I was having issues getting a desktop to install updates recently from my company’s WSUS server. Being that I was in a time crunch and needed these updates installed within the next 24 hours, I decided to take the desktop off the domain and grab the Windows Updates directly over the internet from Microsoft.
Spoiler Alert: This was a terrible idea.
Fast forward to the next day. Updates are downloaded, installed, and the machine is ready to be sysprep’d for WDS. I finish up a few last software tweaks and capture the image via PXE boot + WDS. Everything goes smoothly and the .WIM file is appearing on my WDS server. Hooray! Let’s start pushing this out to a few machines.
WDS: Windows cannot install required files. Make sure all files required for installation are available, and restart the installation.
What does that even mean? I do a WDS service restart just to make sure I’m not losing my marbles, but I keep getting the same, nonsensical error. After Google was consulted, the only information I could find was from January concerning a WinPE image source sitting in a hidden folder on the C: drive.
Wait… C:\$WINDOWS.~BT … why does that sound familiar? Oh that’s right, it’s the directory Microsoft has been pushing Windows 10 install files to! When I walked away the night before after taking the machine off the domain, it had grabbed the update from Microsoft. Show Hidden Files was off by default, so I never even saw the directory!
OK, so easy-peasy fix. Pop open ImageX or DISM and let’s mount the .WIM and trash that directory.
The specified image file did not contain a resource section.
Ugh… of course, I need to export the .WIM out of WDS first, then mount, make my changes, and commit.
dism /Mount-Image /ImageFile:"exported_image.wim" /index:1 /mountdir:"C:\mount_wim"
Trashed the C:\$WINDOWS.~BT directory and imported back into WDS. Full steam ahead!
Dism /Commit-Image /MountDir:"C:\mount_wim"
This is a real pain in the neck, though. There’s no clear way to block Windows 10 from installing its slimy files on your box. Some people have suggested blocking it at the firewall, but I’m sure Microsoft’s CDN will wreck havoc on that idea. I guess I should have never taken the machine off the domain!