• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    PXE Boot On Certain Computers

    Scheduled Pinned Locked Moved
    Windows Problems
    3
    13
    1.7k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      taylorcockrell
      last edited by

      I’m able to get pxe boot working with our FOG server but have noticed that random computers are booting to it even though their hard drive is fine to boot from and the boot priority is set that the network boot is not the first in the list. I do have DHCP option 66 and 67 enabled on our DHCP server. I’m wanting to set it up in a way so that our IT department is the only ones that can have a computer boot to that server for imaging purposes. There maybe a setting i’m missing on our server or we need to reconfigure all of our computers in the bios.

      george1421G 1 Reply Last reply Reply Quote 0
      • george1421G
        george1421 Moderator @taylorcockrell
        last edited by

        @taylorcockrell This is interesting since I have not experienced this before. It has to be something related to the target computer to skip the hard drive that is defined first.

        The only time I’ve seen an option to do this is when the firmware is configured for WoL and pxe boot is set there. So when the computer is woken up by WoL it pxe boots right away. This would be used for remote controlled imaging.

        In your case when the target computer gets into the iPXE menu it should time out after 5 seconds and boots into the OS. Does it do this correctly even if it does boot into the iPXE menu?

        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

        T 1 Reply Last reply Reply Quote 0
        • T
          taylorcockrell @george1421
          last edited by

          @george1421 they run into a secure boot error which i’m needing to turn off on our machines if we are not currently using it. I did change the timeout for the main menu so that I could work on some testing for it. Do i need to change the main menu timeout back to 5 seconds so it will continue booting to the hard drive. This issue mostly happens when someone restarts their computer.

          george1421G 1 Reply Last reply Reply Quote 0
          • george1421G
            george1421 Moderator @taylorcockrell
            last edited by

            @taylorcockrell You don’t need to reset it back to 5 seconds. But the question was more around when the timeout happens will the target computer’s OS boot. Its not clear to me why the computer is skipping hard drive boot, to fail over to PXE booting. Is the hard drive not detected so it pxe boots? Then if it pxe boots through this method, will it boot through the iPXE menu into the OS. Or is the disk lost somewhere? That is the question.

            Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

            T 1 Reply Last reply Reply Quote 0
            • T
              taylorcockrell @george1421
              last edited by

              @george1421 I could maybe start with disabling the secure boot and see what happens after that.

              george1421G 1 Reply Last reply Reply Quote 0
              • george1421G
                george1421 Moderator @taylorcockrell
                last edited by

                @taylorcockrell said in PXE Boot On Certain Computers:

                start with disabling the secure boot and see what happens after that.

                FWIW: FOG iPXE will not boot when secure boot is enabled. Turning off secure boot is a prerequisite to image with FOG.

                Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                T 1 Reply Last reply Reply Quote 0
                • T
                  taylorcockrell @george1421
                  last edited by

                  @george1421 should I use a different boot file then? I’m currently using ipxe.efi for the dhcp option.

                  george1421G 1 Reply Last reply Reply Quote 0
                  • S
                    Sebastian Roth Moderator
                    last edited by

                    @taylorcockrell said in PXE Boot On Certain Computers:

                    should I use a different boot file then? I’m currently using ipxe.efi for the dhcp option.

                    Tha iPXE binary is usually fine for most UEFI hardware. If you see issue you can try snp.efi or snponly.efi as well.

                    Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                    Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                    1 Reply Last reply Reply Quote 0
                    • george1421G
                      george1421 Moderator @taylorcockrell
                      last edited by

                      @taylorcockrell Well lets make sure we don’t get the issues mixed here.

                      Your OP says that at random your computers are booting into FOG even though the hard drive is configured first in the boot order. That is a workstation issue. That is unrelated to FOG at this time, FOG is only servicing the pxe boot request that is being issued by the target computer.

                      The second issue is the boot loader. For uefi there are 2 main choices and a few others for niche issues. The ipxe.efi is akin to the linux kernel where it has all of the popular network drivers built in. Then there is snp.efi that only has the snp driver built in. The snp driver is typically universal because it uses the snp driver built into the network adapter. If you have really leading edge hardware I would recommend using the snp.efi boot loader. But again this is not your issue.

                      My question is around if the computer skips the local hard drive boot (for some reason) and it happens to end up in the iPXE menu, then by default it should try to boot the local hard drive. I’m asking is that bit happening. Thinking: that if the computer bypassed the hard drive for some reason, can iPXE exit to the hard drive or is there something wrong with the hard drive requiring a power cycle to fix it??

                      Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                      T 1 Reply Last reply Reply Quote 0
                      • T
                        taylorcockrell @george1421
                        last edited by

                        @george1421 so I did some more research and I wonder if it’s not technically booting the fog server but only throwing an error because of secure boot being enabled. The issue I’m going to run into is disabling secure boot on 400 computers in our company because it can’t be done remotely. Would it be easier to set up fog to do secure boot instead?

                        george1421G 1 Reply Last reply Reply Quote 0
                        • george1421G
                          george1421 Moderator @taylorcockrell
                          last edited by

                          @taylorcockrell Fog doesn’t support secure booting directly. You can create new keys and add them to your target computers so it will see the fog binaries as valid, but again you have to touch 400 computers to import the keys.

                          Just to be clear you plan on unattended upgrade/reimaging 400 computers without IT intervention?

                          What manufacturer’s hardware do you use, Dell business class?

                          Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                          T 1 Reply Last reply Reply Quote 0
                          • T
                            taylorcockrell @george1421
                            last edited by

                            @george1421 No I want to be able to reimage a computer if we need to from any location but make it to where we can be the only ones that can connect to the fog server. We have Lenovo Thinkcentre Tiny PC’s for most of the computers.

                            george1421G 1 Reply Last reply Reply Quote 0
                            • george1421G
                              george1421 Moderator @taylorcockrell
                              last edited by

                              @taylorcockrell Well there is no easy answer here. If you need secure boot enabled in your environment then you can create a self signed key and apply it to each workstation. Then you can sign both ipxe.efi and bzImage with the same key. Once that is done you can secure boot using FOG. I created a tutorial on this on the steps needed. For an opensource project its a bit impractical to get microsoft signed kernels and efi boot loaders to do it any other way. I wish there was a better solution.

                              In the case of the hardware, I know for Dell hardware you can use a Dell offered utility to modify the firmware from within the host OS. Thinking that you can turn off secure boot (which will break bitlocker, but you will reimage the computer anyway) then reboot the computer into PXE booting with FOG.

                              If you require an IT tech to sit in front of the computer to image it, then they can simply turn off secure boot and then boot into pxe booting via the uefi boot manager. The imaging tech would have the access and capabilities to disable secure boot prior to imaging.

                              Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                              1 Reply Last reply Reply Quote 0
                              • 1 / 1
                              • First post
                                Last post

                              158

                              Online

                              12.0k

                              Users

                              17.3k

                              Topics

                              155.2k

                              Posts
                              Copyright © 2012-2024 FOG Project