Windows PE

From ArchWiki

Windows PE is a lightweight version of Windows intended to be used for installation of Windows Vista and later versions of Windows, as well as for system maintenance. It runs entirely from memory and can be booted from the network. This page describes how customized Windows PE images can be created, and optionally published on the network, using only free software packages on an Arch Linux machine along with Microsoft's Windows Automated Installation Kit (WAIK). The WAIK can be downloaded at no cost and is only needed to extract the boot.wim file that contains the initial copy of Windows PE, along with a couple boot files.

Warning: By downloading the Windows Automated Installation Kit, you may be bound by its license, which prevents you from, among other things, using Windows PE as a general-purpose operating system.

Use cases

Normally, an image of Windows PE can only be created using the Windows Automated Installation Kit (WAIK) on a Windows machine. However, it is also possible to create and modify images of Windows PE using an (Arch) Linux machine, and optionally publish them on the network for PXE booting. No Windows machine is necessary. You may want to do this if:

  • you need to install Windows from the network, or boot Windows PE from the network for system administration, using an Arch Linux-based server. This may be because you do not have a Windows-based server, or you prefer using a Linux server because of its improved security and configurability, or you are already using a Linux server for other purposes.
  • you need to run a Windows environment to run Win32 programs, you do not have a Windows machine available, and you do not want to use Wine or the programs will not run correctly with Wine.

Creating a bootable Windows PE image

Install wimlib.

Configure the Windows PE image

To boot into a command prompt, create a startup script, which will be included into the bootable image in the next step:


The mkwinpeimg script supports making further modifications to Windows PE using --overlay option. See the manual page for mkwinpeimg for more information. You may want to do this to add additional Windows applications that you want to run in Windows PE, or to add any additional drivers that Windows PE needs (drivers can be loaded using the drvload command within Windows PE).

Obtain a Windows ISO or WAIK image

mkwinpeimg can create a bootable Windows PE ISO from a variety of sources. You first need to obtain either:

  • Option A for Windows 7 and later: a Windows installation ISO / disk image. It can be downloaded freely on Microsoft website: Windows 10 ISO. This is the simplest way.
  • Option B: a Windows Automated Installation Kit (WAIK) image. For up to Windows Vista/7, it can be obtained as a standalone WAIK distribution from Microsoft. Since Windows 8, WAIK has been renamed to WADK and is distributed via adksetup.exe.
  • Option C smaller download: Hiren's BootCD includes Windows PE and is around half the size (~2.8GB) of a full Windows 10 ISO. This is a fuller featured boot environment and includes Internet Explorer which may be helpful to look up bcdedit or bootrec commands to repair Windows boot manager.
Warning: Make sure to select the correct architecture depending on your target usage: either x86 (32-bit) or x64 (64-bit). Compatibility of 32-bit programs on Windows x64 is generally good, but your mileage may vary.

Different versions of Windows installation media contains different versions of Windows PE. For the relationship between Windows versions and Windows PE versions, refer to Wikipedia.

Tip: It may be possible to use httpfs to avoid downloading the entire image file. Windows PE occupies only around 118MB of the image.

Prepare a bootable Windows PE ISO

Once you have obtained a Windows installation image or WAIK/WADK image, you need to mount it. Assuming it is called winimg.iso:

# mount --mkdir winimg.iso /media/winimg

Use the mkwinpeimg script provided with wimlib to create a bootable Windows PE ISO winpe.iso, with the startup script created in the previous section:

Option A: source image is Windows installation media

$ mkwinpeimg --iso --windows-dir=/media/winimg --start-script=start.cmd winpe.iso

Option B: source image is WAIK/WADK:

$ mkwinpeimg --iso --waik-dir=/media/winimg --start-script=start.cmd winpe.iso

See the mkwinpeimg(1) for more information, including the --overlay option to copy files into the image.

Unmount the source ISO:

# umount /media/winimg

Option C: source image is Hiren's BootCD

Hiren's BootCd is already bootable, it only needs to be extracted to a USB.

dd bs=4M if=./HBCD_PE_x64.iso of=/dev/sdX status=progress && sync

Make sure the USB key uses a GPT partition table as described below.

Prepare a bootable Windows PE USB key for UEFI systems

Unfortunately, as of version 1.13.1-1 of wimlib, mkwinpeimg cannot build a bootable UEFI system. But we can build such a UEFI system easily: Windows 10 installation ISO already contain the necessary UEFI boot files.

Warning: Make sure you selected an appropriate architecture for your Windows ISO image (x86 or x64). This guide has only been tested with x64, i.e. it boots using /efi/boot/bootx64.efi. It is unknown whether an UEFI system would boot a x86 image of Windows this way. Please update this page if you can test.

