@george1421 The USB ipxe boot method works perfectly, from a USB drive. The idea is to somehow make that ipxe process boot BEFORE Windows on the hard drive itself instead of the usb drive, and have a countdown to boot from first hardrive. This way I can set a deploy or capture task remotely and it would work. As for specifying the IP address, I already did. Ipxe sees the FOG server on the same vlan, but on a different vlan ipxe asks for the FOG server address.

@sebastian-roth I need to get back into those docs. Things have been just so crazy lately. When you have something working let me know and we’ll get it documented.

@sebastian-roth I already try snappin on Windows and it’s working. The client is install with the last version and my fog version is 1.5.9.
I tried to use Fog’s snappin on debian host but and it’s going well but I think that my command are not good. i tried with dpkg -i and /bin/bash. The client is downloading and rebooting the PC but I can’t find the program

463e11a5-6457-4538-a9ab-7b062651629a-image.png

@turtle331 I would like to get a solution for the installer error 😕

@brakcounty I don’t have access to my production fog server at the moment, but I’m wondering if the history table keeps track of “deploy image” imaging…

This bit probably won’t help you retrospectively, but in my environment we don’t register the target computers with FOG, we use the “Deploy image” route. We do use MDT to build our golden image though. In MDT we have a task sequence that creates a registry key with the build date the golden image is created because we typically rebuild our golden image once a quarter. With a PS query we can query AD and the target computers to find out the unique build date of all of the deployed images. In a way we could back into the number you are seeking.

So the question for you is… is there something unique that would identify the target computer as being deployed by FOG? Some unique software or registry setting that would say this image was built by our golden image deployment environment?

From a FOG perspective, once you deploy an image via the “Deploy image” iPXE menu FOG forgets the target computer ever existed. The question in my mind is of the history table keeps any lingering memories of the target computer’s mac address or such.

@yeet Good you have found FOG’s cron scheduled taskings. That’s the way to go for what you are asked to do.

@brakcounty That is defined in the web ui. That is the default user account you login as the admin. If you create another user account on your fog server you can use that for the iPXE menu instead of fog

Got it. Script works. Thanks!

@junkhacker I built an ipxe image using the fog’s kernels and files and made them into a vISO then mounted it to my vm. Boot from it, then normally it would load ipxe and eventually the fog menu. since I updated vbox it stopped working. yeah I’ll have to play with it.

Wait nevermind I figured it out. I enabled the “Hide Menu” option under Fog Configuration>iPXE General Configuration>Menu Hide/No Menu settings. Pressing ESC after entering the FOG tftp server IP shows the login menu. Perfect!

@astrugatch said in Script to detect and repair AD Biding:

Is that separate from the cert that is used for HTTPS? Do I need to generate a new cert or does that come from the install as long as it is recent?

It’s separate from the cert used for HTTPS. Nothing you need to mess with. It’s a code siging certificate and it’s bundled into the fog-client. So if you use a recent one you are good to go.

@nick the client communicates entirely with web based services on the fog server. in fact, if you know what to put in the url bar you can do most (maybe all, i can’t remember) of the call/response in a browser to see what gets returned when the client makes requests. which is something we do when troubleshooting.

@OmegaXis While I have not tried it myself I would think it’s not a big deal. Start reading up on bash scripting and start with simple scripts like this one:

#!/bin/bash # my installer script APT_GET_PATH=$(command -v apt-get) [[ -z $APT_GET_PATH && -x /usr/bin/apt-get ]] && APT_GET_PATH=/usr/bin/apt-get $APT_GET_PATH -y update $APT_GET_PATH -y install -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confold name-of-new-package

Instead of name-of-new-package use the package you want to install.

@george1421 @Sebastian-Roth So I modified my postdownload scripts to manually mount the correct drive if the code that was originally there didn’t do it. It is working for me so I am adding my post download scripts below in case anyone comes across this thread and finds it helpful for them. This works for me in my environment, but may not work for everyone.

I took inspiration from the getHardDisk() function in https://github.com/FOGProject/fos/blob/master/Buildroot/board/FOG/FOS/rootfs_overlay/usr/share/fog/lib/funcs.sh

The scripts are a bit of a mess but working

fog.postdownload

#!/bin/bash ## This file serves as a starting point to call your custom postimaging scripts. ## <SCRIPTNAME> should be changed to the script you're planning to use. ## Syntax of post download scripts are #. ${postdownpath}<SCRIPTNAME> clearScreen; dots "Running post download scripts." mkdir /ntfs &>/dev/null ntfs-3g -o force,rw $part /ntfs echo "Mounting Device"; if [ "$?" = 0 ]; then if [ ! -d "/ntfs/Windows" ]; then . ${postdownpath}mountLargestPartition fi echo "Done" debugPause . ${postdownpath}getMachineModel . ${postdownpath}getPlatformVersion . ${postdownpath}fog.drivers . ${postdownpath}fog.unattend if [ -z "$auditMode" ]; then . ${postdownpath}fog.bcu fi echo "Unmounting Device"; umount /ntfs; debugPause else echo "Failed to mount device"; sleep 30; debugPause fi

