@Wayne-Workman
Ok… so once I made some tweaks on this… I ran into a small issue getting the DBAN working properly while doing the timeout config. Ultimately here is where I stand with my current menu. This includes a new choice for disk selection as well as a default timeout of 10 seconds. It will then kick back to the main menu if it times out. I reverted back to using ${fog-ip} as well. After looking back at it as my ${boot-url} is http://${fog-ip}/${fog-webroot}. but all of my ISO’s whether mounted or chained using memdisk are mounted or stored in a directory off of webserver root instead of buried under the fog subdirectory.

:dban menu DBAN Nuke Menu item autonuke AutoNuke DoD 3-Pass item zero AutoNuke 1-Pass Zero Wipe item choose-disk Single Disk Selection item return Back to top menu... item choose --default return --timeout 10000 target && goto ${target} :autonuke kernel http://${fog-ip}/dban/dban.bzi nuke="dwipe --autonuke" silent vga=785 boot || goto failed :zero kernel http://${fog-ip}/dban/dban.bzi nuke="dwipe --autonuke --method zero" silent vga=785 boot || goto failed :choose-disk kernel http://${fog-ip}/dban/dban.bzi nuke="dwipe" silent vga=785 boot || goto failed :return chain ${boot-url}/service/ipxe/boot.php?mac=${net0/mac} || prompt goto MENU

Excellent. Thank you! It’s good to know that a netdom pull is no longer required.

Good to know. Thank you!

Celebrate your vestigial umbilical cord!

@Wayne-Workman i am not really used with github but i can upload it somewhere and share it sure.
Give me some time, if you like you can share it via github.

EDIT:

Post 1 updated @Wayne-Workman

Regards X23

@cnbgeren Yeah it looks like your dhcp server isn’t running.

Since it appears you have a unbuntu server you might want to review this document. https://help.ubuntu.com/community/isc-dhcp-server

Try resetting the encryption for that particular host. this is done through the web interface, in the host’s general area.

Just wanted to thank everyone for their suggestions( @george1421 @Wayne-Workman). We did install LAPS on a test OU and it works perfectly. We’ll likely be rolling it out in the next week or two. For those machines off the domain, oh well…

I’m pretty sure he is. He started slowing down access to the forums once I started making a lot of effort on keeping things up to date. I haven’t seen him in a while though 😞

SetupComplete.cmd

@ECHO OFF TITLE Post Sysprep Configuration Script REM *** Activating Windows TITLE Activating Windows 10... cscript slmgr.vbs /skm sx.org cscript slmgr.vbs /ipk XXXXX-XXXXX-XXXXX-XXXXX-XXXXX cscript slmgr.vbs /ato REM *** Activate Office TITLE Activating Office... cscript "C:\Program Files (x86)\Microsoft Office\Office16\ospp.vbs" /sethst:x.org cscript "C:\Program Files (x86)\Microsoft Office\Office16\ospp.vbs" /act REM *** Starting FOG Service after boot TITLE Start FOG Service... sc config FOGService start= auto net start FOGService REM *** Finalize Script Actions and Cleanup the Scripting Environment TITLE Finalizing Script Actions... DEL /Q /F c:\Windows\System32\Sysprep\unattend.xml DEL /Q /F c:\Windows\panther\unattend.xml RD /S /Q c:\windows\setup\scripts

Unattend.xml

<?xml version="1.0" encoding="utf-8"?> <unattend xmlns="urn:schemas-microsoft-com:unattend"> <servicing></servicing> <settings pass="windowsPE"> <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <DriverPaths> <PathAndCredentials wcm:action="add" wcm:keyValue="b895faa4"> <Path>C:\Windows\Drivers</Path> </PathAndCredentials> </DriverPaths> </component> </settings> <settings pass="generalize"> <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <SkipRearm>1</SkipRearm> </component> </settings> <settings pass="specialize"> <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <SkipAutoActivation>true</SkipAutoActivation> </component> <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <RunSynchronous> <RunSynchronousCommand wcm:action="add"> <Description>Activates Built-in Administrator account</Description> <Order>1</Order> <Path>net user administrator /active:yes</Path> </RunSynchronousCommand> </RunSynchronous> </component> <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <DesktopOptimization> <ShowWindowsStoreAppsOnTaskbar>false</ShowWindowsStoreAppsOnTaskbar> <GoToDesktopOnSignIn>false</GoToDesktopOnSignIn> </DesktopOptimization> <OEMInformation> <Logo>C:\Windows\System32\oobe\info\info.bmp</Logo> <Manufacturer>Hewlett Packard</Manufacturer> <SupportHours></SupportHours> <SupportURL></SupportURL> </OEMInformation> <TimeZone>Eastern Standard Time</TimeZone> <RegisteredOrganization>Name Here</RegisteredOrganization> <RegisteredOwner>Name Here</RegisteredOwner> <CopyProfile>true</CopyProfile> <ComputerName>*</ComputerName> </component> </settings> <settings pass="oobeSystem"> <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <InputLocale>en-us</InputLocale> <SystemLocale>en-us</SystemLocale> <UILanguage>en-us</UILanguage> <UserLocale>en-us</UserLocale> </component> <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <OOBE> <ProtectYourPC>1</ProtectYourPC> <HideEULAPage>true</HideEULAPage> <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> <HideOnlineAccountScreens>true</HideOnlineAccountScreens> <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> <HideLocalAccountScreen>false</HideLocalAccountScreen> </OOBE> <UserAccounts> <AdministratorPassword> <Value>pw_here</Value> <PlainText>false</PlainText> </AdministratorPassword> <LocalAccounts> <LocalAccount wcm:action="add"> <Password> <Value>pw_here</Value> <PlainText>false</PlainText> </Password> <Name>Administrator</Name> <Group>Administrators</Group> <DisplayName>Administrator</DisplayName> <Description>Local Administrator</Description> </LocalAccount> </LocalAccounts> </UserAccounts> <VisualEffects> <FontSmoothing>ClearType</FontSmoothing> </VisualEffects> <RegisteredOrganization>Name</RegisteredOrganization> <RegisteredOwner>Name</RegisteredOwner> <TimeZone>Eastern Standard Time</TimeZone> <AutoLogon> <Password> <Value>pw_here</Value> <PlainText>false</PlainText> </Password> <Enabled>true</Enabled> <LogonCount>1</LogonCount> <Username>administrator</Username> </AutoLogon> </component> </settings> <cpi:offlineImage cpi:source="wim:c:/users/laner/desktop/windows%2010%20deployment/sw_dvd5_win_edu_10_1511.1_64bit_english_mlf_x20-93836/sources/install.wim#Windows 10 Education VL" xmlns:cpi="urn:schemas-microsoft-com:cpi" /> </unattend>

