• RE: Invalid signature detected on new PCs

    @sega I think what Tom is referring to is something like this tutorial: https://forums.fogproject.org/topic/15888/imaging-with-fog-and-secure-boot-poc

    Also like Tom said the FOG Project doesn’t sign either iPXE or the FOS Linux kernel that is beyond the scope of the FOG Project. So if you must have secure boot enabled then you must do something like in the above tutorial, create your own private certificates and upload them to the uefi firmware, then sign ipxe.efi, snp.efi, snponly.efi and bzImage with your custom certificate. Then a computer with secure boot enabled will “trust” the FOG imaging process. Without the FOG Project boot files being singed, your computer will reject them and not boot.

    posted in FOG Problems
  • RE: ProBook 450 G9 slow to image

    @Bristow-0 That IS very strange that going to the older kernel solved the issue. I’m glad you have it worked out, but maybe the devs need to look into the 6.x kernel a bit more. I can understand that there was a big jump in the kernel code with the 6.x release.

    posted in Hardware Compatibility
  • RE: Sysprep cleared most of the configuration on Win10

    @zguo Here is an unattend.xml file that I used back with windows 7 and later with windows 10. I have to be clear I don’t do as much imaging as I did back in 2022, so I don’t know if this unattend.xml file is still valid. It should be, but start with it and see where it takes you. https://forums.fogproject.org/post/87392

    Staring with a proper unattend.xml file is the key to getting a good target deployment. You will want to use this command when you call sysprep. c:\windows\system32\sysprep\sysprep.exe /quiet /generalize /oobe /shutdown /unattend:C:\Windows\Panther\Unattend.xm

    Sysprep will still remove something out of your target image. But you can put most back on a deployment by using the unattend.xml file to create user accounts, connected to AD, and name the system as well as changing the local. If the option is not avaialble in the unattend.xml file, there is a batch file that gets called at the end of winsetup called setupcomplete.cmd you can put commands there to create users or install software that must be installed after imaging is complete, or use the first run section of the unattend.xml file with the auto login option for the first time windows boots, auto login to the desktop, run the first run section of the unattend.xml file then reboot.

    posted in Windows Problems
  • RE: What's the best way to rename the computer before joining the domain

    @professorb24 Here is a wiki page on the fog client install and setup: https://docs.fogproject.org/en/latest/installation/client/install-fog-client/

    The unattend.xml file is a windows thing. There are many resources on the internet that discusses its setup: https://learn.microsoft.com/en-us/windows-hardware/manufacture/desktop/update-windows-settings-and-scripts-create-your-own-answer-file-sxs?view=windows-11

    The unattend.xml file is an auto answer file used by the windows setup program to preanswer all of the questions that the installer might ask during installation. There are even answer file generators on the internet that you can answer a few simple questions and it will create the answer file in the proper format like this one: https://www.windowsafg.com/win10x86_x64_uefi.html (I would be careful entering your actual license key on a internet web page, just edit the answer file when you get it by hand to include your key).

    I also have some tutorials on fog post install scripts. This one has code snippets at the bottom of the post that discuss the unattend.xml file and how to potentially update the file with the script. https://forums.fogproject.org/topic/7740/the-magical-mystical-fog-post-download-script The way the forum works read the first post and then scroll to the end to read the second and third posts in the series.

    posted in FOG Problems
  • RE: What's the best way to rename the computer before joining the domain

    @professorb24 “The best” is kind of a subjective answer. The best way is the way that works the easiest for you and for the type of OS you are deploying.

    If you are referring to a windows computer there are two methods.

    1. Install the FOG Client software onto the golden image before image capture then enable the fog client renamer service.
    2. Use a fog postinstall script to update your target computer’s unattend.xml file and then let the windows setup program rename the computer and connect it to AD.

    Its generally the best practice to rename the computer before connecting it to AD.

    posted in FOG Problems
  • RE: Red dot in Fog

    @Tanguy The search list should be domain names you want to search through. The search list plus the host name should make the fqdn name of the computer. So short name resolution works.

    posted in FOG Problems
  • RE: Red dot in Fog

    @Tanguy If you have the search parameter set correctly in the resolv.conf file it should not matter what domain the target computer is vs the server. FOG only used the short name of the target (without domain reference). So if you can ping host where host is the name you registered the target computer in FOG with it should work. Also know that FOG doesn’t use the ping command to test if the target host is up or not, FOG tries to connect on port 445 to see if the host is up or not. So if you have a firewall between the fog server and target computer then the check will fail too.

    posted in FOG Problems
  • RE: Dell servers R740/R750 display YSOD after image capture/deploy

    @anvanster I’ve never seen this before. But lets try to see if refind is doing something strange.

    The only thing that calls refind is when you are in uefi mode and you exit the FOG iPXE menu, not select an option because that calls fos linux. So the only time that refind is executed is when the fog ipxe menu exits.

    So simply don’t let the fog ipxe menu exit using refind. You can (as a test) change the default exit manager for uefi to something like EXIT. That uses the uefi exit manager built into ipxe, or simply don’t use the fog menu after you image the computer.

    After imaging the FOS Linux engine reboots, since its a real OS it doesn’t need to use refind, its never called directly from FOS Linux. In the context of FOG and exiting from the iPXE menu, its only used to locate the efi boot loader, unless someone has changed the configuration, it should never install itself into the efi partition.

    So why are you getting that screen? Is secure boot enabled? If yes then FOS should not have run…

    Does this happen on the source computer after capture or both source and target computers?

    posted in Hardware Compatibility
  • RE: Cannot PXE boot on Client PCs

    @zguo how did you install fog on this server? Did you use the tarball file or git and pulled from the repo? Either way there should be a fogproject folder, and I think bin/installfog.sh bash script to rerun the fog installer.

    posted in General Problems
  • RE: Cannot PXE boot on Client PCs

    @zguo This issue is not related to dnsmasq. Something has zeroed out the byte size of that boot file. If you can the quickest way to fix this is to just rerun the FOG installer, it will recreate/fix file that were changed since its last run. I will not delete anything you added or changed in the UI. It will not touch dnsmasq either.

    posted in General Problems