?
Solved

SCCM PE Image Unsigned Driver Injection

Posted on 2010-11-12
11
Medium Priority
?
4,017 Views
Last Modified: 2013-11-21
Recently upgraded my SCCM 2007 R2 SP1 to SP2. Since doing so, whenever I try to add a unsigned driver to a boot image it fails with the following error.

   Error: Boot image to update:
      Microsoft Windows PE (x64)

   Error: Actions to perform:
      Add ConfigMgr binaries
      Disable Windows PE command line support
      Add drivers

   Success: Drivers that will be included:
      DELL CERC SATA 1.5/6ch RAID Controller

   Error: Failed to import the following drivers:
      DELL CERC SATA 1.5/6ch RAID Management Device - Failed to inject a ConfigMgr driver into the mounted WIM file

   Error: The wizard detected the following problems when updating the boot image.
      Failed to inject a ConfigMgr driver into the mounted WIM file
      Failed to inject a ConfigMgr driver into the mounted WIM file
      Failed to inject a ConfigMgr driver into the mounted WIM file
      Failed to inject a ConfigMgr driver into the mounted WIM file
      Failed to inject a ConfigMgr driver into the mounted WIM file
      The ConfigMgr Provider reported an error.: ConfigMgr Error Object:
      instance of SMS_ExtendedStatus
      {
            Description = "Failed to insert OSD binaries into the WIM file";
            ErrorCode = 2152205056;
            File = "e:\\nts_sms_fre\\sms\\siteserver\\sdk_provider\\smsprov\\sspbootimagepackage.cpp";
            Line = 4262;
            ObjectInfo = "CSspBootImagePackage::PreRefreshPkgSrcHook";
            Operation = "ExecMethod";
            ParameterInfo = "SMS_BootImagePackage.PackageID=\"MOH00027\"";
            ProviderName = "WinMgmt";
            StatusCode = 2147749889;
      };

This is just one of many drivers I am having this problem with. If I take this exact same driver, copied from the very place this process is using, and manually add it to the image using DISM with the /forceunsigned flag it works without a problem. After some digging there is a log file created by DISM during the image build using SCCM located at C:\Windows\Logs\DISM\dism.log. In this log I get the following error.

2010-11-12 12:47:38, Info                  DISM   DISM Driver Manager: PID=6024 Signature status of driver \\vsccm\Source\Drivers\Dell\PE\Dell-WinPE-Drivers-A02\winpe\x64\Storage\R129526\cercsr6.inf is: UNSIGNED - CDriverPackage::InitSignatureStatus
2010-11-12 12:47:38, Error                 DISM   DISM Driver Manager: PID=6024 Cannot install non-signed boot-critical drivers on amd64 images. Use /forceunsigned switch to override. \\vsccm\Source\Drivers\Dell\PE\Dell-WinPE-Drivers-A02\winpe\x64\Storage\R129526\cercsr6.inf - CDriverManager::CheckClientAddDriverScenarios(hr:0x80070032)
2010-11-12 12:47:38, Error                 DISM   DISM Driver Manager: PID=6024 d:\w7rtm\base\ntsetup\opktools\dism\providers\dmiprovider\dll\drivermanager.cpp:1063 - CDriverManager::Internal_DoAddDriverPackage(hr:0x80070032)
2010-11-12 12:47:38, Error                 DISM   DISM Driver Manager: PID=6024 d:\w7rtm\base\ntsetup\opktools\dism\providers\dmiprovider\dll\drivermanager.cpp:519 - CDriverManager::ExecuteCmdLine(hr:0x80070032)
20

Now all this is great because I finally know why the builds are failing. The problem I'm having now is... how do you get SCCM to use the /forceunsigned switch?
0
Comment
Question by:midwestexp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
11 Comments
 
LVL 10

Expert Comment

by:Kezzi
ID: 34135533
You specify that in the Task Sequence for the Driver Package installation.  I have attached a screen shot. Task Sequence screenshot of Driver Install
0
 

Author Comment

by:midwestexp
ID: 34135647
That's for the TS. What I am trying to do is load "unsigned" drivers into my PE boot image so that I can even get a TS to run. Which prior to SP2, worked without problem.
0
 
LVL 10

Expert Comment

by:Kezzi
ID: 34137969
Not sure but i had issues during my upgrade.  Had to rerun sp2 after deleting my existing boot images so that they upgraded properly.  
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 10

Expert Comment

by:JonLambert
ID: 34141760
Haven't come accross this before, but you could definately manually mount the source boot WIM and insert the drivers using DSIM usingt he forced unsigned switch, and then updated the boot wim pakcage (to force the WIM to be re-created).

If you do this, ensure that you do mount and update the source boot wim, and not the package boot wim which is generated by SCCM (which has the SCCM Packaged ID in the name).

0
 

Author Comment

by:midwestexp
ID: 34144585
Jon,

I finally broke down yesterday and resorted to manually inserting the drivers in to a custom image. I trust you have upgraded to SP2? Do you have any trouble injecting 64bit "boot-critical" drivers? I could provide a link to the Dell PE drivers I am using if anyone wants to give them a go on their setup?
0
 
LVL 10

Expert Comment

by:JonLambert
ID: 34149600
I did a Boot WIM with Dell server MSD and NIC drivers last week, when I'm on site I'll get the namd and versions of the drivers I used, and we can see if they differ.
0
 
LVL 10

Expert Comment

by:JonLambert
ID: 34153421
Attached is a jpg of some of the Dell drivers I attached  using the normal standard proccess. Maybe the driver version numbers can help you out

 Dell Boot Drivers Boot Drivers in WIM
0
 

Author Comment

by:midwestexp
ID: 34155070
I know one of the failing drivers I have is the same, other than version. It is the Dell CERC SATA 1.5/6ch RAID Controller as well as the management device. The version on mine is 4.1.1.7038. Which I got out of this cab file
 from Dell. On your sustem, is the driver you have for that signed?



0
 
LVL 10

Expert Comment

by:JonLambert
ID: 34158764
Yes it is signed
0
 
LVL 10

Accepted Solution

by:
JonLambert earned 1500 total points
ID: 34158799
From memory I might have utilised the Dell Server Deployment Pack add-in for the SCCM console to download the drivers, but I don't currently have that installed so I cant validate that was how I downloaded  the drivers.
0
 

Author Closing Comment

by:midwestexp
ID: 34982609
Accepting based on effort. Issue has been submitted to Dell to correct.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found listed in my profile here: http:…
Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question