On a USB key, create a GPT partition table with a single FAT32 partition of type "EFI System". This can be done interactively with cfdisk or through fdisk:

# fdisk /dev/sdX
(fdisk) g  # Create a new GPT partition table
(fdisk) n  # Create new partition, leave all parameters as default
(fdisk) t  # Change type of partition
(fdisk) 1  # Type 1 is "EFI System Partition"
(fdisk) w  # Save and quit

Then format the partition as FAT32:

# mkfs.fat -F 32 /dev/sdX1

Mount the winpe.iso file created by mkwinpeimg, mount your USB key, and copy everything:

# mount --mkdir winpe.iso /media/winpe
# mount --mkdir /dev/sdX1 /media/usb
# cp -r /media/winpe/* /media/usb/

Finally, mount the original Windows ISO image and copy all boot files in efi:

# mount winimg.iso /media/winimg
# cp -r /media/winimg/efi /media/usb/

You can now umount all ISO and the USB key, your USB key is ready to boot.

That is right: no syslinux or grub magic needed. The UEFI firmware should find the FAT partition and load the /efi/boot/bootx64.efi boot file provided by Windows to boot from the USB key.

Booting Windows PE

After creating a bootable ISO of Windows PE (winpe.iso) as described in the previous section, you may want to boot Windows PE in the following ways:

In virtual machine

Run a virtual machine with winpe.iso attached as a CD-ROM. Be sure to give it adequate memory, definitely more than the size of the ISO, since Windows PE runs from memory. See Category:Hypervisors for a list of available virtualization software.

From USB key

If you have prepared a USB key for UEFI systems according to the guide above, it should just boot. It may take some time to boot (10 to 20 seconds is not uncommon, depending on your USB key) because the loader seems to copy some/all data to RAM.

From CD

Simply burn winpe.iso onto a CD, and you can boot from it.

From Network

Merge-arrows-2.pngThis article or section is a candidate for merging with PXE.Merge-arrows-2.png

Notes: The PXE article already describes most of this stuff, no need for duplication. Just make sure that configuration file is not lost if it is necessary for windows. Besides that everything is dupe. (Discuss in Talk:Windows PE)

Windows PE can be booted from the network using PXELINUX and its MEMDISK module on BIOS systems. For UEFI systems, wimboot and iPXE can be used.

Install syslinux and tftp-hpa.

Copy needed PXELINUX files to the TFTP server root directory.

# rsync -aq /usr/lib/syslinux/bios/ /var/tftpboot/

Put winpe.iso in the TFTP server root directory.

# mv winpe.iso /var/tftpboot

Create a configuration file for PXELINUX similar to the following:

UI         menu.c32
MENU TITLE Network Boot

LABEL      winpe
MENU LABEL Boot Windows PE from network
KERNEL     /memdisk
INITRD     winpe.iso
APPEND     iso raw

LABEL      localboot
MENU LABEL Boot from local disk

Start the TFTP server.

Configure your DHCP server (such as Dhcpd or Dnsmasq) to point to pxelinux.0 as the boot file, with the Linux server's IP address. Beware: if your DHCP server is on a router, it may not be possible to do this without installing custom firmware.

After completing the above steps, you should be able to boot Windows PE from the network.

Note: With the given PXELINUX configuration file, Windows PE will start by default after 5 seconds.
Tip: TFTP is not designed to be used to transfer large files, such as winpe.iso, which may be 118MB or more and take about 30 seconds to load. Performance may be improved by using the gpxelinux.0 bootloader instead of pxelinux.0 and loading winpe.iso using HTTP rather than TFTP.

Installing Windows from Windows PE

Once booted into Windows PE, you can install Windows from an installation media.

The installation media can be a network share (Samba). See Samba for seting up a Samba server on another machine on the LAN. To share the installation image mounted at /media/winimg, add the following share definition to /etc/samba/smb.conf:

browsable = true
read only = no
guest ok = yes
path = /media/winimg

Once booted into Windows PE command prompt, run the following command to initialize the network interface, obtain the IP of the Samba server (assuming Windows PE was booted over PXE from a machine that runs the DHCP, TFTP, and Samba server, the server IP will usually be the Gateway IP), mount the share, and launch the GUI setup:

 > wpeinit
 > ipconfig
 > I:\setup.exe


System error 58 has occurred. The specified server cannot perform the requested operation

If you are getting the following error when using the net use command:

System error 58 has occurred.

The specified server cannot perform the requested operation.

1. Make sure you have not accidentally unmounted the /media/winimg directory.

2. Add a map to guest to /etc/samba/smb.conf. Add the following at the top of the file:

map to guest = Bad User

3. Restart the smbd.service.

4. Specify any username/password in the net use command:

net use I: \\IP.ADDRESS.OF.SAMBA.SERVER\REMINST /user:user pass

This is happening because Windows 10 connects to anonymous shares by checking some username and password to see if it is able to log in, and if so it allows an anonymous connection. Apparently whatever part hides this from the user did not make it into the PE build.

See also