Windows 10 for Education x64.

@Joe-Gill We need people to find odd problems. It’s good for the project.

@Wayne-Workman

The devs are still busy folks…

From the RC4 change log

Fix multicast issues for the fog service. Fix multicast not closing on task cancellation from active tasks page (hosts are being untasked but session still exists.)

From the RC3 change log
88197b5 Update Version to 1.3.0-RC-3
f31b852 Merge branch ‘working-RC-3’ into dev-branch
3fd5ff3 (origin/working-RC-3, working-RC-3) Enable snapin location altering or not via locations.
58709a1 Update iPXE files to latest pull.
b1f9240 Add back the 7156 efi files for ensuring surface pro’s can still boot.
a9652be More accurately display multicast and don’t create a tasking, but do report why the tasking couldn’t be created.
99ef87a Make sure only multicast sessions that have a defined session client count are able to be used for multicast session joining.
627348c Use the fullPath variable for the multicast task.
363ef28 Ensure multicast continues even if the file cannot be found. Otherwise it will fail for that node and nothing after that point will run properly.
3cf50e3 Properly link progress row with it’s task.
67d5ebe Fix issue with multicast sessions being cleaned before they’re even booted.
2b692a7 Fix issue with printer memberships
289524f Fix getting the snapin job variable as there was a typo.
98921af Add expand-child element to the progress row.
ed70684 Make sure version is incremented
3eae96c Remove accesscontrol plugin
8327f66 Make fog configuration use ajax for kernel versions.
a8acad2 Address issue with nodes blocking load of the page.
3f38ef8 Make sure suf variable in javascript returns if suf is null
5158f67 Fix upload last time not setting.
f2d8d72 Fix split call.

For those of you that may have tried this with CentOS 7, re-pull and it’ll work now.

This works with:

Debian Ubuntu Fedora CentOS

Confirmed and fixed. Will be available for rc 3

@Tom-Elliott

No problem!! 🙂

@george1421 I’ll try with the Quick Image first and if it does not work I’ll look with this methode more deeply.

@Wayne-Workman I keep these solutions in mind if Quick Image is not for me.

@Tom-Elliott Ok, I will upgrade the server to try this.

Thank you all for you replies ! 🙂

@ITSolutions @Tom-Elliot

Thanks for that info. I’ve been a few revisions behind in my prod and nonprod servers. Just got around to doing that today at the recommendation of Tom.

@george1421 said in Master -Master Replication:

Right now FOG doesn’t have a real good way to limit what techs can do at each location. For example we would only want IT techs at site A to be able to image machines at site A and not site B. As well as the other way around. If you had FOG setup to automatically PXE boot into FOG, techs at site A could accidentally reimage a machine at site B.

Sounds like a great opportunity to solve a problem, to me. I could write a PHP service that would just undo any tasking that a tech does at a wrong site. In fact - I can write a stand-beside fog thingy that will let you assign locations to fog users. It can be a non-required extra field in the users table, and won’t affect FOG functionality.

At work, we don’t have problems with bandwidth between sites. It’s 1Gbps throughout 23 buildings separated by miles each. But we do have a potential problem with is techs doing things they shouldn’t be doing.

Update please. I fixed this already. I’m adding more implicit text as well, but i noticed and corrected this.

@george1421 I was simplying using mount -t nfs, no other modifiers, so yeah, specifying the protocol is probably what does it.

Still much to learn about Linux and such, heh.