Windows 7 SCCM Deploy

Jump to: navigation, search

Some quick notes on what I did to get the SCCM client from a USB stick to quickly network boot and automate the manual clicking crap...


Copy these 4 files (from the USB SCCM client deployment stick [this is what I was provided with as source]). I lower-cased these, except BCD.

wimboot comes from

├── BCD
├── bootmgr
├── boot.sdi
├── boot.wim
└── wimboot

-rw-r--r-- 1 xxxx xxxx         16384 Jul 27 17:44 BCD
-rw-r--r-- 1 xxxx xxxx        383562 Jul 14  2009 bootmgr
-rw-r--r-- 1 xxxx xxxx       3170304 Jun 10  2009 boot.sdi
-rw-r--r-- 1 xxxx xxxx     179937121 Aug  4 14:19 boot.wim
-rwxr-xr-x 1 xxxx xxxx         34576 Dec  8  2014 wimboot

Install wimtools

  • Adding in Ubuntu 14.04.2, nothing newer (15.xx) has repo at the time of writing for it.
sudo add-apt-repository ppa:nilarimogard/webupd8
sudo apt-get update
sudo apt-get install wimtools

Mount boot.wim

This mounts into a /tmp/a

mkdir /tmp/a
wimmountrw /path/to/boot.wim /tmp/a

File changes

(If you want to do it the VB way then follow the iPXE sccm guide else do this just using a batch file.)

1a) Copy the root /sms folder off the USB stick to /tmp/sms and lower-case everything, otherwise they wont merge/overwite into the boot.wim.

find /tmp/sms -exec rename 'y/A-Z/a-z/' {} \;

1b) Copy/overwrite /tmp/sms folder from the USB stick over the mounted boot.wim /sms folder. Should end up like structure like /tmp/a/sms/bin/x64

2) Delete /tmp/a/Windows/system32/winpeshl.ini

3) Overwrite /tmp/a/Windows/system32/startnet.cmd with the below


This is essentially taken from VB code from the aforementioned ipxe sccm howto and batch'd. It will also scrub the disk before it starts as old MBR's and RAID metadata tend to break SCCM (at least where I work!)

@echo off

echo ** Show Disks
echo list disk > list.txt
diskpart /s list.txt

echo ** Removing any USB Storage
devcon64 disable "USBSTOR\DISK"

echo ** Show Disks
diskpart /s list.txt

echo ** Wiping Disk 0
echo select disk 0 > wipe.txt
echo clean >> wipe.txt
diskpart /s wipe.txt

echo ** Show Disks
diskpart /s list.txt

echo ** Starting WinPEinit

echo ** Starting DNScache
net start dnscache

echo ** Patching Ramdisk
reg add "HKLM\SYSTEM\CurrentControlSet\Control" /v PEBootType /t REG_SZ /d "Ramdisk:OpticalDrive" /f

echo ** Starting Autoclicker
start "" auto-sccm.exe

echo ** Starting SCCM
pushd "%SYSTEMDRIVE%\sms\bin\x64"
TsmBootStrap.exe /env:WinPE /configpath:%SYSTEMDRIVE%\sms\data



Auto clicker to go to Next > pick latest advertised task sequence > Next

  • F1 hotkey gives command prompt
  • Your system may well differ from this as I imagine ours is peculiar! Caveat emptor!

This is auto-sccm.au3 that will compile (x64) to auto-sccm.exe - put in to mounted boot.wim thusly /tmp/a/Windows/system32/auto-sccm.exe

#include <MsgBoxConstants.au3>
#include <GUIListView.au3>

Opt("WinTitleMatchMode", 3) ; exact title match

Dim $title[4]
Dim $id[4]

;Next >
$title[0]="Task Sequence Wizard"

$title[1]="Task Sequence Wizard"

;Next >
$title[2]="Task Sequence Wizard"

$title[3]="Task Sequence Wizard"

