Windows Provisioning made Easy!

Hello Everyone,

I’m happy to announce a new version of the WIMan script:

Fixed

  • Added “Elevated Console” detection (as the program is best ran as admin)
  • Configured TLS support for webclients
  • Incorrectly detected “choco”
  • Added logging output
  • [CRITICAL] Removed boot.wim during clean-up phase

It was discovered that v0.0.2 of the script had a flaw which removed boot.wim from the finalized folder. This causes the end-result to not work (as boot.wim contains WinPE). The bug has been fixed and a new release has been made. If you’re using v0.0.2, I’d strongly advice to upgrade as it doesn’t work.

I hope I didn’t cause too much of frustrations while using this script version. I’ll try to think about a good automated test to resolve regressions in the future.

Please let me know if you, after upgrading, have any other issues that prevent you getting a complete windows installations.

Kind regards

1 Like

Hi,

Thank you for all of your work. I’m very new with foreman and windows provision and your work help me alot. Finally i can boot and install Windows with your WIMan. But after windows installed and reboot after prepare system. Windows cannot boot and said it could not complete installation:


I am using foreman 1.24.2, katello 3.14, and I trying to provision Windows server 2016 Standard. Could you please help me trace this error? Thank you.

Hi @picassio,

Can you check the contents of your provisioning script (the script that contains the XML) and verify no invalid content is in?
Also, can you doublecheck that the provisioning script contains a base-64 encoded string (suffixed with AdministratorPassword, only noticable after decoding)?
Perhaps, if possible you could verify the xml was written correctly to the disk (you could do this, for instance, by stopping the script in winpe and adding a exit in peSetup.cmd from within WinPE and re-run the script)

AFAIK these are the type of errors that would cause that error.

Hi,

The installation look fine, i am using community template without edit. But after this stage, VM still have this error.

Sorry because new user can upload more than one image, so i use 3rd party link:

my unattend.xml in Panther folder:
https://pastebin.com/7DKYYu0z

1 Like

Hi @picassio,

Thank you for sharing this information; best delete the pastebin because it can contain data that’s better not exposes.

Anyway, from looking at that unattend.xml file, it seems the password isn’t correctly encoded. Van you verify that the password encoding, configurable on the first tab called “Operating System” of your operating system configuration in Foreman, is set to Base64-Windows?

If you observe the unattend.xml where the following content is:

<UserAccounts>
            <AdministratorPassword>
                <PlainText>false</PlainText>
                <Value> <!-- SHOULD BE BASE-64 encoded! --> </Value>
            </AdministratorPassword>
        </UserAccounts>

Good luck! I think you’re close!

Hi,

It is set to Base64-Windows. I don’t know why it did not encode to unattend.xml. I will check and tell you the result if it change. Thank you for your help.

Hi, I can provison windows server2016 with your WIMan tutorial now. The last failed was because of 2 problem:

  • My foreman cannot encode root password to Base64_Windows, i still have no idea about it. So I change password from XML file to use plantext.
  • The seconds problem is my active key end with a space.
    Now all the thing work.

Thank you for your help. Your work is amazing!

2 Likes

Hi!

Great to hear you managed to get it to work! I’m very curious as to why base64 isn’t encoding properly but at least you managed to get this far!
Did foreman throw an error during the generation of base64-windows? Did regular base64 work? (sorry for these follow-up questions, but others might be helped by your input)

Is anybody else having issues encoding the password with base64-windows?

Hi,

Here are some journal log and production log when i try to provision failed with base64_windows and foreman do not encrypt password to unattended.xml
https://pastebin.com/hZNKGF5Z
https://pastebin.com/RDXwV10W

I do not see anything wrong with foreman.

Foreman do not encrypt password to unattended.xml when using base64 or base64_windows.

Hi have you any dea what could be he problem?
In TCP dump on foreman site i see last action is a DNS request from client and awnser from server
But i dont see a http request anymore in the trace…any help or hint would be great.

i have manually copied the .c32 files as i learned CentOS 7 does have too old syslinux files…maybe now version 6.04 is too new?
What version you are using?

Hi,

As from what i can tell, you didn’t configure the " PXELinux chain iPXE" step as mentioned in my original post. Ipxe is, AFAIK the only pxe bootstrapper that can use http

Let me know if that solves your issue :slight_smile:

Kr

Hi i copied form https://boot.ipxe.org/ the following files:
ipxe.efi
ipxe.lkrn
undionly.kpxe

to /var/lib/tftpboot
in the Operating system i set PXELinux chain iPXE
are there other steps to configure “PXELinux chain iPXE”

BR
Thomas

Hi @tomabg,

Looks great to me actually :slight_smile:
What is the result of this? Still the same error?

Kind regards

1 Like

Hi,

unfortunatelly yes:-(

do i need some special config inside DNS?

currently i used “default” from forman config and DNS can resolve IP’s and also awnsers to the client

ipxeboot.tar (429.5 KB)

BR
Thomas

it did not try to tftp the ipxe.lkrn.

Hi,

Did you stop and start the build (provisioning) of this host? It seems that iPXE is not loaded at all (at least from what I can tell from your pcap)?

To answer you other question: no you don’t need to change DNS settings for this to work :slight_smile:
I think we’ll first have to get iPXE to boot :slight_smile:

Kr

1 Like

Hi,
thank you so much it starts now installation.
recreate host solves it…so it boot into ipxe

installation seems to hang now in this step…are 2 drives required in the VM? or have you an idea what is the problem now?
grafik

Hi,
so I did everything exactly as you mentioned and iPXE is starting, it acquires the foreman-token aswell but in the next step it is stuck at:
tftp:///boot/windows-x64-windows-images-JiQavrkLFtOU/wimboot
and the next error message is: !PXE strcuture was not found in UNDI driver code segment

I have the files in /var/lib/tftpboot

What to do here?