As part of our new Windows 7/AD deployment, SCCM is being used to control the imaging process of desktop computers.
We already have a comprehensive set of PXE enabled boot options so we needed a way to integrate the SCCM tools into our existing PXE setup.
The existing setup is syslinux(pxelinux) 3.11 on CentOS 5, ISC dhcpd and tftp.
We have several Linux live CDs, memtest, novell tools, DOS and chain booting to another (novell) server.
Our Microsoft team provide a bootable CD which we can use to image desktop machines and on some subnets they now provide the ability to PXE boot. Initially I hoped we could just chain boot to the SCCM server but that does not work.
After much research and testing I worked out a process using wimboot. Based on instructions found on http://ipxe.org/howto/sccm and http://forum.ipxe.org/showthread.php?tid=5745 I managed to write a script which converts a CD (ISO image).
The pxelinux entry is:
LABEL ad
com32 ad/linux.c32
append ad/wimboot initrd=ad/winpe.cpio
The files are in a tftp subdirectory called ad
linux.c32 is part of syslinux. I am using version 4.02 which was copied from a CentOS 6 server.
wimboot is available for download from ipxe.
winpe.cpio is a file we are going to create using my script below.
I also required a copy of bootmgr.exe which should be available on your microsoft tftp server but I was unable to find it and in the end I got a copy from our Mircosoft team.
Finally, I needed a copy of wimlib which has a linux version of the imagex tool. I was unable to find a RPM of this package and I just built it from source using the --without-ntfs-3g. (The source comes with .spec files so an RPM should be easy to build).
So here is my script:
convert_cd_into_pxe.sh:
#!/bin/bash
# Written by John Newbigin jnewbigin@chrysocome.net
ISO=x86_PROD_MS.iso
MNTPNT=wim
SCCMFILES=iso
IMAGEX=./wimlib-1.2.5/imagex
unalias cp
if [ "$(whoami)" = "root" ] ; then
if [ ! -f bootmgr.exe ] ; then
echo "You need a copy of bootmgr.exe"
exit 1
fi
umount $SCCMFILES
mkdir $SCCMFILES
mkdir $MNTPNT
mount -o loop $ISO $SCCMFILES
cp $SCCMFILES/boot/bcd BCD
cp $SCCMFILES/boot/boot.sdi .
cp $SCCMFILES/sources/boot.wim .
$IMAGEX mountrw boot.wim 1 $MNTPNT
cp -drv $SCCMFILES/sms/* $MNTPNT/sms/
umount $SCCMFILES
rmdir $SCCMFILES
ARCH=$(grep TsBootShell.exe $MNTPNT/Windows/System32/winpeshl.ini | cut -d \\ -f 4)
# edit winpeshl.ini
perl -pi -e "s|.*$ARCH.*|\"wscript.exe\",\"%SYSTEMDRIVE%\\\\sms\\\\bin\\\\$ARCH\\\\bootstrap.vbs\"|" $MNTPNT/Windows/System32/winpeshl.ini
# install bootstrap.vbs
cat > $MNTPNT/sms/bin/$ARCH/bootstrap.vbs << END
Set os = WScript.CreateObject ( "WScript.Shell" )
os.Run "%COMSPEC%", 7, false
os.Run "%COMSPEC% /c title Initialising... && wpeinit " & _
"&& net start dnscache", 1, true
os.Run WScript.ScriptFullName & "\..\TsmBootStrap.exe /env:WinPE " & _
"/configpath:%SYSTEMDRIVE%\sms\data", 1, true
END
$IMAGEX unmount $MNTPNT --commit
rmdir $MNTPNT
ls BCD bootmgr.exe boot.sdi boot.wim | cpio --create -H newc > winpe.cpio
rm BCD boot.sdi boot.wim
else
echo "You must be root to run this script"
exit 1
fi
I hope this is of use to someone.
As off WinPE 4, there are a few minor changes to the script which are required. These are to support UDF filesystem, File name case changes and UCS-2 encoded files.
ReplyDeleteI will post a new version soon.
I recently had a new problem with the process. Identical to this http://lists.ipxe.org/pipermail/ipxe-devel/2013-August/002716.html
ReplyDeleteAfter much testing and experimentation I found a rather simple fix, Just create these registry keys
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\PXE]
"BootServerReply"=hex:
"DHCPServerACK"=hex:
This message is great. Lexy
ReplyDeleteThe article you have shared here very awesome. I really like and appreciated your work. I read deeply your article, the points you have mentioned in this article are useful
ReplyDeleteSushi Cat 2
Amazing job everyone! This is fantastic.
ReplyDeletehttps://www.mattbrandenburg.com/
I have just made my first attempt utilizing this technique!
ReplyDeletetest here