Windows 7 SCCM Deploy
Some quick notes on what I did to get the SCCM client from a USB stick to quickly network boot and automate the manual clicking crap...
Contents
Files
Copy these 4 files (from the USB SCCM client deployment stick [this is what I was provided with as source]). I lower-cased these, except BCD.
wimboot comes from http://ipxe.org/howto/sccm
├── BCD ├── bootmgr ├── boot.sdi ├── boot.wim └── wimboot -rw-r--r-- 1 xxxx xxxx 16384 Jul 27 17:44 BCD -rw-r--r-- 1 xxxx xxxx 383562 Jul 14 2009 bootmgr -rw-r--r-- 1 xxxx xxxx 3170304 Jun 10 2009 boot.sdi -rw-r--r-- 1 xxxx xxxx 179937121 Aug 4 14:19 boot.wim -rwxr-xr-x 1 xxxx xxxx 34576 Dec 8 2014 wimboot
Extracting from ISO
7z seems to work on most and bsdtar on some types of ISO
7z x W10_Deploy.iso -o/tmp/W10 #or bsdtar xf W10_Deploy.iso -C /tmp/W10
Install wimtools
- Adding in Ubuntu 14.04.2, nothing newer (15.xx) has repo at the time of writing for it.
sudo add-apt-repository ppa:nilarimogard/webupd8 sudo apt-get update sudo apt-get install wimtools
Mount boot.wim
This mounts into a /tmp/a
mkdir /tmp/a wimmountrw /path/to/boot.wim /tmp/a
File changes
(If you want to do it the VB way then follow the iPXE sccm guide else do this just using a batch file.)
1a) Copy the root /sms folder off the USB stick to /tmp/sms and lower-case everything, otherwise they wont merge/overwite into the boot.wim.
pushd /tmp/sms find ./ -exec rename 'y/A-Z/a-z/' {} \; pushd /tmp/a/sms find ./ -exec rename 'y/A-Z/a-z/' {} \;
1b) Copy/overwrite /tmp/sms folder from the USB stick over the mounted boot.wim /sms folder. Should end up like structure like /tmp/a/sms/bin/x64. (Ignore errors about ownership/preserving permissions etc.)
cp -a /tmp/sms/ /tmp/a/
2) Delete /tmp/a/Windows/system32/winpeshl.ini
3) Overwrite /tmp/a/Windows/system32/startnet.cmd with the below
startnet.cmd
This is essentially taken from VB code from the aforementioned ipxe sccm howto and batch'd. It will also scrub the disk before it starts as old MBR's and RAID metadata tend to break SCCM (at least where I work!) (This can be loaded in afterwards with latest wimboot, so changes dont need a rebuild, dont do this step!)
@echo off
echo ** Show Disks
echo list disk > list.txt
diskpart /s list.txt
echo ** Removing any USB Storage
devcon64 disable "USBSTOR\DISK"
echo ** Show Disks
diskpart /s list.txt
echo ** Wiping Disk 0
echo select disk 0 > wipe.txt
echo clean >> wipe.txt
diskpart /s wipe.txt
echo ** Show Disks
diskpart /s list.txt
echo ** Starting WinPEinit
wpeinit
echo ** Starting DNScache
net start dnscache
echo ** Patching Ramdisk
reg add "HKLM\SYSTEM\CurrentControlSet\Control" /v PEBootType /t REG_SZ /d "Ramdisk:OpticalDrive" /f
echo ** Starting Autoclicker
start "" auto-sccm.exe
echo ** Starting SCCM
pushd "%SYSTEMDRIVE%\sms\bin\x64"
TsmBootStrap.exe /env:WinPE /configpath:%SYSTEMDRIVE%\sms\data
exit
Auto-clicker
Auto clicker to go to Next > pick latest advertised task sequence > Next
- F1 hotkey gives command prompt
- Your system may well differ from this as I imagine ours is peculiar! Caveat emptor!
