Abstract

This document discloses, in enabling detail, a fail-closed mechanism for unattended, fully-remote re-imaging of bare-metal servers whose primary disk already carries an operating system, controlled only through an out-of-band management controller that exposes no remote keystroke channel. A user-mode edit of the Windows Preinstallation Environment (WinPE) boot image injects a shell manifest (winpeshl.ini) and a launcher script that cleans the partition table of Disk 0 only before the OS installer runs, then parks the shell forever in a sleep loop because the installer entrypoint is a stub that returns before the operating system has been applied. The build step re-extracts the injected file to prove the patch actually landed, and refuses to ship stale or marker-less artifacts. Completion is decided not by mere reachability but by the remote OS build number and update revision equalling an expected value, which defeats the false-pass in which the un-wiped prior OS answers liveness probes. The novelty is the integrated fail-closed chain — inject, verify, single-disk clean, park, and build-gated completion — not the folklore act of "wiping a disk from WinPE." This publication is intended to establish enabling prior art dated 2026-07-03 that bars others from patenting the disclosed mechanism.

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.

Share

COinS