142 - Automated UEFI-Windows Restore using CloneZilla
This tutorial is the equivalent of Tutorial 89 but it is for Windows 7 (64-bit) and Windows 8/10 (32-bit and 64-bit) UEFI Windows systems which use GPT partitioning.
We can backup or restore Windows with just the press of a key!
The backup is kept on the same system, no external drive is required.
We will add two new GPT partitions to the Windows internal hard disk:
300MB FAT32 - Clonezilla
(large) NTFS - Volume to store backup image(s)
We will then use EasyUEFI or BootIce to set the UEFI Firmware Non-Volatile RAM (NVRAM) BIOS setting to boot to the grub2 Clonezilla menu before booting to Windows.
As well as booting via the grub2 menu, you will still be able to boot directly to Windows using your BIOS firmware boot selection menu.
Note: The current scripts search disk 0 1 and 2 only for the backup folder (marked by backup.tag) and assume C: is the Windows drive to be backed up which is device sda under CloneZilla.
Note that Secure Boot must be disabled in the system's BIOS options.
I have not tested this on a BitLocker-encrypted Windows volume. I believe CloneZilla uses dd on such volumes and so would require a backup volume that is at least as large as the Windows volume. The auto-restore function will not work if grub2 cannot access the C: drive, so you will need to use an alternative method if drive C: is encrypted (see notes at bottom).
Note that filenames and folder names are case-sensitive under grub2 - follow the Tutorial carefully!
You can modify the boot menu to password-protect some menu entries and you can change the grub2 menu heading too.
For non-English users, you can edit the grub.cfg file menu entries (but do not change the line set lang=eng).
A restore of an 18GB freshly-installed x64 UEFI Windows 10 system (SSD) takes about 5 minutes.
You must disable Secure Boot in the BIOS settings before you begin.
1. First use the Windows Disk Management to shrink the current partition and create two new GPT partitions (Windows key+R - diskmgmt.msc):
300MB FAT32 - Name=Clonezilla
(large) NTFS - Name=Backup - Volume to store backup image(s)
The actual volume names are not important and can be changed to your own language.
The large Backup volume needs to be big enough to store a compressed image of your Windows partition.
e.g. To store all files from a minimal Windows 18GB volume (excluding pagefile) we need approx 10GB of space.
As a rough rule, to store just 1 backup image, the Backup partition should be 2/3 of the total Windows files excluding the \pagefile.sys file (e.g. Windows = 300GB of files, Backup volume size = 180GB)
If you want to store several different backups, you will obviously need a lot more space for the backup volume.
Tip: Create another NTFS partition called 'Files' and use this volume to store any files that you do not need to be backed up with the Windows OS.
For instance, any files which you have downloaded from the Internet or which also exist elsewhere (on another device or in the 'Cloud') do not need to be backed up with the Windows OS image.
2. Create a file called backup.tag in the root of the Backup volume and create a new Folder called images (lower case).
NOTE: make sure it is not called backup.tag.txt by setting Explorer to show File Extensions!
3. Download the latest stable CloneZilla .zip file.
Extract the \live and \EFI folders directly to the root of the Clonezilla volume
4. Download and extract the contents of the .zip file at the bottom of this page to the (Clonezilla volume) \EFI\boot folder.
grub.cfg is overwritten with the grub.cfg file in the download.
I have also included a rmprep.png wallpaper file which should also be placed in the same \EFI\boot folder.
Copy the three folders (locales, x86_64-efi and i386-efi) folder to the \EFI\boot folder:
New files/folders added should now be:
The three _Autoxxxxxxxx.cmd files can be copied or moved to any convenient folder (e.g. Windows Desktop or the Backup or CloneZilla volumes)
They are only required if you want to run an unattended backup or unattended restore from Windows.
5. We need to modify the BIOS\Firmware Non-Volatile RAM so that it boots to grub2 first instead of the Windows Boot manager file....
5.1 Download and run BootIce... (no need to install)
BootIce - UEFI - Add - (Clonezilla)\EFI\boot\bootx64.efi or bootia32.efi - (rename menu title to Clonezilla) - Save current boot entry
Ensure Clonezilla entry is at top of list using Up button.
- OR -
5.2 Download EasyUEFI (free) and run it to install it.
Use these options to add a new default UEFI boot option.
The NVRAM in the system (the same memory that holds the UEFI firmware and BIOS Settings) is programmed.
It will add a new entry and change the BIOS boot order of your system.
Manage EFI Boot Option -
Create a new entry - (click on Clonezilla partition which should turn red if it is FAT32) -
Type=Linux or other OS -
File path=\EFI\boot\bootx64.efi (or bootia32.efi if a 32-bit UEFI system)
IMPORTANT: Ensure that the new Clonezilla entry is the TOP entry (use the green arrow to move it up)
6. Now test by rebooting.
You should find that the grub2 menu now appears with Windows as the default boot entry. Check it boots to Windows OK.
