Adding ADSI Support for WinPE 10

This feels like the never ending story… I created an ADSI plugin for WinPE 2.0 back in 2007/2008-ish, and for every new release of WinPE I get requests for a new version. So here it is.

Note: I understand that you may have existing scripts using the ADSI feature in WinPE that you want to use for Windows 10 deployments, but please start using web services instead. It’s way more secure, has more features, and doesn’t require unsupported hacks like this one.

Disclaimer: Adding ADSI support to WinPE 10 is not supported by Microsoft.

Updated February 20, 2016: Added x86 support as well.


Make sure you have Windows ADK 10 installed, then the download the ADSI Plugin for WinPE 10.

Step-by-step guide

In this example you add support for ADSI to WinPE 10 x64, but you also find files for the x86 version in the download.

1. Extract the ADSI Plugin to C:\Plugins.

2. Copy the following files from a Windows 10 x64 image/installation to C:\Plugins\ADSIx64.


3. From an elevated PowerShell prompt, run the CreateBootImage_x64.ps1 script

    Sample script for Deployment Research
    Created: 2015-09-29
    Version: 1.2
    Author : Johan Arwidmark
    Twitter: @jarwidmark
    Blog   :
    Disclaimer: This script is provided "AS IS" with no warranties, confers no rights and 
    is not supported by the author or DeploymentArtist..
# Settings
$WinPE_BuildFolder = "C:\Setup\WinPE10_x64"
$WinPE_Architecture = "amd64" # Or x86
$WinPE_MountFolder = "C:\Mount"
$WinPE_ISOfile = "C:\ISO\WinPE10_x64_ADSI.iso"
$ADK_Path = "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit"
$WinPE_ADK_Path = $ADK_Path + "\Windows Preinstallation Environment"
$WinPE_OCs_Path = $WinPE_ADK_Path + "\$WinPE_Architecture\WinPE_OCs"
$DISM_Path = $ADK_Path + "\Deployment Tools" + "\$WinPE_Architecture\DISM"
$OSCDIMG_Path = $ADK_Path + "\Deployment Tools" + "\$WinPE_Architecture\Oscdimg"
# Check for elevation
If (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole(`
    [Security.Principal.WindowsBuiltInRole] "Administrator"))
    Write-Warning "Oupps, you need to run this script from an elevated PowerShell prompt!`nPlease start the PowerShell prompt as an Administrator and re-run the script."
    Write-Warning "Aborting script..."
# Delete existing WinPE build folder (if exist)
if (Test-Path -path $WinPE_BuildFolder) {Remove-Item -Path $WinPE_BuildFolder -Recurse -ErrorAction Stop}
    Write-Warning "Oupps, Error: $($_.Exception.Message)"
    Write-Warning "Most common reason is existing WIM still mounted, use DISM /Cleanup-Wim to clean up and run script again"
# Make a copy of the WinPE boot image 
if (!(Test-Path -path "$WinPE_BuildFolder\Sources")) {New-Item "$WinPE_BuildFolder\Sources" -Type Directory}
Copy-Item "$WinPE_ADK_Path\$WinPE_Architecture\en-us\winpe.wim" "$WinPE_BuildFolder\Sources\boot.wim"
# Copy WinPE boot files
Copy-Item "$WinPE_ADK_Path\$WinPE_Architecture\Media\*" "$WinPE_BuildFolder" -Recurse
# Mount the WinPE image
$WimFile = "$WinPE_BuildFolder\Sources\boot.wim"
Mount-WindowsImage -ImagePath $WimFile -Path $WinPE_MountFolder -Index 1
# Copy ADSI sample VBScript
Copy-Item .\Connect_to_DC_Sample.vbs "$WinPE_MountFolder\Windows\System32"
# Inject ADSI Components
& $DISM_Path\dism.exe /Image:$WinPE_MountFolder /Add-Driver /Driver:C:\Plugins\ADSIx64\ADSIx64.inf /forceunsigned
# Add WinPE optional components (using ADK version of dism.exe instead of Add-WindowsPackage)
& $DISM_Path\dism.exe /Image:$WinPE_MountFolder /Add-Package /PackagePath:$WinPE_OCs_Path\
& $DISM_Path\dism.exe /Image:$WinPE_MountFolder /Add-Package /PackagePath:$WinPE_OCs_Path\en-us\
& $DISM_Path\dism.exe /Image:$WinPE_MountFolder /Add-Package /PackagePath:$WinPE_OCs_Path\
& $DISM_Path\dism.exe /Image:$WinPE_MountFolder /Add-Package /PackagePath:$WinPE_OCs_Path\en-us\
& $DISM_Path\dism.exe /Image:$WinPE_MountFolder /Add-Package /PackagePath:$WinPE_OCs_Path\
& $DISM_Path\dism.exe /Image:$WinPE_MountFolder /Add-Package /PackagePath:$WinPE_OCs_Path\en-us\
& $DISM_Path\dism.exe /Image:$WinPE_MountFolder /Add-Package /PackagePath:$WinPE_OCs_Path\
& $DISM_Path\dism.exe /Image:$WinPE_MountFolder /Add-Package /PackagePath:$WinPE_OCs_Path\en-us\
# Unmount the WinPE image and save changes
Dismount-WindowsImage -Path $WinPE_MountFolder -Save
# Create a bootable WinPE ISO file (comment out if you don't need the ISO)
$BootData='2#p0,e,b"{0}"#pEF,e,b"{1}"' -f "$OSCDIMG_Path\","$OSCDIMG_Path\efisys.bin"
$Proc = Start-Process -FilePath "$OSCDIMG_Path\oscdimg.exe" -ArgumentList @("-bootdata:$BootData",'-u2','-udfver102',"$WinPE_BuildFolder","$WinPE_ISOfile") -PassThru -Wait -NoNewWindow
if($Proc.ExitCode -ne 0)
    Throw "Failed to generate ISO with exitcode: $($Proc.ExitCode)"

4. Boot a VM on the WinPE10_x64_ADSI.iso, or add the WIM to your deployment solution. Once booted, run the Connect_to_DC_Sample.vbs script to verify ADSI works (modify server/domain name if needed first).

Output from the sample script included in the download.
About the author

Johan Arwidmark

5 3 votes
Article Rating
Notify of
Oldest Most Voted
Inline Feedbacks
View all comments
1 year ago

Hi Johan, it is possible to inject the driver when WinPE is loaded to avoid customizing the WinPE when a new version comes and the just create a package with the driver .inf and .dll ?
Maybe it was possible to force install it using dpinst.exe or similar?