Installing OSD Deployment with MDT 2008 and get an error in SMS Provider log during MDT TS Import-Custom Boot Image

May 17, 2008 at 8:50 am in ConfigMgr 2007, SCCM 2007, SMS by Kenny Buntinx [MVP]

A test lab is one thing , production another….


I was implementing a multisite Configuration Manager/OSD enviroment and ran into multiple errors while doing OS deployments into my lab. As the customer did not have any expierence at all with os deployments and time was limited I used the solution accellerator MDT 2008 from Microsoft. In the lab everything seemed to work , but oh boy production was another part of the show .


Before even tinking obout OSD deployment make sure that you have a Windows 2003 SP2 server running then do the following steps :


1.Install WDS . But be aware of the fact that you must not configure WDS from this point onwards in the console – do not touch it, open it or configure it!


2.Add the PXE role to the SCCM site you want it to run from.

3.You must have a functioning DHCP server with an active scope. WDS will utilize PXE which requires a DHCP server.Whether you plan to co-host WDS and DHCP on the same server or use two different servers you must configure WDS to listen on a specific port. DHCP and WDS both require port number 67. If you have co-hosted WDS and DHCP you can move DHCP or the PXE site role to a separate server or use the procedure below to configure the WDS server to listen on a different port:

Modify the following registry key:


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WDSServer\Providers\WDSPXE


Set the registry value to:


UseDHCPPorts = 0


For the new configuration to take effect, you will then to run the following command on the co-located DHCP and WDS server:


WDSUTIL /Set-Server /UseDHCPPorts:No /DHCPOption60:Yes


 4. If you have cisco switches , make sure PORTFAST is enabled !


 5. Enable you routers to do PXE forwarding on port 4011 !


Then for using MDT2008 :


 1. Install the MDT2008


 2. Install USMT3.01 as he will need the files


 3. Download the WAIK 1.1 and uninstall the WAIK 1.0 – reboot – Install WAIK1.1 .Otherwise MDT cannot edit the wim image – THIS IS NOT Documented by microsoft and i toke me a wile to find out what the hell was going on !!!


 4.When you do a import of a Microsoft Deployment Task Sequence and run through the wizard, you are given the option to select an existing boot image package or create a custom boot image package.  If I am given a chance to customize something, I will do.  So I selected the option to create a custom boot image.  The share that I specified for the new boot image package (along with the rest of the packages the wizard creates) was on my CM Primary site server (as well as where MDT is installed).  After completing the wizard, it started until it got to the part where it tries to copy the WIM image to the package source directory.  The following error is displayed: Error while importing Microsoft Deployment Toolkit Task Sequence.  Details: The ConfigMgr Provider reported an error.



I’ll open up the ConfigMgr Provider log file (smsprov.log). :


[3E4][Mon 10/04/2008 ]:Image language ID 1033 and en-US


[3E4][Mon 10/04/2008 ]:Failed to copy \\cm02\osd\BootImage\WinPE.wim to \\cm02\osd\BootImage\{FACDFFD1-F736-4AC0-A844-F9D952976966}.wim. Error code = 5


[3E4][Mon 10/04/2008 ]:


*


*


e:\nts_sms_fre\sms\siteserver\sdk_provider\smsprov\sspbootimagepackage.cpp(3012) : Failed to make a copy of the source WIM file due to error 5


*


*


[3E4][Mon 10/04/2008 ]:


*


*


Failed to make a copy of the source WIM file due to error 5


I know that error 5 means access denied (at a command prompt type net helpmsg 5).  I decided to review the permissions on my share and see that I have given the computer account full control of the share.  ConfigMgr is trying to connect to the share using NT AUTHORITY\SYSTEM and not the computer account.  The reason for this is that when the share is local, it will connect using NT AUTHORITY\SYSTEM and when the share is remote it will use the computer account.  So the simple fix was to go in and grant NT AUTHORITY\SYSTEM full control to the share. 


After that everything worked like a glance and I had my custom boot image package created when I ran the import again


Mike Terril helped me a lot on this issue by some of his posts on his blog . Thanks Mike!


 Regards


 Kenny buntinx

Tweet about this on TwitterShare on FacebookShare on Google+Share on LinkedInPin on Pinterest