Category Archives: WinPE

Using MCM USB Bootable Media in UEFI/GPT/BitLocker Scenarios When Local and Remote Boot Images Are Different

Leave a reply

A customer recently had a requirement for rebuilds to be done in remote sites via USB flash drives configured as MCM Bootable Media due to a lack of local MCM Distribution Points and PXE Boot capability.

Using devices in UEFI mode with BitLocker enabled makes this tricky when the Boot Image associated with the Task Sequence becomes out of sync with the Boot Image on the USB media. If the boot images don’t match then MCM attempts to pre-stage onto the local disk and fails as the OSDisk is unavailable due to it being encrypted with BitLocker (the drive appears as “RAW” and cannot be accessed) and none of the other partitions are large enough or available.

I worked around this by creating a PowerShell PreStart script and adding it to the Boot Media ISO image. The script runs before the Task Sequence begins. It creates a Diskpart configuration text file on the fly in the ‘X:\Windows\Temp’ folder of the running WinPE. After creating the Diskpart configuration file, it then runs Diskpart referencing the configuration file in order to create suitably-sized/lettered partitions to successfully boot from using UEFI and that are also accessible for the Task Sequence to download and pre-stage the latest Boot Image if it’s required (i.e. if it’s different to the boot image on the USB).

Problem solved!

The command for the PreStart script that I used was:

cmd /C PowerShell.exe -ExecutionPolicy ByPass -File PreStart.ps1

And the PowerShell code contained with PreStart.ps1 is shown below:

<#
.DESCRIPTION
    Configures GPT disk layout using DiskPart.exe to avoid Boot Image mismatching when using MCM Bootable Media
.EXAMPLE
    PowerShell.exe -ExecutionPolicy ByPass -File .ps1
.NOTES
    Author:         Jonathan Conway
    Modified:       06/04/2019
    Version:        1.0
#>

# Display warning and request confirmation from engineer
$Shell = New-Object -ComObject "WScript.Shell"
$Button = $Shell.Popup("Proceeding will wipe all local data from all local drives. Hold Power Button until device powers off to cancel. Click OK to proceed.", 0, "WARNING", 0)

# Set variables
$DiskPartFile = "X:\Windows\Temp\DiskpartConfig.txt"

if (Get-Volume | Where-Object {$_.DriveLetter -eq 'C' -and $_.DriveType -eq 'Removable'}) {
Get-Partition -DriveLetter 'C' | Set-Partition -NewDriveLetter 'U'
}

# Create contents of DiskPart configuration file
Write-Output "SELECT DISK 0" | Out-File -Encoding utf8 -FilePath "$DiskpartFile"
Write-Output "CLEAN" | Out-File -Encoding utf8 -FilePath "$DiskpartFile" -Append
Write-Output "CONVERT GPT" | Out-File -Encoding utf8 -FilePath "$DiskpartFile" -Append
Write-Output "CREATE PARTITION EFI SIZE=200" | Out-File -Encoding utf8 -FilePath "$DiskpartFile" -Append
Write-Output "ASSIGN LETTER=S" | Out-File -Encoding utf8 -FilePath "$DiskpartFile" -Append
Write-Output "FORMAT QUICK FS=FAT32" | Out-File -Encoding utf8 -FilePath "$DiskpartFile" -Append
Write-Output "CREATE PARTITION MSR SIZE=128" | Out-File -Encoding utf8 -FilePath "$DiskpartFile" -Append
Write-Output "CREATE PARTITION PRIMARY" | Out-File -Encoding utf8 -FilePath "$DiskpartFile" -Append
Write-Output "ASSIGN LETTER=C" | Out-File -Encoding utf8 -FilePath "$DiskpartFile" -Append
Write-Output "FORMAT QUICK FS=NTFS" | Out-File -Encoding utf8 -FilePath "$DiskpartFile" -Append
Write-Output "EXIT" | Out-File -Encoding utf8 -FilePath "$DiskpartFile" -Append

# Run DiskPart
Start-Process -FilePath "diskpart.exe" -ArgumentList "/s $DiskPartFile" -Wait

In my environment this formats the disks in a way which allows my Task Sequence to progress whatever state the UEFI partitions are in (i.e. BitLocker enabled or not).

A pop up warning is shown on screen stating:

Proceeding will wipe all local data from all local drives. Hold Power Button until device powers off to cancel. Click OK to proceed“.

Clicking OK continues ahead and starts the Diskpart process before progressing to the Task Sequence selection screen 🙂

/ JC

Add CMTrace.exe to Computers Being Deployed via Task Sequence

Leave a reply

To make sure you have CMTrace.exe available for use on machines that are deployed via ConfigMgr Task Sequences you can add a “Run Command Line” task immediately after the “Apply Operating System Image” that copies the executable from the boot image being used to deploy the OS (CMtrace.exe is included by default ConfigMgr WinPE boot images – WinPE is mapped as X:\ during OSD) and results in it being available once OSD completes:

 cmd /c xcopy X:\SMS\BIN\x64\CMTrace.exe %OSDTargetSystemDrive%\Windows\System32\ /E /H /C /I /Q /Y


This command line will need to be amended in the unlikely scenario (it’s 2017 after all) that you’re deploying a 32-bit Operating System to change the xcopy target path accordingly.


/ JC


Note: This was originally documented on TechNet yonks ago: Link

WinPE Versions Linked to Full OS Versions

Leave a reply

WinPE 1.0 [Windows XP] [5.1.2600.x] [First version of WinPE]
WinPE 1.1 [Windows XP SP1] [5.1.2600.x]
WinPE 1.2 [Windows Server 2003] [5.2.3790.x]
WinPE 1.5 [Windows XP SP2] [5.1.2600.x] [Windows PE 2004]
WinPE 1.6 [Windows Server 2003 SP1] [5.2.3790.x] [Windows PE 2005]
WinPE 2.0 [Windows Vista] [6.0.6000.x]
WinPE 2.1 [Windows Server 2008] [6.0.6001.x]
WinPE 2.2 [Windows Server 2008 SP2] [6.0.6002.x]
WinPE 3.0 [Windows 7] [6.1.7600.x] [Windows AIK 2.0]
WinPE 3.1 [Windows 7 SP1] [6.1.7601.x] [Windows AIK Supplement for Windows 7 SP1]
WinPE 4.0 [Windows 8] [6.2.9200.x] [Windows ADK 8.0]
WinPE 5.0 [Windows 8.1] [6.3.9300.x] [Windows ADK 8.1]
WinPE 5.1 [Windows 8.1 Update 1] [6.3.9600.x] [Windows ADK 8.1 Update]
WinPE 10.0.10586 [Windows 10] [1511 – 10586.104] [Windows ADK 10.1.10586.0]

/ JC