Note: If you use the BIOS Boot Selection Menu of your UEFI (e.g. press F10 or F12 or F2 or whatever), you should see a choice to boot Clonezilla or Windows Bootmgr (bootmgfw.efi).
If there is any problem with booting to Clonezilla and the grub2 menu, you can always use the BIOS Boot menu to boot to Windows.
eMMC/NVME and other types of drive
The grub.cfg menu assumes that your boot drive is a standard sata hard disk (/dev/sda). If your boot drive is a solid-state nvme drive (e.g. M.2) then you will need to change all occurrences of sda to nvme0n1p in the menu.
If you are unsure of the drive name or see an ERROR message, use the standard Clonezilla menu to find out what the device name is used for your hard drive 0.
Make a backup
(the menu heading will be changed if you add the locales\en.mo file)
Check that the device names (sda4 and sda5) are correct for your system.
The Clonezilla menu options are:
[W] Boot to Windows
[A] Auto-Restore Windows from backup file
[R] Restore Backup Image
[Z] Auto-Backup Windows
[N] Create New Backup Image
Most people will want just one backup image so they can restore it in case of emergency, so just press Z.
This will automatically make a backup called IMG to the \images\IMG folder on the Backup volume.
The user can restore it simply by booting to the Clonezilla menu and pressing A.
The R and N options will create/restore more backups.
The A option is fully automated with no user prompts. If you prefer more control, use the R menu entry (user will be prompted to choose a backup file).
You can edit the \EFI\grub\grub.cfg menu and delete any menu entries you do not want.
If it does not boot to the Clonezilla grub2 menu, check the EasyUEFI/BootIce settings again (tip: BootIce is actually easier to use).
If it fails to boot to either the Clonezilla grub2 menu or Windows, use the BIOS Setup menu to set the first boot option as Windows\bootmgfw.efi - boot to Windows and try again!
For VMs (and possibly some real UEFI-systems) you may not be able to boot to the Clonezilla menu - in this case, you will need to do this:
1. Run an Administrator Command shell
2. Type cmd to get to a cmd shell (in case you are running Powershell)
3. Type mountvol S: /s to mount the EFI volume as drive S:
4. Copy (Clonezilla) \EFI\grub\*.EFI to S:\EFI\boot folder
5. Create a S:\EFI\boot\grub.cfg file and add this text:
search --set -f /live/vmlinuz
(I have not tested this! Let me know if it doesn't work!)
The menu entries should indicate which drive it will back up (e.g. sda4) and which drive will be used to store the backups (e.g. sda5).
If either of these are missing, then check the \backup.tag file and that C:\Windows\Explorer.exe is present (your OS folder should be \Windows) and that only one volume with this file exists.
Ensure you have downloaded the current standard stable release of CloneZilla (do not use older 'UEFI' versions as they are not complete and do not detect NTFS volumes!).
If the $WDRV and $BAKDRV names are not correct, you may see a 'BOOT FAILED' message:
Check the device names (e.g. /dev/sda) are correct if you see this message when running a script!
If your Windows drive is not sda under CloneZilla, you will have to modify the grub.cfg menu (replace all occurrences of sda with the correct device name).
sda$BAKDRV is the backup drive and sda$WDRV is the Windows OS volume to image. If you want the \images folder on a different drive, change the sda$BAKDRV reference.
Sometimes, the BIOS setup utility will clear the CloneZilla UEFI BIOS boot entry or another UEFI tool may clear it.
It that case you will have to add it back in again!
Configuring the Clonezilla menu
The grub.cfg file contains helpful info and URLs
You may want to change the keyboard layout or locale (language).
To prevent unattended operation add -c to the RUN1 parameters.
Note that if you add a parameter which requires double-quotes, you must precede each double-quote with a backslash \ symbol.
Wallpaper and text colours
You can change the 800x600 rmprep.png file if you wish to change the menu wallpaper.
UEFI usually uses 1024x768 screen resolution by default so you can use a 800x600 or 1024x768 .png file
if you have a .jpg, convert to .png format (save using MS Paint).
grub.cfg (current menu)
This menu will use the first colour scheme if the wallpaper file is successfully loaded, and the second scheme if it was not successfully loaded.
Use a black background for transparency to see the wallpaper beneath.
Note American spelling of color and gray.
File names/Folder names are case sensitive under grub2.
Before taking a backup - 'clean' Drive C to remove any junk (C: - right-click - Properties - Disk Cleanup - Clean up System Files)
You can hide the Clonezilla volume and Backup volume from the user completely by using Diskpart:
(Admin cmd prompt) >
sel vol X (where X is desired volume)
ATT VOL SET HIDDEN
sel vol Y (where Y is desired volume)
ATT VOL SET HIDDEN
To unhide use ATT VOL CLEAR HIDDEN
Note that if you hide the Backup volume, the _Autoxxxx.cmd scripts will not work because the volume will not have a drive letter.