HotKeySet("{F1}", "hotk")

Func hotk()
	ShellExecute ( "cmd.exe" , "/k" )

Func shutit()
	If WinExists($title[$i]) And ControlCommand($title[$i], "",$id[$i],"IsVisible","" ) And ControlCommand($title[$i], "",$id[$i],"IsEnabled","" ) Then

		If $i == 0 Then
		ElseIf $i == 1 Then
			$j = ControlListView($title[$i], "",$id[$i], "GetItemCount")
			;MsgBox(0,$id[$i],$title[$i] & $j);
			ControlListView($title[$i], "",$id[$i], "Select", $j-1)
			$h = ControlGetHandle($title[$i], "",$id[$i])

$i = 0
While 1
	If $i == UBound($title) Then


Unmount boot.wim

wimunmount /tmp/a --commit

Without --commit it wont save changes!

PXE boot via Pxelinux/Syslinux

pxelinux/syslinux needs to be 4.06 or newer (I think) Ubuntu 14.04.2 has 4.05 so you will need to get updated deb's (I couldn't find a ppa)

I Updated using .deb updates (6.03) from here -

N.B the structural paths have changed and you now need to use lpxelinux.0 not pxelinux.0 if you are chainloading from iPXE via http.

Sample pxelinux boot menu entry, my files are in /os/sccm/.

LABEL -> Windows 7 SCCM Direct
    com32 /syslinux/linux.c32
    append /os/sccm/wimboot initrdfile=/os/sccm/bootmgr,/os/sccm/BCD,/os/sccm/boot.sdi,/os/sccm/boot.wim

PXE boot from iPXE

  • BCD needs to be uppercase on the right hand side bit of the initrd.

echo ** DHCP Request **
dhcp && goto boot_sccm || goto ask_shell

prompt --key 0x02 --timeout 2000 Press Ctrl-B for the iPXE shell... && shell || goto retry_dhcp

echo ** Booting SCCM **
set base-url http://YOURSERVER/os/sccm
kernel ${base-url}/wimboot || goto boot_sccm
initrd ${base-url}/bootmgr bootmgr
initrd ${base-url}/BCD BCD
initrd ${base-url}/boot.sdi boot.sdi
initrd ${base-url}/boot.wim boot.wim

WinPE BSOD'd with latest HP G1's preinstalled with Windows 8, stop error 0x00000050 from iastor.sys. This is due to it not liking the RAID metadata (I think). Therefore you have to erase it first.

I got around this by creating a pxelinux menu entry that booted a minimal linux (my 'Cyclone' system actually) that wipes the start and end sector of the drive, then copies ipxe.usb via dd to the hard drive. This has the menu entry above built in that then boots and runs. You can build it by pulling ipxe git , then doing this, assuming above script is saved as sccm.script.

#build it
make CC="gcc -m32 -O3" -j4 ARCH=i386 bin/ipxe.usb EMBED=sccm.script
#to write to target at some point
dd if=ipxe.usb of=/dev/sda


Updated sccm certs

Replace sms/data/variables.dat with new file

AHCI/RAID drivers

You may need to add some AHCI/RAID drivers, this is easiest done in Wincrap. e.g.


Dism /Get-WimInfo /WimFile:c:\wim\boot.wim
mkdir c:\mount
Dism /Mount-Wim /wimfile:c:\wim\boot.wim /index:1 /MountDir:c:\mount
Dism /Image:c:\mount /Add-Driver /Driver:c:\pathto\drivers /Recurse
Dism /unmount-wim /commit /mountdir:c:\mount
  • Note KB3AIK_EN.iso didn't mount in 'archive mounter' and file roller couldn't cope with it - I think it only worked in 'disk image mounter'
  • If you have used wimtools in linux to edit the image and end up with Error 5: Access Denied later trying to mount in Windows it could be caused by having duplicate filenames in different cases, NTFS allows it, Windows not so much.


blog comments powered by Disqus