Wednesday, February 27, 2013

PXE boot WINPE

As part of our new Windows 7/AD deployment, SCCM is being used to control the imaging process of desktop computers.

We already have a comprehensive set of PXE enabled boot options so we needed a way to integrate the SCCM tools into our existing PXE setup.

The existing setup is syslinux(pxelinux) 3.11 on CentOS 5, ISC dhcpd and tftp.

We have several Linux live CDs, memtest, novell tools, DOS and chain booting to another (novell) server.

Our Microsoft team provide a bootable CD which we can use to image desktop machines and on some subnets they now provide the ability to PXE boot. Initially I hoped we could just chain boot to the SCCM server but that does not work.

After much research and testing I worked out a process using wimboot. Based on instructions found on http://ipxe.org/howto/sccm and http://forum.ipxe.org/showthread.php?tid=5745 I managed to write a script which converts a CD (ISO image).

The pxelinux entry is:
LABEL ad
com32 ad/linux.c32
append ad/wimboot initrd=ad/winpe.cpio


The files are in a tftp subdirectory called ad

linux.c32 is part of syslinux. I am using version 4.02 which was copied from a CentOS 6 server.

wimboot is available for download from ipxe.

winpe.cpio is a file we are going to create using my script below.

I also required a copy of bootmgr.exe which should be available on your microsoft tftp server but I was unable to find it and in the end I got a copy from our Mircosoft team.

Finally, I needed a copy of wimlib which has a linux version of the imagex tool. I was unable to find a RPM of this package and I just built it from source using the --without-ntfs-3g. (The source comes with .spec files so an RPM should be easy to build).

So here is my script:
convert_cd_into_pxe.sh:
#!/bin/bash
# Written by John Newbigin jnewbigin@chrysocome.net
ISO=x86_PROD_MS.iso

MNTPNT=wim
SCCMFILES=iso

IMAGEX=./wimlib-1.2.5/imagex

unalias cp

if [ "$(whoami)" = "root" ] ; then

   if [ ! -f bootmgr.exe ] ; then
      echo "You need a copy of bootmgr.exe"
      exit 1
   fi
   umount $SCCMFILES
   mkdir $SCCMFILES
   mkdir $MNTPNT
   mount -o loop $ISO $SCCMFILES

   cp $SCCMFILES/boot/bcd BCD
   cp $SCCMFILES/boot/boot.sdi .
   cp $SCCMFILES/sources/boot.wim .


   $IMAGEX mountrw boot.wim 1 $MNTPNT

   cp -drv $SCCMFILES/sms/* $MNTPNT/sms/
   umount $SCCMFILES
   rmdir $SCCMFILES

   ARCH=$(grep TsBootShell.exe $MNTPNT/Windows/System32/winpeshl.ini | cut -d \\ -f 4)
   # edit winpeshl.ini
   perl -pi -e "s|.*$ARCH.*|\"wscript.exe\",\"%SYSTEMDRIVE%\\\\sms\\\\bin\\\\$ARCH\\\\bootstrap.vbs\"|" $MNTPNT/Windows/System32/winpeshl.ini

   # install bootstrap.vbs
   cat > $MNTPNT/sms/bin/$ARCH/bootstrap.vbs << END
Set os = WScript.CreateObject ( "WScript.Shell" )
os.Run "%COMSPEC%", 7, false
os.Run "%COMSPEC% /c title Initialising... && wpeinit " & _
"&& net start dnscache", 1, true
os.Run WScript.ScriptFullName & "\..\TsmBootStrap.exe /env:WinPE " & _
"/configpath:%SYSTEMDRIVE%\sms\data", 1, true
END

   $IMAGEX unmount $MNTPNT --commit
   rmdir $MNTPNT

   ls BCD bootmgr.exe boot.sdi boot.wim | cpio --create -H newc > winpe.cpio
   rm BCD boot.sdi boot.wim
  
else
   echo "You must be root to run this script"
   exit 1
fi


I hope this is of use to someone.

2 comments:

  1. As off WinPE 4, there are a few minor changes to the script which are required. These are to support UDF filesystem, File name case changes and UCS-2 encoded files.

    I will post a new version soon.

    ReplyDelete
  2. I recently had a new problem with the process. Identical to this http://lists.ipxe.org/pipermail/ipxe-devel/2013-August/002716.html
    After much testing and experimentation I found a rather simple fix, Just create these registry keys
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\PXE]
    "BootServerReply"=hex:
    "DHCPServerACK"=hex:

    ReplyDelete