PXE Boot with Unmodifiable Windows DHCP Server
-
We have a Windows 2012 DHCP Server where we are not allowed to change the DHCP Options as required to directly PXE boot to our Fog Server. The Windows server is currently setup to PXE boot to a WDS server to image our primary computers, however I want to use the fog server to image a different batch of computers which cannot be configured through the primary WDS server.
Am I right in assuming that it should be possible to use the ‘USB Boot UEFI client into FOG menu (harder way)’ option as described on your Wiki page (https://wiki.fogproject.org/wiki/index.php?title=USB_Bootable_Media) to create a USB drive that will connect directly to our Fog Server bypassing the DHCP PXE settings? If so I know the link to Rom-O-Matic on this webpage doesn’t work however I found an alternative URL that appears to be the same site (https://rom-o-matic.dev/) however when I follow your instructions I get a ‘Build failed: “make” unexpectedly returned exit value 2 at /var/www/rom-o-matic/build.fcgi line 637’ error so I expect they may have made some changes to the system since you made the original instructions. Any idea what options need changing on this new system to get a working efi file?
I have also followed your instructions on how to create a USB FOS Client (https://forums.fogproject.org/topic/7727/building-usb-booting-fos-image?_=1595839987136) and that appears to work fine however I would like to take advantage of multicast which this option does not support.
I am currently running Fog 1.5.9-RC2 running on CentOS 8.
Thanks.
-
You are in a bit of a tight spot here since WDS is also involved in your network. So you can’t use any dhcp based method of booting.
The second approach using usb boot into FOS is the right one for you as long as you understand the caveats.
TBH I never looked into the prospects of multicast imaging using FOS boot disks. In theory it should be possible. Making the iPXE menu version of “Join Multicast Session” shouldn’t be too difficult to simulate with grub. Having the direct boot into the multicast stream I don’t think is possible.
-
You could also use something like refind or grub2win on a usb and embed the ipxe.efi file and set it as a boot option. This would completely skip the dhcp portion of the pxe boot as you’ll arleady have the pxe file and it should skip straight to booting to the fog tftp server.
You could also include adding your chosen boot loader to your devices as part of your provisioning process (setupcomplete/firstlogoncommands etc.) so that you wouldn’t require pxe booting or a special usb to re-image a computer once deployed.
An easy way to test if booting straight to the ipxe.efi file would work is if your devices support either a built-in uefi shell or have the ability to choose a boot file in the bios settings. In that case you can just get a normal usb and simply put that ipxe.efi file on it (located on your fog server at
/var/www/fog/service/ipxe/ipxe.efiI believe or it may be at/tftpor both). If all of that sounded complicated let me know the model of the computers and I’ll see if I can figure out if they have that capability.There’s also the dnsmasq option which sets up a sort of proxy dhcp but it’s been a long time since I had to do that, but it makes it work as if you had the dhcp options set up. The only issue you might run into is if your dhcp server is on a faster network connection than your fog server, the dhcp server will beat your fog server to to responding to the dhcp requests.
Another thought, if the reason you can’t change the dhcp options is because it’s currently pointing to wds, you could also see if you’d be allowed to add policies to the dhcp server that would check for the specific devices and then boot just them to the fog server. Some example of this can be found in this wiki article https://wiki.fogproject.org/wiki/index.php?title=BIOS_and_UEFI_Co-Existence but you would have to do more research to find a way for the policies to detect the specific devices.
I will gladly go into more detail on any of these options if you want to give one a try.
Have you tried the FogApi powershell module? It's pretty cool IMHO
https://github.com/darksidemilk/FogApi
https://fogapi.readthedocs.io/en/latest/
https://www.powershellgallery.com/packages/FogApi
https://forums.fogproject.org/topic/12026/powershell-api-module -
@JJ-Fullmer said in PXE Boot with Unmodifiable Windows DHCP Server:
on a usb and embed the ipxe.efi file and set it as a boot option
This won’t work because the fog delivered copy of ipxe.efi contains an embedded script that queries dhcp (again)
ref: https://github.com/FOGProject/fogproject/blob/master/src/ipxe/src-efi/ipxescript
It has to be grub in this case. I think I found a command that allows grub to prompt the user for an input. I have yet to test it out to see if it works the same way as the prompt command for iPXE.
Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
-
I think I have a solution that will work. I have not tested or debugged it yet (its almost bed time in the US). But the reason why I built the USB FOS booting process is because some computers will not boot iPXE so I created the grub method of booting. The problem is that grub is static where iPXE is dynamic and the fog server can control the actions of the iPXE script at run time. With grub its static text saved on the usb flash stick. This static file while it works for basic tasks does not support some of the more advanced options available in the iPXE menu. So our first choice is to get iPXE to boot from the USB flash drive but not use dhcp options to locate the FOG server. To that end I think I have a way to do this. I created a custom (one-off) build of iPXE.
We are going to kind of follow the process outlined here: https://forums.fogproject.org/topic/6350/usb-boot-uefi-client-into-fog-menu-easy-way but with some tweaks.
You will need to acquire these things.
- A 2GB (min) flash drive
- A UEFI pxe boot image from a functioning FOG server.
Boot image creation process
- Insert your flash drive into a Windows based computer and format it with FAT32 disk format
- On that flash drive create a folder called efi (all lower case)
- On that same flash drive create a folder called boot in the efi folder creating this path “x:\efi\boot” (make sure the case matches).
- Download zipxe.efi from my google drive: https://drive.google.com/file/d/12kZ1S2zXQofd_OI5oipWXj3JQIBaJO2g/view?usp=sharing
- Copy that file to the flash drive in the efi\boot folder. That file MUST BE RENAMED to bootx64.efi (note the case)
- Download the file default.ipxe from the /tftpboot directory on your fog server and save it in efi\boot directory on the flash drive. In theory you should not have to do anything with that file, because the last line in that text file should have the IP address of your FOG server in it. If it does, then the configuration part is done.
- At this point remove the usb thumb drive from the build up computer and insert the drive into a target computer
- Power on the target computer and press F10 or F12 (depending on the mfg) to call up the EFI boot menu.
- Select the USB boot device under the EFI section of the EFI menu
- You should see the iPXE boot banner and then it should load the FOG IPXE menu. Once you get to this menu then you have the full function of the FOG server including multicast imaging.
Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
-
@george1421 I see that in the code but this is a method I use to get past dhcp on the daily. I think it’s going out to dhcp just to make sure the machine has an ip address and is on the network and then connects to the tftp server. But since it already has the efi boot file it’s not using dhcp to try to go find it, which is the part I believe he needs to skip. But if my thought doesn’t work then the default.ipxe method you outlined is worth a shot.
I would add to your method that in the case that file isn’t seen (like if it’s a super picky uefi bios) you could create a efi partition instead of fat32 with
diskpartBut I would bet your method there would work. -
@george1421 Just a follow up with this request. The steps I laid out did boot the FOG iPXE menu without the use of DHCP to give it direction. It should work for the OP as defined.
-
Another option would be to configure your fog server to be a router, serving ip addresses only for a new subnet behind the fog server’s second NIC via a switch dedicated to imaging. We do this in our primary imaging lab. Let me know if this appeals to you and I’ll go into greater detail.
-
@george1421 Your solution worked perfectly on the few devices I have tried so far (tested by both running a capture and deploy).
Many Thanks
-
@george1421 I have come across a small annoyance. The USB drive boots to the Fog menu successfully, however if no keyboard entry is detected after around 5 seconds or so the menu changes to an rEFInd - About screen. Any ideas how to stop this from happening?
Thanks
-
@Richard-Wise Are you wanting to not have it default, change the default timeout, or is stopping at the refind menu the issue? I can read your post a number of ways.
-
@george1421 I want it to boot directly to the fog menu and stay there indefinitely until an option is manually selected.
Currently it boots to the fog menu but if nothing is selected after a few seconds it automatically changes to an rEFInd - About screen.
-
@Richard-Wise Ah ok, then set this value in the web ui FOG Configuration->FOG Settings->(Expand all)->FOG Boot Settings->PXE MENU TIMEOUT change the value to 0