If you set the System attribute on the IMG folder, it will not be visible in Explorer - use this command in an Admin cmd shell - attrib d:\images +h +s /d /s
To list the drives seen by grub2, press 'C' in the Clonezilla menu and type
to list the drives in the system. Then try listing folders, e.g.
To suppress the menu text but still show the wallpaper, add the line to grub.cfg:
To suppress the menu but show a countdown on the wallpaper, use:
If this option is set to ‘countdown’ or ‘hidden’, then, before displaying the menu, grub2 will wait for the timeout set by timeout to expire. If ESC is pressed during that time, it will display the menu and wait for input. If a hotkey associated with a menu entry is pressed, it will boot the associated menu entry immediately. If the timeout expires before either of these happens, it will boot the default entry. In the ‘countdown’ case, it will show a one-line indication of the remaining time.
Change the timeout value to vary the length of time the wallpaper is displayed.
To prevent unauthorised access (or accidental access if the user presses 'c' or 'e') set a password (in grub.cfg file) by uncommenting the lines and editing:
#prevent user from editing or reaching console by setting superuser (use set superuser= to prevent anyone from reaching console)
set superusers="easy2boot root"
password easy2boot easy2boot
password root root
password doris passwd
With the above settings, to get access to the grub2 console (superusers only), press C and then enter a username of root and a password of root.
I have added --unrestricted to all the menu entries to allow any menu entry to be used without needing a password.
Change this to --users "" for any entry you want to allow superuser access only or --users "doris" if a password has been set for non-superuser doris. (e.g.add line password doris passwd to the password section)
Example - only root can run clonezilla menu:
Automatic Unattended Backup and Restore
The three Windows .cmd scripts can be used to ensure that on the next reboot, an unattended backup or restore operation will take place.
This means you can use TeamViewer to remotely restore the users system (see Tutorial 89 for more details).
The three files provided can be copied to any folder (or the Desktop) and must be run with Administrator rights:
Two 'tag' files are used in the C: root folder:
_AutoBackup (run as admin).cmd - deletes the current IMG image backup and writes C:\autobackup.tag
_AutoRestore (run as admin).cmd - writes C:\autorestore.tag
_CancelAutoCmd (run as admin).cmd - cancels any previously set backup or restore operation by deleting the .tag files - you should always run this after backup or restore has successfully completed
The logic in the grub.cfg menu works like this:
IF IMG exists and C:\autorestore.tag exists - the Restore menu will be selected and a 10 second timeout set
IF IMG does NOT exist and C:\autobackup.tag exists - the Backup menu will be selected and a 10 second timeout set
Note that if a restore is unsuccessful, the operation may loop infinitely (but you have 10 seconds to stop it).
Also, CloneZilla may not reboot on failure!
You could duplicate the menus and code to have a USER backup as well as a IMG backup image if you wish, but I'll leave this up to you!
If you set a timeout value of 0, it will always immediately boot to Windows (unless you use the _Autoxxxxx.cmd scripts to start an operation).
Change the grub2 menu heading
The grub2 heading is determined by the \EFI\boot\locale\en.mo language file
You can use a hex editor to modify the bytes in the en.mo file - OR -
You can use Easy2Boot to modify the file as follows:
1. Make a text file \_ISO\MAINMENU\PATCHENMO.mnu
Change the 2nd line to whatever heading you want - note that \ must be written as \\
2. Copy the en.mo file to the root of the E2B USB drive
3. Boot to E2B (use a real system or VBOX_VMUB - do NOT use the TEST_QEMU.cmd script or VBox alone or the changes will not be permanent)
Select the Patch EN.MO file menu entry to patch the file.
4. Copy the \en.mo file to replace the one in the Clonezilla folder.
Note: the grub2 lang variable must be set to eng so that eng.mo is used. This is already done in the grub.cfg file.
BitLocker encrypted drive C:
If drive C: is encrypted you will have to use a saved environment variable for the auto-restore function.
Files cannot be stored on the encrypted C: drive because they are not accessible from grub2.
The new algorithm is:
if exist IMG backup file and if grubenv contains the variable RESTORE=1 then restore the IMG image.
To start an auto-restore, windows copies grubenv.rst to grubenv in the \boot\grub folder.
We then use in the grub.cfg file:
to obtain the RESTORE variable value (if grubenv exists)
and then use
to start the autorestore the file _AutoRestore (run as admin).cmd should be edited to replace the lines...
For the auto-backup function, instead of C:\autobackup.tag , the tag file can be kept on the same partition as clonezilla and grub2.
To use grubenv, you will need to add the 3 different loadenv.mod files (obtain them from loadenv_modules.zip file below or copy them from a Ubuntu ISO):
and then add the line
to the top of the grub.cfg file.