This feels like the never ending story… I created an ADSI plugin for WinPE 2.0 back in 2007/2008-ish, and for every new release of WinPE I get requests for a new version. So here it is.
Note: I understand that you may have existing scripts using the ADSI feature in WinPE that you want to use for Windows 10 deployments, but please start using web services instead. It’s way more secure, has more features, and doesn’t require unsupported hacks like this one.
Disclaimer: Adding ADSI support to WinPE 10 is not supported by Microsoft.
Updated February 20, 2016: Added x86 support as well.
Requirements
Make sure you have Windows ADK 10 installed, then the download the ADSI Plugin for WinPE 10.
Step-by-step guide
In this example you add support for ADSI to WinPE 10 x64, but you also find files for the x86 version in the download.
1. Extract the ADSI Plugin to C:\Plugins.
2. Copy the following files from a Windows 10 x64 image/installation to C:\Plugins\ADSIx64.
adsldp.dll
adsmsext.dll
adsnt.dll
mscoree.dll
mscorier.dll
mscories.dll
3. From an elevated PowerShell prompt, run the CreateBootImage_x64.ps1 script
<#
.Synopsis
Sample script for Deployment Research
.DESCRIPTION
Created: 2015-09-29
Version: 1.2
Author : Johan Arwidmark
Twitter: @jarwidmark
Blog : https://deploymentresearch.com
Disclaimer: This script is provided "AS IS" with no warranties, confers no rights and
is not supported by the author or DeploymentArtist..
.EXAMPLE
N/A
#>
# Settings
$WinPE_BuildFolder = "C:\Setup\WinPE10_x64"
$WinPE_Architecture = "amd64" # Or x86
$WinPE_MountFolder = "C:\Mount"
$WinPE_ISOfile = "C:\ISO\WinPE10_x64_ADSI.iso"
$ADK_Path = "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit"
$WinPE_ADK_Path = $ADK_Path + "\Windows Preinstallation Environment"
$WinPE_OCs_Path = $WinPE_ADK_Path + "\$WinPE_Architecture\WinPE_OCs"
$DISM_Path = $ADK_Path + "\Deployment Tools" + "\$WinPE_Architecture\DISM"
$OSCDIMG_Path = $ADK_Path + "\Deployment Tools" + "\$WinPE_Architecture\Oscdimg"
# Check for elevation
If (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole(`
[Security.Principal.WindowsBuiltInRole] "Administrator"))
{
Write-Warning "Oupps, you need to run this script from an elevated PowerShell prompt!`nPlease start the PowerShell prompt as an Administrator and re-run the script."
Write-Warning "Aborting script..."
Break
}
# Delete existing WinPE build folder (if exist)
try
{
if (Test-Path -path $WinPE_BuildFolder) {Remove-Item -Path $WinPE_BuildFolder -Recurse -ErrorAction Stop}
}
catch
{
Write-Warning "Oupps, Error: $($_.Exception.Message)"
Write-Warning "Most common reason is existing WIM still mounted, use DISM /Cleanup-Wim to clean up and run script again"
Break
}
# Make a copy of the WinPE boot image
if (!(Test-Path -path "$WinPE_BuildFolder\Sources")) {New-Item "$WinPE_BuildFolder\Sources" -Type Directory}
Copy-Item "$WinPE_ADK_Path\$WinPE_Architecture\en-us\winpe.wim" "$WinPE_BuildFolder\Sources\boot.wim"
# Copy WinPE boot files
Copy-Item "$WinPE_ADK_Path\$WinPE_Architecture\Media\*" "$WinPE_BuildFolder" -Recurse
# Mount the WinPE image
$WimFile = "$WinPE_BuildFolder\Sources\boot.wim"
Mount-WindowsImage -ImagePath $WimFile -Path $WinPE_MountFolder -Index 1
# Copy ADSI sample VBScript
Copy-Item .\Connect_to_DC_Sample.vbs "$WinPE_MountFolder\Windows\System32"
# Inject ADSI Components
& $DISM_Path\dism.exe /Image:$WinPE_MountFolder /Add-Driver /Driver:C:\Plugins\ADSIx64\ADSIx64.inf /forceunsigned
# Add WinPE optional components (using ADK version of dism.exe instead of Add-WindowsPackage)
& $DISM_Path\dism.exe /Image:$WinPE_MountFolder /Add-Package /PackagePath:$WinPE_OCs_Path\WinPE-Scripting.cab
& $DISM_Path\dism.exe /Image:$WinPE_MountFolder /Add-Package /PackagePath:$WinPE_OCs_Path\en-us\WinPE-Scripting_en-us.cab
& $DISM_Path\dism.exe /Image:$WinPE_MountFolder /Add-Package /PackagePath:$WinPE_OCs_Path\WinPE-WMI.cab
& $DISM_Path\dism.exe /Image:$WinPE_MountFolder /Add-Package /PackagePath:$WinPE_OCs_Path\en-us\WinPE-WMI_en-us.cab
& $DISM_Path\dism.exe /Image:$WinPE_MountFolder /Add-Package /PackagePath:$WinPE_OCs_Path\WinPE-HTA.cab
& $DISM_Path\dism.exe /Image:$WinPE_MountFolder /Add-Package /PackagePath:$WinPE_OCs_Path\en-us\WinPE-HTA_en-us.cab
& $DISM_Path\dism.exe /Image:$WinPE_MountFolder /Add-Package /PackagePath:$WinPE_OCs_Path\WinPE-MDAC.cab
& $DISM_Path\dism.exe /Image:$WinPE_MountFolder /Add-Package /PackagePath:$WinPE_OCs_Path\en-us\WinPE-MDAC_en-us.cab
# Unmount the WinPE image and save changes
Dismount-WindowsImage -Path $WinPE_MountFolder -Save
# Create a bootable WinPE ISO file (comment out if you don't need the ISO)
$BootData='2#p0,e,b"{0}"#pEF,e,b"{1}"' -f "$OSCDIMG_Path\etfsboot.com","$OSCDIMG_Path\efisys.bin"
$Proc = Start-Process -FilePath "$OSCDIMG_Path\oscdimg.exe" -ArgumentList @("-bootdata:$BootData",'-u2','-udfver102',"$WinPE_BuildFolder","$WinPE_ISOfile") -PassThru -Wait -NoNewWindow
if($Proc.ExitCode -ne 0)
{
Throw "Failed to generate ISO with exitcode: $($Proc.ExitCode)"
}4. Boot a VM on the WinPE10_x64_ADSI.iso, or add the WIM to your deployment solution. Once booted, run the Connect_to_DC_Sample.vbs script to verify ADSI works (modify server/domain name if needed first).
Hi Johan, it is possible to inject the driver when WinPE is loaded to avoid customizing the WinPE when a new version comes and the just create a package with the driver .inf and .dll ?
Maybe it was possible to force install it using dpinst.exe or similar?
Not that I know of, you might be able to trick pnputil.exe into installing it by signing the ADSI driver with a Kernel-Mode Code Signing Certificates. But untested.