This is auto-sccm.au3 that will compile (x64) to auto-sccm.exe - put in to mounted boot.wim thusly /tmp/a/Windows/system32/auto-sccm.exe
#include <MsgBoxConstants.au3>
#include <GUIListView.au3>
Opt("WinTitleMatchMode", 3) ; exact title match
Dim $title[4]
Dim $id[4]
;Next >
$title[0]="Task Sequence Wizard"
$id[0]=1025
;SysListView32
$title[1]="Task Sequence Wizard"
$id[1]=430
;Next >
$title[2]="Task Sequence Wizard"
$id[2]=1025
;Finish
$title[3]="Task Sequence Wizard"
$id[3]=1026
HotKeySet("{F1}", "hotk")
Func hotk()
ShellExecute ( "cmd.exe" , "/k" )
EndFunc
Func shutit()
If WinExists($title[$i]) And ControlCommand($title[$i], "",$id[$i],"IsVisible","" ) And ControlCommand($title[$i], "",$id[$i],"IsEnabled","" ) Then
If $i == 0 Then
ControlClick($title[$i],"",$id[$i])
$i+=1
ElseIf $i == 1 Then
$j = ControlListView($title[$i], "",$id[$i], "GetItemCount")
;MsgBox(0,$id[$i],$title[$i] & $j);
ControlListView($title[$i], "",$id[$i], "Select", $j-1)
$h = ControlGetHandle($title[$i], "",$id[$i])
_GUICtrlListView_ClickItem($h,$j-1)
$i+=1
Else
ControlClick($title[$i],"",$id[$i])
$i+=1
EndIf
EndIf
EndFunc
$i = 0
While 1
shutit()
If $i == UBound($title) Then
Exit(0)
EndIf
Sleep(1000)
WEnd
Exit
Unmount boot.wim
wimunmount /tmp/a --commit
Without --commit it wont save changes!
PXE boot via Pxelinux/Syslinux
pxelinux/syslinux needs to be 4.06 or newer (I think) Ubuntu 14.04.2 has 4.05 so you will need to get updated deb's (I couldn't find a ppa)
I Updated using .deb updates (6.03) from here -
http://www.ubuntuupdates.org/package/core/utopic/main/base/syslinux-common
http://www.ubuntuupdates.org/package/core/utopic/main/base/syslinux
http://www.ubuntuupdates.org/package/core/utopic/main/base/pxelinux
N.B the structural paths have changed and you now need to use lpxelinux.0 not pxelinux.0 if you are chainloading from iPXE via http.
Sample pxelinux boot menu entry, my files are in /os/sccm/.
LABEL -> Windows 7 SCCM Direct com32 /syslinux/linux.c32 append /os/sccm/wimboot initrdfile=/os/sccm/bootmgr,/os/sccm/BCD,/os/sccm/boot.sdi,/os/sccm/boot.wim
PXE boot from iPXE
- BCD needs to be uppercase on the right hand side bit of the initrd.
#!ipxe :retry_dhcp echo ** DHCP Request ** dhcp && goto boot_sccm || goto ask_shell :ask_shell prompt --key 0x02 --timeout 2000 Press Ctrl-B for the iPXE shell... && shell || goto retry_dhcp :boot_sccm echo ** Booting SCCM ** set base-url http://YOURSERVER/os/sccm kernel ${base-url}/wimboot || goto boot_sccm initrd ${base-url}/bootmgr bootmgr initrd ${base-url}/BCD BCD initrd ${base-url}/boot.sdi boot.sdi initrd ${base-url}/boot.wim boot.wim boot
WinPE BSOD'd with latest HP G1's preinstalled with Windows 8, stop error 0x00000050 from iastor.sys. This is due to it not liking the RAID metadata (I think). Therefore you have to erase it first.
I got around this by creating a pxelinux menu entry that booted a minimal linux (my 'Cyclone' system actually) that wipes the start and end sector of the drive, then copies ipxe.usb via dd to the hard drive. This has the menu entry above built in that then boots and runs. You can build it by pulling ipxe git , then doing this, assuming above script is saved as sccm.script.
#build it make CC="gcc -m32 -O3" -j4 ARCH=i386 bin/ipxe.usb EMBED=sccm.script #to write to target at some point dd if=ipxe.usb of=/dev/sda
Other
Updated sccm certs
Replace sms/data/variables.dat with new file
AHCI/RAID drivers
You may need to add some AHCI/RAID drivers, this is easiest done in Wincrap. e.g.
http://www.microsoft.com/en-us/download/details.aspx?id=5753
KB3AIK_EN.iso
Dism /Get-WimInfo /WimFile:c:\wim\boot.wim mkdir c:\mount Dism /Mount-Wim /wimfile:c:\wim\boot.wim /index:1 /MountDir:c:\mount Dism /Image:c:\mount /Add-Driver /Driver:c:\pathto\drivers /Recurse Dism /unmount-wim /commit /mountdir:c:\mount
- Note KB3AIK_EN.iso didn't mount in 'archive mounter' and file roller couldn't cope with it - I think it only worked in 'disk image mounter'
- If you have used wimtools in linux to edit the image and end up with Error 5: Access Denied later trying to mount in Windows it could be caused by having duplicate filenames in different cases, NTFS allows it, Windows not so much.
Comments
blog comments powered by Disqus