Monday, November 10, 2014

How to deploy a Windows Image on UEFI-based Computers

In an earlier post I described how to deploy a Windows Image on UEFI-based Computers using PXE boot. This post can be found here: Blogpost. This time I want to deploy a Windows image on a Hyper-V Generation 2 VM using ConfigMgr boot media. Because Generation 2 is using UEFI and Secureboot, deployment is not working by default. Let's have a look at some errors I see when starting deployment from a 64-bit boot image.

-Unable to find a raw disk that could be partitioned as the system disk.
-Failed to prepare the system partition for staging. The system cannot find the drive specified. (Error: 8007000F; Source: Windows)
-Failed to stage WinPE. Code(0x8007000F)


-System partition not set.
-Unable to find the partition that contains the OS boot loaders. Please ensure the hard disks have been properly partitioned.
-Failed to prepare the system partition for staging. Unspecified error (Error: 80004005; Source: Windows)
-Failed to stage WinPE. Code(0x80004005)


Trick is you must disable Secureboot and create UEFI partitions yourself. Just turn Secureboot off in properties and when ConfigMgr boot media is started press F8 and create partitions yourself.
  • Diskpart
  • Select disk 0 (0 being the disk to setup)
  • Clean (wipe the disk)
  • Convert gpt (convert disk to GPT)
  • Create partition efi size=200 (EFI system partition)
  • Assign letter=s (Any allowable letter)
  • Format quick fs=FAT32 (Format the ESP)
  • Create partition msr size=128 (Create the MSR partition)
  • Create partition primary (Create Windows partition)
  • Assign letter=c
  • Format quick fs=NTFS (Format primary partition)
  • Exit
After that start the task sequence and you will be fine. Just make sure the ConfigMgr boot media using is 64-bit and the one used on the deployment task sequence is 64-bit also. This is mandatory to get the job done. Hope it helps!

Comment 8-4-2016: Create a diskpart script and add it into your USB/ISO (not PXE) media, if you don't want to type it manually. Press F8 and start your script with: diskpart /s filename.txt (Source)

More blogposts on this topic:
PXE Boot files in RemoteInstall folder explained (UEFI)

58 comments:

  1. Is there a way to run these commands in the task sequence or is this going to be a manual step?

    ReplyDelete
    Replies
    1. Didn't tried that before. You can however use diskpart in a task sequence as well.

      Delete
    2. You can use diskpart in a task sequence but in this case, it wouldn't help. You will never get to task sequence step to run diskpart until you have manually partitioned the drive.

      Delete
  2. Hi Henk,
    I have exactly the same issue on HYPER-V Generation 2 VM. Do you have any solution to solve this issue?

    ReplyDelete
    Replies
    1. Trick is you must disable Secureboot and create UEFI partitions yourself.

      Hope it helps!

      Delete
  3. Thank you for this article.

    ReplyDelete
  4. Why doesn't it work just disabling secureboot, then reboot, and try the media again?

    ReplyDelete
    Replies
    1. Trick is you must disable Secureboot and create UEFI partitions yourself.

      /Henk

      Delete
  5. Create a diskpart script and add it into your usb/iso (not PXE) media, if you don't want to type it manually. Press F8 and start your script with:
    diskpart /s filename.txt
    https://technet.microsoft.com/en-us/library/hh825686.aspx#RecommendedConfiguration

    ReplyDelete
    Replies
    1. Good idea, did use this sometimes in deployment too! Thanks for the comment.

      Delete
  6. Hi, just wanted to share with you my progess on this :) https://social.technet.microsoft.com/Forums/en-US/dd9a11b9-c3ae-4825-8262-e2754f6f7344/how-to-convert-mbr-to-gpt-automatically-before-the-ts-starts?forum=ConfigMgrCBOSD#dd9a11b9-c3ae-4825-8262-e2754f6f7344

    ReplyDelete
  7. I am bit confused as to why this isn't being done by the task sequence; isn't that what the partition step is for?

    I had some Windows7 laptops that had SecureBoot and UEFI disabled. I re-enabled them as I am deploying a Windows 10 image. I got the 0x80004005 and 0x80070070 errors. So I tried doing a clean in diskpart but it still failed on next try. So it seems deployments aren't actually partitioning the system, just formatting to apply wim?

    ReplyDelete
    Replies
    1. Normally this is done during the task sequence indeed. But when that's not possible, you must create them manually or by scripting.

      Delete
  8. I've got the same issue with Dell E5570. I've changed the the boot setting to "Legacy boot" in the BIOS. Fixed my issue.

    ReplyDelete
  9. I've ran the script and partitions are created just fine. My task sequence is also start running. The only problem I am getting is that my TS is set to download the prestage contents to the hard drive. So once that is done it says to remove USB drive and reboot. The problem I get is that the PC is not booting from the task sequence that was copied to the hard drive.
    Tried changing BIOS settings but none seems to help.
    Any suggestions please????

