ADK 1511

ADK 1511 Hotfix – Automate Manual Steps in Boot Image

Microsoft released a ADK 1511 hotfix earlier this year to fix problem with network connectivity in the boot image. This hotfix provides a file (schema.dat) that you manually need to replace in your boot images, which involves 9 manual steps an a lot of typing. It took too much time to update this for the customers I work with so I wrote a PowerShell script that makes the job easy for me.

Steps required to apply hotfix manually

The ADK 1511 hotfix requires the following steps to be done manually to the boot image:

  1. Open Deployment and Imaging Tools Environment with administrative rights.
  2. Mount the boot image to a directory.
    dism /mount-wim /wimfile:C:\WinPE_amd64\media\sources\boot.wim /index:1 /mountdir:C:\WinPE_amd64\mount
  3. Take a backup of file permissions on schema.dat in boot image.
    icacls c:\WinPE_amd64\mount\Windows\System32\schema.dat /save “%temp%\AclFile”
  4. Take ownership of schema.dat
    takeown /F c:\WinPE_amd64\mount\Windows\System32\schema.dat /A
  5. Give local administrator group full access to schema.dat.
  6. icacls c:\WinPE_amd64\mount\Windows\System32\schema.dat /grant BUILTIN\Administrators:F
  7. Replace the schema.dat in mounted boot image with schema.dat from ADK 1511 hotfix
    xcopy “%userprofile%\Downloads\schema-x64.dat” c:\WinPE_amd64\mount\Windows\System32\schema.dat /Y
  8. Give TrustedInstaller ownership of the patched schema.dat
    icacls c:\WinPE_amd64\mount\Windows\System32\schema.dat /setowner “NT SERVICE\TrustedInstaller”
  9. Restore permissions on schema.dat
    icacls c:\WinPE_amd64\mount\Windows\System32\ /restore “%temp%\AclFile”

I released my PowerShell script that automates these steps to the Microsoft Technet Gallery community. You can download it here: https://gallery.technet.microsoft.com/Automate-ADK-1511-Hotfix-dda5542c

Prerequisites

The KB3143760 hotfix applies to the following systems using Windows ADK 10 1511 boot images.

  • Configuration Manager Current Branch
  • Configuration Manager 2012 R2
  • Configuration Manager 2012

ADK 1511 Hotfix – Howto

My Powershell script to automate the ADK 1511 hotfix is almost ready to go. But you need to change 3 variables in the script for it to work in your environment.

  1. $bootimage. Path to bootimage you want to apply this hotfix.
  2. $schema. Path to the KB3143760 hotfix file that replaces schema.dat. Either schema-x86.dat or schema-x64.dat depending on the architecture of your boot image.
  3. $mount. The directory that this script can mount your boot image to and perform the manual steps required by the ADK 1511 hotfix.

Important: This script requires administrative rights to run.

Remember to update your distribution points your boot image after running this script to make sure they have your newly patched boot image with the ADK 1511 hotfix included.

Download ADK 1511 hotfix, KB3143760 from Microsoft: https://support.microsoft.com/en-us/kb/3143760

Anders Rødland

Anders Rødland started his IT career in 2006. My main focus is MS Configuration Manager and client management, and I have passed 17 Microsoft certifications since then. My main expertise is on client management with Microsoft Endpoint Manager: Intune and Configuration Manager. I also do a lot of work on the security side with Microsoft Defender for Endpoint. In addition to my Microsoft certification, I also have an ITIL v3 Foundation certification. This is my private blog and do not represent my employer. I use this to share information that I find useful. Sharing is caring.

6 thoughts to “ADK 1511 Hotfix – Automate Manual Steps in Boot Image”

  1. Hey there !

    Thanks a lot for this hotfix script, it’s really handy. 🙂
    I have a problem with it thought. When trying to apply it to my own boot.wim on a SCCM that is in a domain (I’m connected as a domain administrator with full rights), I have a problem with the xcopy part. For some reason, it gives me an “Access denied” error message.
    Should I connect myself on the server with a local account instead of a domain account ? I’m quite new with Powershell (I’m installing, configuring and using SCCM as part of a training course) so I might be misunderstanding something maybe.

    1. Hi Michaël.

      Can you verify that PowerShell is running with administrator rights? I dont think this script will run properly if not running as administrator. Right click on powershell and select “Run as Administrator”.

      1. Hey there !

        Woops, I thought I said it in my initial post but yeah, I’m running PowerShell with Administrator’s right. Thats partially why I don’t understand it telling me I don’t have access to the files. I even made sure that it was in the C: folder with no spaces in the the path and the path wrapped in double quotes. Thats odd.

  2. Not a problem with anything you’ve said here, but the download page for the hotfix shows 0 downloads available even after clicking the “Show hotfixes for all platforms and languages” link. Any idea how to get these files from somewhere else? I need it for my x86 boot image.

    1. Hi, try changing the language to English or all languages, then it should show an available hotfix. I have the same problem as Microsoft auto-selects Norwegian as my language, and this hotfix is only available in English.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.