. Open your local security policy: Either click Start , click Run , and then type: gpedit.msc , or click Start , click Run , type: mmc , and then load the local security policy. If the removal of the run command is one of the policies that you want, it is recommended that you edit the policy by means of Microsoft Management Console (MMC), and then save the results as an icon. Then, the run command is not needed to reopen the policy. When the policy is open, expand User Configuration , expand Administrative , and then expand Templates .
3. Enable whatever policies you want (for example, Desktop for "Hide My Network Places" or "Hide Internet Explorer Icon on Desktop").
NOTE : Ensure that you select the correct policies, otherwise you may restrict the ability of the administrator to log on to the computer (and complete the necessary steps to configure the computer). It is recommended that you record what changes you have made (you can also use this information for step #10).
4. Close the Gpedit.msc Group Policy snap-in, or if you use MMC, save the console as an icon to make it accessible later, and then log off from the computer.
5. Log on to the computer as an administrator. You can observe in this logon session the policy changes that had been made earlier, as by default, the local policies apply to all users, which includes administrators.
6. Log off from the computer, and then log on to the computer as all of the other users for this computer for which you want these policies to apply to. The policies are implemented for all of these users as well as the administrator.
NOTE : Any user account that is not logged on to the computer at this step cannot have the policies implemented for that account.
7. Log on to the computer as an administrator.
8. Click Start , click Settings , click Control Panel , and then double-click Folder Options . Click the View tab, click the Show Hidden Files and Folders option, and then click OK so that you can view the Group Policy hidden folder. Or, you can access these settings if you open Windows Explorer, click Tools , and then click Folder Options .
9. Copy the Registry.pol file that is located in the %Systemroot%\System32\GroupPolicy\User\Registry.pol folder to a backup location (for example, a different hard disk, floppy disk, or folder).
10. Open your local policy again by using either the Gpedit.msc Group Policy snap-in or your MMC console icon, and then disable the exact features that had been disabled in the original policy that had been created for that computer.
11. Close your policy editor, and then take the backup Registry.pol file that had been copied in step #9 and copy it back into the %Systemroot%\System32\GroupPolicy\User folder. Copy the backup Registry.pol file over the new, existing, Registry.pol file that had been just created by disabling the same features. When you are prompted by the operating system as to whether you want to replace the existing file, click Yes .
12. Log off from the computer, and then log on to the computer as an administrator. You can observe that the changes that had been originally made are not implemented for you because you have logged on to the computer as an administrator.
13. Log off from the computer, and then log on to the computer as another user (or other users). You can observe that the changes that had been originally made are implemented for you because you have logged on to the computer as a user (not an administrator) to that computer .
14. Log on to the computer as an administrator to verify that the local policy does not affect you as the local administrator to that computer.
To reverse the process:
1. Log on to the computer as an administrator.
2. Click Start , click Settings , click Control Panel , and then double-click Folder Options . Click the View tab, click the Show Hidden Files and Folders option, and then click OK so that you can view the Group Policy hidden folder. Or, you can open Windows Explorer, click Tools , and then click Folder Options .
3. Either move, rename, or delete the Registry.pol file from the %Systemroot%\System32\GroupPolicy\User folder. Another default Registry.pol file is created by the Windows File Protection system after you log off from or restart the computer.
4. Open the local policy: Click Start , click Run , and then type: gpedit.msc , or click Start , click Run , type: mmc , and then load the local security policy. Then, set all of the items that are set to either "disable" or "enable" to "not configured" to reverse any policy changes that had been implemented to the Windows 2000 registry as specified by the Registry.pol file.
5. Log off from the computer as an administrator, and then log on the computer as an administrator.
6. Log off from the computer, and then log on the computer as all of the users on the local computer so that the changes can be reversed on their accounts as well.