    ReplyDelete
    Replies
    1. Carlos,

      I'm having the same issue. Were you able to solve the problem?

      Thanks

      Delete
    2. Carlos Quesada...I am having the same issue. Did you ever find a fix? - L. May

      Delete
    3. I am facing the same issues. Could someone help me out as to how to setup scripts within TS for this. I have set this step as 'Continue on Error' and my TS goes till the last step successfully. So, this is the only issue I am facing.

      Delete
  10. creating the partitions beforehand worked for me. thanks for posting!!!

    ReplyDelete
  11. Nice, worked for me!!

    ReplyDelete
  12. Thank you, this issue has been driving me crazy. Worked 1st try on two different model Dell laptops.

    Thank you again!

    ReplyDelete
  13. One of the simplest steps and explanations I have come across in any blog. Thanks a lot

    ReplyDelete
  14. Thank you, this got my Lenovo X1 tablet going!

    ReplyDelete
  15. For me when I disable the secure boot everything works fine without any need to partition manually, but still searching for a way that will not make me lose the secure boot features.

    ReplyDelete
  16. Good solution for the boot disk failure issue. Most of the times it may be hard disk issue or sometimes even loose connection can cause boot disk failure problem. Keep writing more on other topics also.

    ReplyDelete
  17. Thank You so much for this tutorial. I had huge problems with installing Windows on my computer because of UEFI.

    ReplyDelete
  18. Had to say thank you, this helped me a lot!

    ReplyDelete
  19. This doesn't work for lenovo laptops that want to use uefi and secureboot. Main reasoning you need those is for the TPM 2.0 chip with Windows 10.

    ReplyDelete
  20. Thank you very much! Helpded me run an UEFI ZTI in Hyper-V.

    ReplyDelete
  21. Thanks Henk,

    I was trying to run my task sequence on a Dell 3020 with a new SSD and the task sequence failed each time. I used your Diskpart command and Viola! Instant Task Sequence success!
    Thanks again,
    Mike Hamel
    Penn State University
    Pennsylvania USA

    ReplyDelete
  22. After two days of trying everything your guide finally worked for me. Thank you!

    ReplyDelete
  23. Hi Henk, when using this Diskpart-script (https://msdn.microsoft.com/de-de/library/windows/hardware/dn898510(v=vs.85).aspx) it works well for us - with actived Secure Boot!

    ReplyDelete
  24. Hi, do you have any idea about error code (0x8004255C) ? It's appeared when process this script. Thanks a lot~

    ReplyDelete
  25. Forget manual Scripts or winpeshl.ini modification in your Winpe Boot image.

    just create a format and partition Disk Step in your Task Sequence
    select disk number: 0
    disk Type: GPT

    in the Volume section:
    Add a EFI (EFI) volume 1000 MB Fixed size. Fat32 file System
    Add OSDRIVE (Primary) 100% of remaining space on disk. NTFS file system.


    et voilà ! :)

    ReplyDelete
  26. For anyone else stumbling on this, I fixed my issue by creating a default TS to "Deploy and existing image"... I then manually recreated all the partition settings in my custom TS and it worked like a charm!

    ReplyDelete
  27. Great! Works :). How it add to TS?

    ReplyDelete
    Replies
    1. Good question. Looking for an answer to this, myself.

      Delete
  28. Hello, can someone please help me, I am trying to PXE boot on an HP Elitedesk 800 G4, and followed all of the steps to legacy boot and enabled 66 and 67 with correct settings. I am able to get the SCCM Screen to boot and I am able to select my image but it gives me an error code 0x80070490 and when I hit F8 and type DISKPART and then type LIST DISK, it says "There are no fixed disks to show"?? In other words, it doesn't see the disk... what now?

    ReplyDelete
  29. Sounds like it is missing the storage driver needed to see the disk

    ReplyDelete
  30. Stopped by to thank you as many others have. This helped me get the TS started, so THANK YOU!

    ReplyDelete
  31. Thanks for this article, fixed deploying image to SurfaceBook via SCCM USB boot. Was getting the "Unable to find a raw disk" error in the SCCM log.

    ReplyDelete
  32. Legend, solved my problem thanks!

    ReplyDelete
  33. Thank you man, you're legend.

    ReplyDelete
  34. Hello Henk,
    Cleaning up the partitions makes task sequence to run. But suddenly all the Dell laptops with UEFI and secure boot enabled gets this error. Please let me know what could be the reason

    ReplyDelete
  35. Bedankt Henk, werkt nog steeds in 2021! :D

    ReplyDelete
  36. damn it !!!! after 2h research i found the solution with your correct DISKPART config !!!!! THX BRO !!!!

    ReplyDelete
  37. Thx god i found this page !!! After 2h research for the problem thats the correct diskpart settings !!!

    ReplyDelete