Integrating Drivers and Registry Files into Custom Win10 22H2 Image

bamajon1974

New Member
New NTLite user here with a couple of questions about integrating drivers and registry files into a custom Win10 22H2 Image.

1. How does one integrate Intel Chipset, NVidia GameReady GeForce, Creative Labs SoundBlaster, Epson Scanner, Logitech Capture, and Windows Hello Drivers into a custom image? The drivers are exe files. I am guessing that I would need to extract or unpack the exe files and have NTLite scan for drivers in the extracted archive, correct? If so, what are the best way to extract the exe files?

2. How does one integrate reg files that make changes to HKey_Local_Machine Hive with trusted installer owner? Normally, after windows is installed, to make registry modifications to HKLM keys with TrustedInstaller owner, you have to change permissions to set Administrator or User as owner. Does this have to be done in Reg files added to NTLite? If so, how?

Thanks!
 
 
1. How does one integrate Intel Chipset, NVidia GameReady GeForce, Creative Labs SoundBlaster, Epson Scanner, Logitech Capture, and Windows Hello Drivers into a custom image? The drivers are exe files. I am guessing that I would need to extract or unpack the exe files and have NTLite scan for drivers in the extracted archive, correct? If so, what are the best way to extract the exe files?
Three methods of extracting driver INF files:
1. 7-Zip or innoextract
2. Some installers have (undocumented) command line flags for extracting to folder. Do a web search.
3. Install drivers on a target W10 or 11 system. Export driver files with "pnputil /export-driver * D:\Drivers"

When you import driver INF's using NTLite (or plain DISM), it only includes the minimum driver package. If you want the extra helper tools, you need to run the full installer in Post-Setup.

2. How does one integrate reg files that make changes to HKey_Local_Machine Hive with trusted installer owner? Normally, after windows is installed, to make registry modifications to HKLM keys with TrustedInstaller owner, you have to change permissions to set Administrator or User as owner. Does this have to be done in Reg files added to NTLite? If so, how?
Run PowerRun as TrustedInstaller user.
Open regedit when NTLite has the image loaded, the reg hive is mounted under path HKLM\NLTmp*

Change the key paths in your reg file to match the temporary hive's location.
 
Thank you for your help! I have a few follow-up questions/comments.

3. Install drivers on a target W10 or 11 system. Export driver files with "pnputil /export-driver * D:\Drivers"

This trick works perfectly to find the proper Creative Labs/Epson/Logitech Drivers. I think it is probably best to install the NVidia drivers after installation so the auxiliary programs can be installed.

The one thing I do want to extract and integrate into a Windows Image are the Intel Chipset drivers. Just to confirm, extract using the trick from this website (https://chefkochblog.wordpress.com/2018/02/08/howto-extract-intel-chipset-drivers/) or 7 zip, and then in NTLite, add directory containing drivers to the extracted archive, correct?

For the registry question, can you provide a little more details after loading the reg hive and finding HKLM\NLTmp*? I got that far. So in the reg file I want to slipstream, I change the HKLM\Software\Classes\CLSID\{GUID} to the corresponding HKLM\NLTmp* path? Do I need to change permissions of any keys?

Thanks!
 
I think there's miscommunication about the registry key stuff. Don't change any of the paths, just import your .reg files that contain registry keys into the menu section on the left called "Registry" in NTLite, and it will automatically apply permissions as needed when it integrates into the image.
 
Is that true for TrustedInstaller protected keys? NTLite has no TI privileges, it depends on DISM to call upon TrustedInstaller Service.
But that doesn't extend to the mounted reg hive keys.

Another solution might be offlinereg.exe, which treats the image's hive as a file, and doesn't care about permissions. UUP dump includes this in their script's bin folder.
 
Is that true for TrustedInstaller protected keys? NTLite has no TI privileges, it depends on DISM to call upon TrustedInstaller Service.
But that doesn't extend to the mounted reg hive keys.
I run ntlite through powerrun, this way the integration works here. would there be any problems using it that way?
I just noticed that some things in the interface change because that way I'm using the TI user but everything seems to work.
 
I don't doubt it works this way, but IMO it's better to avoid this behavior except when it's absolutely required. Otherwise when you run into a problem, it won't be clear if the root cause is NTLite or you ignoring the default permissions.

It's like disabling UAC. Very convenient for you, but it does create new problems with a few programs that don't expect it.
 
Some keys need to be modified in the image, because they have to take effect before the install's first reboot. The same change later on doesn't prevent a reg-protected service or driver from starting up.

Other keys don't exist until a first-time run creates them. If you try to pre-define the same keys, Windows gets very upset because it wants to be the one creating them from scratch. Sometimes you just have to experiment to find out.
 
Back
Top