deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/configuration/quick-machine-recovery/index.md
Paolo Matarazzo ac689d5d7e CSP
2025-03-26 16:47:18 -04:00

12 KiB
Raw Blame History

title, description, ms.topic, ms.date, ms.author, author, appliesto
title description ms.topic ms.date ms.author author appliesto
Quick Machine Recovery Learn about quick machine recovery and how to configure it with the RemoteRemediation configuration service provider (CSP). how-to 03/14/2025 paoloma paolomatarazzo
<a href="https://learn.microsoft.com/windows-insider/flight-hub" target="_blank">Windows Insider</a>

Quick machine recovery

[!INCLUDE insider-note]

Quick machine recovery is a feature that enables the recovery of Windows devices when they encounter critical errors that prevent them from booting. This feature can automatically search for remediations in the cloud and recover from widespread boot failures, significantly reducing the burden on IT administrators when multiple devices are affected.

Building on the foundation of Startup Repair, quick machine recovery uses a secure and connected Windows Recovery Environment to scan Windows Update for remediation options. This allows devices to be recovered without requiring manual intervention.

How it works

There are two main settings of quick machine recovery: cloud remediation and auto remediation.

Cloud remediation

:::row::: :::column span="3"::: Cloud remediation is the process of using Windows Update to find remediations and fix issues on devices:

  • When enabled, devices connect to the network and utilize Windows Update during recovery scenarios
  • When disabled, Windows uses Statup Repair as a local recovery option :::column-end::: :::column span="1"::: :::image type="content" source="images/quick-machine-recovery-network.png" alt-text="Screnshot of quick machine recovery boot while attempting to connect to the network." border = "false" lightbox="images/quick-machine-recovery-network.png"::: :::column-end::: :::row-end:::

Note

Quick machine recovery is a best-effort feature. It might not always be able to find a solution for every issue.

Auto remediation

:::row::: :::column span="3":::

Auto remediation allows you to automate the recovery process:

  • When enabled, the device connects automatically to Windows Update and tries to find a remediation. If a solution isn't found on the first attempt, the device retries without requiring manual intervention :::column-end::: :::column span="1"::: :::image type="content" source="images/auto-remediation.png" alt-text="Screnshot of the Windows Recovery Environment in the auto remediation screen, showing that the device retries to find a solution." border = "false" lightbox="images/auto-remediation.png"::: :::row-end::: :::row::: :::column span="3":::

  • When disabled or not configured, the device requires manual intervention to continue the recovery process

    :::column-end::: :::column span="1"::: :::image type="content" source="images/quick-machine-recovery-winre.png" alt-text="Screnshot of Windows Recovery Environment showing the quick machine recovery option." border = "false"lightbox="images/quick-machine-recovery-winre.png":::

:::row-end:::

Quick machine recovery process

Here are the phases of the quick machine recovery process:

  1. Device crash: When the device fails to boot repeatedly, the system automatically detects the issue and initiates the recovery process
  2. Boot to recovery: The device boots into the recovery environment to initiate the quick machine recovery process
  3. Network connection: After a network connection is established, the device scans Windows Update for remediations
  4. Remediation
    • If no solution is found, the system retries the process based on the configured retry scanning intervals and time-outs
    • If a solution is found, the system downloads and applies it
  5. Reboot: After a remediation is applied, the device reboots:
    • If the solution is successful, the device boots into Windows
    • If the solution fails, the device reboots into the recovery environment again and the process repeats from step 2

:::image type="content" source="images/diagram.png" alt-text="Quick machine recovery diagram showing the five phases of recovery." border="false" lightbox="images/diagram.png":::

Configuration

Cloud remediation is enabled by default on Windows Home edition devices, while auto remediation is turned off by default. For Windows Pro and Enterprise editions, both cloud remediation and auto remediation are disabled by default. Organizations can decide the best configuration for their devices based on their specific needs.

The configuration options consist of:

  • Enable or disable cloud remediation
  • Enable or disable auto remediation
  • Configure auto remediation scanning intervals and time-outs to optimize remediation triggers
  • Configure network connections to ensure smooth recovery workflows

    Important

    Currently, only wired and WPA/WPA2 password-based Wi-Fi networks are supported. Ensure your network uses this configuration for compatibility.

[!INCLUDE tab-intro]

:::image type="icon" source="../images/icons/cmd.svg"::: Command prompt

To configure quick machine recovery using the command line, you must create an XML file with the desired settings and then use the reagentc.exe command to apply those settings.

Use the following command to apply the settings:

reagentc.exe /setrecoverysettings /path settings.xml

Where settings.xml is the path to the XML file containing the quick machine recovery configuration.

