How to enable WinPE optional packages so that Powershell, DISM and SecureBoot can be used, and error BDC_ERR_WIM_INSERT_PACKAGE
search cancel

How to enable WinPE optional packages so that Powershell, DISM and SecureBoot can be used, and error BDC_ERR_WIM_INSERT_PACKAGE

book

Article ID: 267606

calendar_today

Updated On:

Products

Deployment Solution Client Management Suite IT Management Suite

Issue/Introduction

How do I enable Powershell, SecureBoot, or DISM for use in WinPE?  What is the right way to add optional components to WinPE?

This is usually caused by a desire to use WinPE-SecureBoot, Powershell, or DISM in WinPE and needing to add these to the Preboot Environment Settings (under Preboot Configurations)

If ordered incorrectly there will be errors in Bootwiz.log file (C:\Program Files\Altiris\Deployment\Logs).  Here is an example using Powershell out of order:

12/04 09:33:32 I: .......     package 'WINPE-POWERSHELL' = True (1)
12/04 09:33:32 I: ........>CPlatformWinPe2::WimInsertPackage [Platform='WINPE10_X64'] (sPkgLongName='WINPE-POWERSHELL', sMountPath='C:\Windows\TEMP\~bootwiz\00004054\image', sWorkingDir='', pProg)
12/04 09:33:32 I: ........-CPlatformWinPe2::WimInsertPackage - Using DismApi to add package (WINPE-POWERSHELL)
12/04 09:33:33 I: ........ Failed to add package (WINPE-POWERSHELL) with error (0x800f081e)
12/04 09:33:33 I: ........<CPlatformWinPe2::WimInsertPackage - returning 601 (BDC_ERR_WIM_INSERT_PACKAGE)
12/04 09:33:33 I: .......     error 601 (BDC_ERR_WIM_INSERT_PACKAGE) inserting 'WINPE-POWERSHELL'
12/04 09:33:33 I: .......<CPlatformWinPe2::WimInsertPackages - returning 601 (BDC_ERR_WIM_INSERT_PACKAGE)
12/04 09:33:33 I: .......>CPlatformWinPe2::CloseDismSession
12/04 09:33:33 I: .......< - returning 892 ()
12/04 09:33:33 I: .......>CPlatformWinPe2::CloseDismSession
12/04 09:33:33 I: .......< - returning 0 (BDC_SUCCESS)
12/04 09:33:33 I: .......>CPlatformWinPe4::WimUnmountFile [Platform='WINPE10_X64'] (sMountPath='C:\Windows\TEMP\~bootwiz\00004054\image', sWimFilePath='C:\Windows\Temp\~bootwiz\00004054\@dot@\sources\boot.wim', dwImageIndex=1, bCommitChanges=1, nCompressionType=0, dwMilliseconds=200, pProg, bIgnoreErrors=0)
12/04 09:33:33 I: ........>CPlatformWinPe3::WimUnmountFile [Platform='WINPE10_X64'] (sMountPath='C:\Windows\TEMP\~bootwiz\00004054\image', sWimFilePath='C:\Windows\Temp\~bootwiz\00004054\@dot@\sources\boot.wim', dwImageIndex=1, bCommitChanges=1, nCompressionType=0, dwMilliseconds=200, pProg, bIgnoreErrors=0)
12/04 09:35:57 I: ........<CPlatformWinPe3::WimUnmountFile - returning thread exitcode 0 (BDC_SUCCESS)
12/04 09:35:57 I: .......<CPlatformWinPe4::WimUnmountFile - returning 601 (BDC_ERR_WIM_INSERT_PACKAGE)
12/04 09:35:57 I: ...... First SetNamedSecurityInfo call failed: 2

 

Environment

Deployment Solution 8.x

Cause

Microsoft OS requires Components to be 'installed' or loaded in WinPE in a specific order.  It's not obvious but we have included a way to adjust the Load order.  Items at the top are loaded first.  Adjust the Load order by moving items up and down the list.

Resolution

Certain packages (Optional Components) have dependencies in WinPE.  The order in which the Package is listed in Preboot Environment Settings determines the order in which the package is loaded into WinPE. 

Microsoft has published this information: https://learn.microsoft.com/en-us/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference?view=windows-11

Here is a summary of WinPE Optional Components and their Dependencies.  If an Optional Component is not listed, it does not have any dependencies declared by Microsoft.

  • WinPE-DismCmdlets
    • Dependencies: Install WinPE-WMI > WinPE-NetFX > WinPE-Scripting > WinPE-PowerShell before you install WinPE-DismCmdlets.
  • WinPE-NetFx
    • Dependencies: Install WinPE-WMI before you install WinPE-NetFX.
  • WinPE-PlatformID
    • Dependencies: Install WinPE-WMI and WinPE-SecureStartup before you install WinPE-PlatformID.
  • WinPE-PowerShell
    • Dependencies: Install WinPE-WMI > WinPE-NetFX > WinPE-Scripting before you install WinPE-PowerShell.
  • WinPE-SecureBootCmdlets
    • Dependencies: Install WinPE-WMI > WinPE-NetFX > WinPE-Scripting > WinPE-PowerShell before you install WinPE-SecureBootCmdlets.
  • WinPE-SecureStartup
    • Dependencies: Install WinPE-WMI before you install WinPE-SecureStartup.
  • WinPE-StorageWMI
    • Dependencies: Install WinPE-WMI > WinPE-NetFX > WinPE-Scripting > WinPE-PowerShell before you install WinPE-StorageWMI.

Looking at this list of dependencies, WMI Is always first, followed by NetFX, then Scripting, and lastly Powershell.  If these 4 items are ordered near the top of the list, you could add any other packages desired.

As an example, if you wanted to add Powershell, the order below solves this requirement:

 

Powered by Wolken Software