In this post I will walk through various ways on how to customize and modify Boot Image. Boot Images helps to deploy the Operating System using SCCM / MDT in environment.
Boot Image is a Windows PE (WinPE) image, just treat it like a mini OS, but with no functionality. Once Boot Image is loaded, it connects with existing Configuration Manager or MDT, and gets the list of task sequence to get OSD running. Boot Images gets installed as part of WinPE add-on for the Windows ADK setup
Why we need to customize the Boot Image
Windows PE (Image) or Boot Image is responsible for booting the system and running the task sequence. Hence, there are scenarios where the customization is required, lets discuss:
To inject Drivers
For a successful Operating system deployment, WinPE boot image should be able to get IP address and should be able to detect Hard Disk. Hence, Network Driver and Storage Drivers are must. Once, Boot Image is loaded and we are getting no IP address (command: ipconfig) it means that network drivers are not present. Same way, we can use diskpart > List Disk to see if Disk is detected or not.
Injected Network Driver / Mass Storage drivers is not necessarily to be injected for each hardware (Laptop or Desktop). Whenever Microsoft releases new WinPE add-on for Windows ADK, they inject all latest drivers by getting the drivers from all vendors such as Lenovo, Dell, HP etc. But in case if new model is released with new type of network driver / storage driver, this will not be part of Boot Image until new version of WinPE Add-on is released. Hence, the solution is to inject the required drivers.
To enable Command Prompt
For troubleshooting Purpose, we need to enable Command prompt so that we can we the SCCM log files or MDT log files in case task sequence has failed, or for the purpose of monitoring the deployment, checking ip address and other task.
To enable additional components
Additional components such as Winpe-HTA to support HTA, PowerShell, Fonts and so many other components can be injected based upon the requirement. For example, if we need to run hta or PowerShell script to run during WinPE phase, we need to inject these components
How to customize Boot Image
Customizing Boot image through SCCM Boot Image Properties gives us lots of option. Launch Configuration Manager Console, navigate to \Software Library\Overview\Operating Systems\Boot Images and select one of the boot image and click Properties.
Click on Images (tab) and we can see OS version for the Boot Image is 10.0.22000.1 which means ADK version is Windows ADK for Windows 11.
Click on Customization tab, there are few important settings here to specify.
Enable command support (testing only) : Check this box to enable command prompt, at any time during WinPE, press F8 to open command prompt. It can be executed at any phase till task sequence is completed. One other benefit of command prompt opened during Task sequence phase is, it will hault the process which means if task sequence was installing and application and restart was requested, restart won’t happen if cmd prompt is opened, Task sequence engine will be waiting for cmd prompt to be closed to continue.
Windows PE Background > Specify the custom background image file (UNC path): When boot image is loaded, there will be a background image applied automatically, for your company branding you can select your own background image here.
Enable prestart command is another important step, though not frequently used by everyone. Once enabled, you can specify a custom script or command that will be executed right after WinPE boot image is loaded and before task sequence selection window. Once of the use case is to load MsDart Utility which provides taking a remote session by helpdesk for troubleshooting task sequence related issues.
Click on Data Source tab, which shows Image path location. If you wanted to use this Boot image for PXE deployments, then check the box Deploy this boot image from the PXE-enabled distribution point. Without selecting this, Boot Media using ISO will still work for deployments.
Click on Optional Components, this is one of the most important settings I would consider. By default these components are automatically injected in boot image:
Scripting (WinPE-Scripting)
Startup (WinPE-SecureStartup)
Network (WinPE-WDS-Tools)
Scripting (WinPE-WMI)
Click on Startbust icon to add more components, there will be list of available optional components to select. I always consider these options to be the most important one to be included into boot image:
Windows PowerShell (WinPE-DismCmdlets)
Network (WinPE-Dot3Svc)
Storage (WinPE-EnhancedStorage)
HTML (WinPE-HTA)
Windows PowerShell (WinPE-StorageWMI)
Microsoft .NET (WinPE-NetFx)
Windows PowerShell (WinPE-PowerShell)
Click on Drivers tab, this is where list of all injected Drivers will be listed (if you have injected), or else click on Startburst icon to add the drivers. I don’t prefer adding the driver this way. More efficient way to add drivers into boot image is to go to Drivers node, once you import the drivers, select individual drivers and add it from there.
Once the changes have been made, and you click on OK, boot image will be updated which includes the process of mounting the Boot image, injecting all the settings we have specified, committing and unmounting of boot image.
The next page will display Update Distribution Points Wizard, if we have old boot image, and we want to load boot image with new binaries ie. With latest ADK version installed, select this option. But I usually don’t prefer selecting “Reload this boot image with current Windows PE version from the Windows ADK”, the downside of selecting this option is: you will loose any manual customization you would have done such as manually mounting the boot image source and adding files/folders or drivers.
On Summary page, verify the components & actions and click Next.
Allow some time for boot image to mount, inject, unmount and save all the settings.
Customize Boot Image manually
Till now we were injecting and adding the components using Boot Image Properties. There can be a special case of adding the content such as files / folders, file can be cmtrace.exe or AD Connector so that Boot Image can connect to Active Directory for authentication purpose PowerShell scripts / hta. The required scenario could be endless, hence, it’s a good idea to know how it works and the possibilities.
On SCCM Server, Launch Deployment and Imaging Tools Environment cmd prompt.
As a source, I will be using boot.wim (make sure not use boot.packageid.wim as it will be overwritten when you update the Boot Image). Boot.wim is the original Boot Image, when we add additional components, enable cmd prompt etc or anything, it will pick original content ie. Boot.wim and top of it, it will do customization we select in Boot Image properties. Hence, if we are making manual changes, make the changes in boot.wim.
Let’s inject the drivers located under d:\Drivers into Boot Image.
Source: boot.wim
Destination: d:\mount (directory I am going to use to mount the Boot Image)
Drivers: D:\Drivers
Command: To mount the wim:
Dism /Mount-Wim /WimFile:"D:\Source\OS\Boot Image\Boot Image R012\boot.wim" /MountDir:d:\Mount /Index:1
Command: To get list of 3rd party drivers in boot image’s driver store.
dism /Image:D:\Mount /Get-Drivers
Inject the Drivers into Boot Image
dism /Image:D:\Mount /Add-Driver /Driver:D:\Drivers /Recurse
We can see 3 drivers (in inf format) has been injected into boot image.
Let’s verify the list of drivers injected.
This time when we run /Get-Drivers command, we see list of 3 drivers injected as 3rd party drivers in driver store.
Time to save and commit the boot image. Run the command:
Dism /Unmount-Wim /MountDir:D:\Mount /Commit
Conclusion
We can see a slight increase in size of boot.wim from 307 MB to 336 MB. Hence, if we further add any customization using Boot Image Properties, our manual customization will retain on top of what new changes we are going to make.
But while updating boot image, if we select “Reload this boot image with current Windows PE version…”, we are going to loose the manual customization ie. All 3 drivers we injected.