XML file example

The following XML file example configures quick machine recovery with the following settings:

  • The Wi-Fi network has an SSID ContosoWiFi and a password ContosoWiFiPassword
  • Cloud remediation is enabled (state="1")
  • Auto remediation is enabled (state="1")
    • The totalwaittime is set to 2,400 minutes (40 hours) and the waitinterval is set to 120 minutes (2 hours). Once configured, the system waits for 40 hours before rebooting, and it checks for remediation every 2 hours
<?xml version='1.0' encoding='utf-8'?>

<WindowsRE>
    <WifiCredential>
        <Wifi ssid="ContosoWiFi" password="ContosoWiFiPassword" />
    </WifiCredential>
    <CloudRemediation state="1" />
    <AutoRemediation state="1" totalwaittime="2400" waitinterval="120"/>
</WindowsRE>

Remove recovery settings

To remove the configured recovery settings, run the following command from an elevated command prompt:

reagentc.exe /clearrecoverysettings

:::image type="icon" source="../images/icons/intune.svg" border="false"::: Intune/CSP

You can configure devices using a custom policy with the RemoteRemediation CSP.

Cloud remediation configuration

Enable or disable cloud remediation using the following settings:

Setting
- OMA-URI: ./Device/Vendor/MSFT/RemoteRemediation/CloudRemediationSettings/EnableCloudRemediation
- Data type: Boolean
- Value: True
- Description: When set to True, cloud remediation is enabled.

Auto remediation configuration

Configure the following settings to customize the auto remediation experience:

Setting
- OMA-URI: ./Device/Vendor/MSFT/RemoteRemediation/CloudRemediationSettings/AutoRemediationSettings/EnableAutoRemediation
- Data type: Boolean
- Value: True
- Description: When set to True, auto remediation is enabled.
- OMA-URI: ./Device/Vendor/MSFT/RemoteRemediation/CloudRemediationSettings/AutoRemediationSettings/SetTimeToReboot
- Data type: Integer
- Value: 1-4320 (default = 180)
- Description: Configure the time to reboot (in minutes) during auto remediation. The maximum time to reboot possible is 72 hours.
- OMA-URI: ./Device/Vendor/MSFT/RemoteRemediation/CloudRemediationSettings/AutoRemediationSettings/SetRetryInterval
- Data type: Integer
- Value: 1-4320 (default = 30)
- Description: Configure the retry interval (in minutes) during auto remediation. The retry interval shouldn't be higher than the time to reboot.

Wi-Fi network connection configuration

To configure the Wi-Fi network connection used during recovery, use the following settings:

Setting
- OMA-URI: ./Device/Vendor/MSFT/RemoteRemediation/CloudRemediationSettings/NetworkSettings/NetworkCredentials/NetworkSSID
- Data type: string
- Value: Wi-Fi network Service Set Identifier (SSID)
- OMA-URI: ./Device/Vendor/MSFT/RemoteRemediation/CloudRemediationSettings/NetworkSettings/NetworkCredentials/NetworkPassword
- Data type: string
- Value: Wi-Fi network password
- OMA-URI: ./Device/Vendor/MSFT/RemoteRemediation/CloudRemediationSettings/NetworkSettings/NetworkCredentials/NetworkPasswordEncryptionType
- Data type: Integer
- Value: 0 = The password isn't encrypted; 1 = The password is encrypted with the MDM certificate, 2 = The password is encrypted with custom certificate. When this value is used, you must also specify the custom store name in the NetworkPasswordEncryptionStore node.
- OMA-URI: ./Device/Vendor/MSFT/RemoteRemediation/CloudRemediationSettings/NetworkSettings/NetworkCredentials/NetworkPasswordEncryptionStore
- Data type: string
- Value: When a value of 2 is contained in NetworkPasswordEncryptionType, specify the store name where the certificate for decrypting the Network Password is stored.

Verify Recovery Settings

To check the configured recovery settings, run the following command from an elevated command prompt:

reagentc.exe /getrecoverysettings

Output example:

C:\>reagentc.exe /getrecoverysettings
<?xml version='1.0' encoding='utf-8'?>

<WindowsRE>
    <WifiCredential>
        <Wifi ssid="ContosoWiFi" password="ContosoWiFiPassword" />
    </WifiCredential>
    <CloudRemediation state="1" />
    <AutoRemediation state="1" totalwaittime="2400" waitinterval="120"/>
</WindowsRE>

REAGENTC.EXE: Operation Successful.

Test mode

:::row::: :::column span="3"::: Quick machine recovery offers a test mode, providing a controlled, simulated environment for you to validate your configurations and the auto remediation process without triggering an actual system failure. Test mode allows you to verify that the recovery experience functions as expected before deployment to production systems. :::column-end::: :::column span="1"::: :::image type="content" source="images/quick-machine-recovery-test-mode.png" alt-text="Screenshot of the Windows boot screen where quick machine recovery is attempting to connect to the network." border="false" lightbox="images/quick-machine-recovery-test-mode.png"::: :::column-end::: :::row-end:::

To simulate the quick machine recovery experience, use the following commands from an elevated command prompt:

  1. Enable test mode: 
    reagentc.exe /SetRecoveryTestmode
  2. Configure Windows to boot to Windows Recovery Environment on the next boot: 
    reagentc.exe /BootToRe
  3. Reboot your device. The system goes through autoremediation of a simulated crash and reboots back to Windows

:::image type="icon" source="../images/icons/feedback.svg" border="false"::: Provide feedback

To provide feedback for quick machine recovery, open Feedback Hub and use the category Recovery and Uninstall > Quick Machine Recovery.