Windows 7 SCCM Deploy

Some quick notes on what I did to get the SCCM client from a USB stick to quickly network boot and automate the manual clicking crap...

=Files= Copy these 4 files (from the USB SCCM client deployment stick [this is what I was provided with as source]). I lower-cased these, except BCD.

wimboot comes from http://ipxe.org/howto/sccm

├── BCD ├── bootmgr ├── boot.sdi ├── boot.wim └── wimboot

-rw-r--r-- 1 xxxx xxxx        16384 Jul 27 17:44 BCD -rw-r--r-- 1 xxxx xxxx       383562 Jul 14  2009 bootmgr -rw-r--r-- 1 xxxx xxxx      3170304 Jun 10  2009 boot.sdi -rw-r--r-- 1 xxxx xxxx    179937121 Aug  4 14:19 boot.wim -rwxr-xr-x 1 xxxx xxxx        34576 Dec  8  2014 wimboot

Extracting from ISO
7z seems to work on most and bsdtar on some types of ISO 7z x W10_Deploy.iso -o/tmp/W10 bsdtar xf W10_Deploy.iso -C /tmp/W10
 * or

=Install wimtools=


 * Adding in Ubuntu 14.04.2, nothing newer (15.xx) has repo at the time of writing for it.

sudo add-apt-repository ppa:nilarimogard/webupd8 sudo apt-get update sudo apt-get install wimtools

=Mount boot.wim=

This mounts into a /tmp/a

mkdir /tmp/a wimmountrw /path/to/boot.wim /tmp/a

=File changes=

(If you want to do it the VB way then follow the iPXE sccm guide else do this just using a batch file.)

1a) Copy the root /sms folder off the USB stick to /tmp/sms and lower-case everything, otherwise they wont merge/overwite into the boot.wim. pushd /tmp/sms find ./ -exec rename 'y/A-Z/a-z/' {} \; pushd /tmp/a/sms find ./ -exec rename 'y/A-Z/a-z/' {} \;

1b) Copy/overwrite /tmp/sms folder from the USB stick over the mounted boot.wim /sms folder. Should end up like structure like /tmp/a/sms/bin/x64. (Ignore errors about ownership/preserving permissions etc.) cp -a /tmp/sms/ /tmp/a/

2) Delete /tmp/a/Windows/system32/winpeshl.ini

3) Overwrite /tmp/a/Windows/system32/startnet.cmd with the below

=startnet.cmd=

This is essentially taken from VB code from the aforementioned ipxe sccm howto and batch'd. It will also scrub the disk before it starts as old MBR's and RAID metadata tend to break SCCM (at least where I work!) (This can be loaded in afterwards with latest wimboot, so changes dont need a rebuild, dont do this step!)

=Auto-clicker=

Auto clicker to go to Next > pick latest advertised task sequence > Next


 * F1 hotkey gives command prompt


 * Your system may well differ from this as I imagine ours is peculiar! Caveat emptor!

This is auto-sccm.au3 that will compile (x64) to auto-sccm.exe - put in to mounted boot.wim thusly /tmp/a/Windows/system32/auto-sccm.exe

=Unmount boot.wim=

wimunmount /tmp/a --commit

Without --commit it wont save changes!

=PXE boot via Pxelinux/Syslinux=

pxelinux/syslinux needs to be 4.06 or newer (I think) Ubuntu 14.04.2 has 4.05 so you will need to get updated deb's (I couldn't find a ppa)

I Updated using .deb updates (6.03) from here -

http://www.ubuntuupdates.org/package/core/utopic/main/base/syslinux-common

http://www.ubuntuupdates.org/package/core/utopic/main/base/syslinux

http://www.ubuntuupdates.org/package/core/utopic/main/base/pxelinux

N.B the structural paths have changed and you now need to use lpxelinux.0 not pxelinux.0 if you are chainloading from iPXE via http.

Sample pxelinux boot menu entry, my files are in /os/sccm/.

LABEL -> Windows 7 SCCM Direct com32 /syslinux/linux.c32 append /os/sccm/wimboot initrdfile=/os/sccm/bootmgr,/os/sccm/BCD,/os/sccm/boot.sdi,/os/sccm/boot.wim

=PXE boot from iPXE=


 * BCD needs to be uppercase on the right hand side bit of the initrd.


 * 1) !ipxe


 * retry_dhcp

echo ** DHCP Request ** dhcp && goto boot_sccm || goto ask_shell


 * ask_shell

prompt --key 0x02 --timeout 2000 Press Ctrl-B for the iPXE shell... && shell || goto retry_dhcp


 * boot_sccm

echo ** Booting SCCM ** set base-url http://YOURSERVER/os/sccm kernel ${base-url}/wimboot || goto boot_sccm initrd ${base-url}/bootmgr bootmgr initrd ${base-url}/BCD BCD initrd ${base-url}/boot.sdi boot.sdi initrd ${base-url}/boot.wim boot.wim boot

WinPE BSOD'd with latest HP G1's preinstalled with Windows 8, stop error 0x00000050 from iastor.sys. This is due to it not liking the RAID metadata (I think). Therefore you have to erase it first.

I got around this by creating a pxelinux menu entry that booted a minimal linux (my 'Cyclone' system actually) that wipes the start and end sector of the drive, then copies ipxe.usb via dd to the hard drive. This has the menu entry above built in that then boots and runs. You can build it by pulling ipxe git, then doing this, assuming above script is saved as sccm.script. make CC="gcc -m32 -O3" -j4 ARCH=i386 bin/ipxe.usb EMBED=sccm.script dd if=ipxe.usb of=/dev/sda
 * 1) build it
 * 1) to write to target at some point

=Other=

Updated sccm certs
Replace sms/data/variables.dat with new file

AHCI/RAID drivers
You may need to add some AHCI/RAID drivers, this is easiest done in Wincrap. e.g.

http://www.microsoft.com/en-us/download/details.aspx?id=5753

KB3AIK_EN.iso

Dism /Get-WimInfo /WimFile:c:\wim\boot.wim mkdir c:\mount Dism /Mount-Wim /wimfile:c:\wim\boot.wim /index:1 /MountDir:c:\mount Dism /Image:c:\mount /Add-Driver /Driver:c:\pathto\drivers /Recurse Dism /unmount-wim /commit /mountdir:c:\mount


 * Note KB3AIK_EN.iso didn't mount in 'archive mounter' and file roller couldn't cope with it - I think it only worked in 'disk image mounter'
 * If you have used wimtools in linux to edit the image and end up with Error 5: Access Denied later trying to mount in Windows it could be caused by having duplicate filenames in different cases, NTFS allows it, Windows not so much.

=Comments=