WinPE 1.6 and 2.1 fails to validate its IP address when running in a "169.254" network
search cancel

WinPE 1.6 and 2.1 fails to validate its IP address when running in a "169.254" network


Article ID: 176723


Updated On:


Deployment Solution


When running WinPE 1.6 or 2.1 in a "169.254" network (this is normally the case if a computer is running the Cisco VPN client and wishes to have local network connectivity as well), it fails to validate its IP address and also believes that its drive mapping credentials are incorrect.

Breaking out of these retry attempts allows "net use" to be run to successfully map a drive, proving that WinPE had received a functioning TCPIP stack from the DHCP Server.


Deployment Solution 6.8

Looking at the startnet.cmd and startutl.bat files which are found in the ".\Altiris\eXpress\Deployment Server\PXE\MasterImages\MenuOption131\BDC\shared\@[email protected]\system32" directory for the default "Managed WinPE" Boot Menu, it was found that WinPE is configured to exclude the "169.254" IP address range by default, as this is normally used when a computer does not have either a Static TCPIP stack or a DHCP provided one.

The startnet.cmd file calls the startutl.bat file with the following parameters:

REM ==============================================================
REM Login=Login to the network
REM --------------------------------------------------------------
echo Establishing network connection...
call %_utl% :authenticate 10 5 20 "-169.254" 180 "%_PwlFile%" "%_Computer%" "%_Domain%"
rem if %errorlevel% neq 0 goto :eof
rem goto :eof

The startutl.bat file starts its script-based operations based off of those parameters:

REM ==============================================================
REM authenticate=Authenticate to the network
REM     1 = ip check timeout
REM     2 = ip check timeout increment
REM     3 = ip check retries
REM     "4" = ips to exclude(-) / include(+)
REM     5 = authentication timeout
REM     "6" = password filename - $PwlFileTitle$
REM     "7" = computer name - $ComputerName$
REM     "8" = domain or server name - $DomainOrServer$
REM     return = 0 if successful
REM --------------------------------------------------------------
setlocal EnableDelayedExpansion EnableExtensions
echo Validating IP address...
set /a timeout=%1

%systemdrive%\loginw -p %~4 -w %timeout%
rem if "%errorlevel%" == "0" goto auth-login
if %errorlevel% equ 0 goto auth-login

set /a timeout=timeout+%2
set /a x=x+1
if %x% geq %3 goto auth-ipfail
echo Restarting DHCP client service: retry %x%...
net stop dhcp >nul
net start dhcp >nul
goto auth-loop

echo Authenticating connection...
%systemdrive%\loginw -f %6 -c %7 -d %8 -t %5
rem if not "%errorlevel%" == "0" goto auth-ipfail2
if %errorlevel% neq 0 goto auth-ipfail2
goto :eof

echo Could not aquire IP address.
rem exit
goto :eof

echo Could not authenticate network connection.
rem exit
goto :eof

It is the REM "4" line that makes this IP exclusion:

ips to exclude(-) / include(+) line. 169.254 segment is excluded by following line in startnet.cmd call %_utl% :authenticate 10 5 20 "-169.254" 180 "%_PwlFile%" "%_Computer%" "%_Domain%"

Deployment Solution 6.9

Unlike Deployment Solution 6.8, 6.9 hides most of its WinPE files preventing them from being accessed and modified via the Boot Disk Creator, which means that it is necessary to modify the relevant files from their Templates folder. Deployment Solution 6.8 only had the "-169.254" exclsuion in the startnet.cmd file; however, 6.9 also has it in the setenv.bat file as well.


Deployment Solution 6.8

The startnet.cmd file needs to be modified so that the "169.254" exclusion is removed. Only do this via the "PXE Configuration Utility" and not by directly modifying this file via the file system.

  1. Select the WinPE Boot menu and click the Edit button.
  2. When the Edit xxx Menu Option window appears, click the Edit Boot Image button.
  3. The Altiris Boot Disk Creator - Edit WinPE Configuration window will open up at Step 9 of 12: Edit Configuration.
  4. Expand the "%SystemRoot%" folder and then the "System32" one.
  5. Select the startnet.cmd file and then scroll down through the right-hand window until the "REM Login=Login to the network" section is displayed.


  6. Remove 169.254 from within the double-quotes, ensuring that the set of double-quotes remains in the script, with a value that you are sure will not appear in your environment. For Example "-124.0"
  7. Click the Next button so that you can run past the rest of the steps (there is no need to modify any of them), so that this newly configured Boot Menu can be created.
  8. Once the creation process has finished, click the OK button in the Edit xxx Menu Option window, and then click the Save button in the PXE Configuration Utility window.
  9. Once this Boot Menu has been saved, WinPE will be able to validate its IP address within a "169.254" network.

Deployment Solution 6.9

A modified WinPE 1.6 image created in Deployment Solution 6.8 will still work after the Deployment Server has been upgraded to 6.9; however, any WinPE 1.6 or 2.1 images created in Deployment Solution 6.9 will require the startnet.cmd and setenv.bat files to be modified beforehand.

  1. Delete any WinPE 1.6 and 2.1 images that were created by Deployment Solution 6.9.
  2. Go to the following directories in order to modify the startnet.cmd and setenv.bat files:

    WinPE 1.6 = ".\Altiris\eXpress\Deployment Server\Bootwiz\platforms\Winpe\x86\Templates\"
    WinPE 2.1 = ".\Altiris\eXpress\Deployment Server\Bootwiz\platforms\Winpe2\x86\Templates\"

    The startnet.cmd section that needs modifying is (replace 169.254 from within the double quotes):

    REM ==============================================================
    REM Login=Login to the network
    REM --------------------------------------------------------------
    if defined _StartNetwork if defined _Computer if defined _Domain if defined _PwlFile if exist "%systemdrive%\%_PwlFile%" (
      echo Establishing network connection...
      if not defined _AuthParams  set _AuthParams=10 5 20 "-169.254" 180
      call %__utl%:authenticate %_AuthParams% "%systemdrive%\%_PwlFile%" "%_Computer%" "%_Domain%"
      rem if exist __rtn if %errorlevel% neq 0 %__rtn%

    The setenv.bat section that needs modifying is (replace 169.254 within the double quotes): Leave as set _AuthParams=10 5 20 "-***.***" 180

set _StartNetwork=$$StartNetwork$$
set _PreloadDrivers=$$PreloadDrivers$$
set _UseFactoryWinpe=$$CfgWinPEModel$$
set _EnableFirewall=$$CfgEnableFirewall$$
set _PwlFile=$$CfgPwlFileTitle$$
set _Computer=$$CfgComputerName$$
set _Domain=$$CfgDomainOrServer$$
set _AuthParams=10 5 20 "-***.***" 180
set _GetSrv_Map=
set _GetSrv_Pwl=%systemdrive%\%_PwlFile%

(IMPORTANT: Replace the ***.*** with the same value described above, a value that will not appear in your environment.  Example "-124.0")

3. Once these two files have been modified and saved for the relevant WinPE version, a WinPE image can be created which will work in a 169.254 network.

Applies To
Deployment Solution 6.8 and 6.9 running WinPE 1.6 or 2.1