top of page

OUR PRECONDITIONS

  • The old network infrastructure, referred to as OldNet:
    Doesn’t support 802.1x.
    Two domains on different VLAN’s with a one way trust, referred to as Enterprise and Educational.
    The two domains have their own network infrastructure, different IP Helpers, DNS, DHCP and so on.

  • The new infrastructure, referred to as NewNet:
    802.1x is required using CISCO ISE and Layer 3 switches.
    Only one fallback net with its own IP range, common for both domains, which also supports WebAuth guest access.
    The two domains still have their own IP range, DHCP, DNS etc. but will use the same PXE-server since PXE boot is taking place on the fallback network.

  • Both the old and the new network infrastructure will be used to deploy Windows 10 x64 and Windows 7 x86.

  • MAB will not be used during OSD, the network team don’t want to spread a special OSD VLAN so clients will get an IP address according to its current location and only certificate-based authentication is allowed.

  • The task sequence needs to support both the new computer and refresh scenario as well as BIOS to UEFI conversion regardless of the currently installed operating system.
    The scripts used for managing 802.1x needs to support Windows 7 and its PowerShell version.

Search
Writer's picturesomeguy100
Oct 14, 20182 min read

Using a (fake) driver to modify a boot image.

Updated: Oct 20, 2018


First things first. I'm not talking about a simple file copy command.

When you install a normal driver on your computer, what can it do?

It can copy files, it can make changes to the registry and it can even install services just to mention a few things. How about doing that to a boot image, without the need of manual steps and without needing to redo it all over again when the ADK is updated?

Do you change the network drivers that is assign to a boot image every time the ADK is updated? No you don't, and that's the point of this. =)

Onwards....


I was in a position where I knew that that my main focus at work would not include working with SCCM due to a reorganization. I also knew that the people that would work with SCCM and our OSD's never had customized a boot image before.

So I needed to find a simple way to customize a boot image, since it get replaced when the ADK is updated, without me getting involved and with as few manual steps as possible…

First I did a Task Sequence which did the customization, but the newly created boot image still needed to be imported and the “new guys” had kind of a hard time understanding the concept of that and the changes that were made to support 802.1x.

So then I was looking for a way to create a WinPE optional component package that worked in the same way as for an example “WinPE-HTA” that comes with the ADK. Doing research on the subject I stumbled upon “ADSI Plugin for WinPE 10” by Johan Arwidmark..

But I wanted to take the concept one step further and making it available through the SCCM Console GUI. And I actually managed to do it! =)


Another advantage of doing this instead of using the osdinjection.xml-method is that the later affects every boot image. With this driver method you can edit one single image or customize multiple images differently using a second driver. At least in an easier way.


In my next posts I will tell you how I did it, what the fake driver does and why.


Edit: Editing a part of a line using a mobile phone apparently can cause a duplication of the sentence until the next "new line". Might need to look for an alternative as this is becoming very frustrating.

524 views0 comments

Comments

bottom of page