mountLargestPartition

#!/bin/bash dots "Running the manual mount script" drive=$(lsblk -dpno KNAME -I 3,8,9,179,202,253,259 | uniq | sort -V) driveCleaned=${drive//'/dev/'/} #Remove `/dev/` from variable partition="" partSize=0 # Get the largest partition while IFS= read -r line; do tempPartSize=$(blockdev --getsize64 /dev/$line) if [ $tempPartSize -gt $partSize ]; then partSize=$tempPartSize partition="/dev/$line" fi done < <(ls /dev | grep -E "${driveCleaned}[a-zA-Z0-9]+") umount /ntfs &> /dev/null ntfs-3g -o force,rw $partition /ntfs

getMachineModel

#!/bin/bash dots "Retrieving Machine Model" machine=$(dmidecode -s system-product-name) # Gets machine model machine="${machine// /_}" # Replace spaces with underscores echo "${machine}" debugPause

getPlatformVersion

#!/bin/bash dots "Retrieving Platform Version from Registry" # Create a registry file to be able to search the ReleaseId from # reged -x gives out an abort error message but from all my testing it still works. reged -x /ntfs/Windows/System32/config/SOFTWARE HKEY_LOCAL_MACHINE\\SOFTWARE \\ /out.reg &> /dev/null || true if [ -f /out.reg ] then PlatformVersion=$(cat /out.reg | grep 'ReleaseId') PlatformVersion=${PlatformVersion:13:4} # Grab only actual the ReleaseId. Full text looks like "ReleaseId"="1909" echo "${PlatformVersion}" else echo "No registry file found." debugPause dots "Retrieving Platform Version from PlatformVersion.rek file" if [ -f "/ntfs/Windows/PlatformVersion.rek" ] then PlatformVersion=$(<"/ntfs/Windows/PlatformVersion.rek") echo "${PlatformVersion}" debugPause else echo "No platform version file found." debugPause fi fi

fog.drivers

#!/bin/bash dots "Preparing Drivers" mkdir /ntfs/Drivers &>/dev/null; echo "In Progress" dots "Adding drivers to driver path" cp -ar "/images/drivers/${machine}/${PlatformVersion}/" /ntfs/Drivers if [ "$?" = 0 ]; then echo "Done" else echo "Failed!" fi debugPause regfile="/ntfs/Windows/System32/config/SOFTWARE" echo "regfile ${regfile}" key="\Microsoft\Windows\CurrentVersion\DevicePath" echo "key ${key}" devpath="%SystemRoot%\inf;%SystemDrive%\Drivers" echo "devpath ${devpath}" reged -e “$regfile” &>/dev/null <<EOFREG ed $key $devpath q y EOFREG echo “Drivers done.”

fog.unattend

#!/bin/bash dots "Searching for Platform Version" # If $PlatformVersion is not null/empty if [ -n "$PlatformVersion" ]; then echo "Found" debugPause dots "Removing old unattend file" rm -f /ntfs/Windows/Panther/*nattend.xml if [ "$?" = 0 ]; then echo "Done" else echo "Failed to remove file!" echo "Aborting fog.unattend" debugPause sleep 60 return fi debugPause dots "Checking image mode" if [ -n "$auditMode" ] && [ "$auditMode" -eq 1 ]; then echo "AUDIT" debugPause dots "Copying audit mode unattend file" cp "/images/unattends/UnattendAuditMode.xml" "/ntfs/Windows/Panther/Unattend.xml" if [ "$?" = 0 ]; then echo "Done" else echo "Failed!" fi debugPause else echo "OOBE" debugPause dots "Copying unattend file with driver path" cp "/images/unattends/UnattendWithDriverPath.xml" "/ntfs/Windows/Panther/Unattend.xml" if [ "$?" = 0 ]; then echo "Done" else echo "Failed!" fi debugPause fi else echo "No valid Platform Version." echo "Skipping unattend." debugPause fi

fog.bcu

#!/bin/bash dots "Copying BIOS change script" if [ -f "/images/drivers/CMSL-BIOS_Change.ps1" ] then cp "/images/drivers/CMSL-BIOS_Change.ps1" "/ntfs/Drivers" echo "Done" debugPause else echo " Failed! Could not find bios change script." debugPause sleep 60 fi echo "fog.bcu done." debugPause

@yuma said in How to set menu item as default? (And some other queries):

but when I use tftp, it takes a very long time - eventually iPXE says it timed-out.

Well that’s a different issue. We can switch over to http and make things go a bit faster. For the my how to boot thread, for consistency sake I use the majority of tftp. But for big things we can surely switch over to http and see better performance.

@tom-elliott I’m looking forwards to it! There’s a lot about FOG I don’t know yet and I’m just starting to dip my toes in.

@sebastian-roth

true story.
Ubuntu 20.04 and FOG 1.5.9 get along quite well.

@george1421 I thought I did but I was wrong. I started reading these instructions down at the bottom under “Older Instructions” https://wiki.fogproject.org/wiki/index.php?title=USB_Bootable_Media#USB_Boot_UEFI_client_into_FOG_menu_.28harder_way.29

But the files and folders don’t match up with what I got. Do I still need to copy the contents of /tftpboot/ to the root of the USB? Where do I start?