DELL OptiPlex 7000 can't disable UEFI. Help for FOG neophyte?
-
Hello All,
I inherited a FOG 1.5.10 server (Ubuntu 20.04.6 LTS) at work about two weeks ago (upon my return from vacation). I had never heard of FOG until then. The server had been setup while I was on vacation by a guy whose last days working here were during my vacation. Here it is… it’s mine.
The new PC’s we have here are DELL OptiPlex 7000’s that cannot disable UEFI. I have read around the different posts for similar issues and I’m afraid that the newbie in me is a bit overwhelmed.
Additionally, the large organization I work for is like an island working inside of a MUCH larger organization. We do not control our own DHCP server, and need to wade through bureaucracy to get anything done. My predecessor managed to get the DHCP server updated to let me PXE boot with FOG. I have a couple of images setup and it works great on the older machines I was testing with!
Here is a link to information that DELL had about PXE booting these new machines. They don’t actually mention FOG in particular… just PXE.
Can anyone look at this and give me some advice as to if FOG is going to be the best choice for something like these machines? I did forward the DELL link to our liason with the parent organization and hope to hear something useful from them as well.
-
@tcso I think I can shed a little bit of info on you and you will be up to speed pretty quickly. That doesn’t mean it will solve your problem, you will just know why you have a problem.
Just be aware that if you want to boot a bios based computer you will need a bios based operating system. Bios and uefi are interfaces to the hardware. These are two different environment and are not directly related. So you can’t boot a bios based operating system on a uefi based computer the same way you can’t boot a uefi based os on a bios based hardware. This works the same for windows, linux, or embedded OS. Once the OS bootloader starts then the OS can be a bit more generic.
FOG as well as other network boot based imaging tools, use a bootloader that gets sent to the target computer over tftp protocol. The target computer knows what bootloader to request because of DHCP option 66 and 67. To boot a bios based computer with FOG dhcp needs to send in option 67 typically undionly.kpxe. If you want to pxe boot a uefi based computer, dhcp option 67 needs to be ipxe.efi or snponly.efi.
The problem with normal dhcp is that this dhcp option 67 is a static value. So you can only pxe boot bios or uefi based computers. Luckily both linux and windows dhcp server’s support something called target profiles. Using target profiles the dhcp server will detect the pxe booting target computer and send the proper pxe boot file name to the target computer. https://docs.fogproject.org/en/latest/kb/how-tos/bios-and-uefi-co-existence/#using-proxydhcp-dnsmasq look into the section that talks about windows 2012 servers and later on instructions to set this up.
If you have an unchangeable dhcp server and your target computers are on the same IP subnet as your FOG server you can install dnsmasq on your fog server to override dhcp options 66 and 67 with the proper values. If your target computers are on a different ip subnet and you have control of your network switches you can integrate dnsmasq pxe info to other subnets.
-
@george1421 said in DELL OptiPlex 7000 can’t disable UEFI. Help for FOG neophyte?:
If you have an unchangeable dhcp server and your target computers are on the same IP subnet as your FOG server you can install dnsmasq on your fog server to override dhcp options 66 and 67 with the proper values.
Thanks for your helpful response! I appreciate it!
The target computers are all on the same IP subnet. One of our parent company admins suggested that I look into dnsmasq (after I sent him a link to your response on this thread). My initial response to him is this:
I’m sure I could get dnsmasq installed, but whether or not I’d end up doing something stupid that conflicts with your DNS/DHCP servers is debatable.
If I install dnsmasq on the Ubuntu 20.04.6 LTS server, with dnsmasq using its default “hello world” settings, is there danger of it conflicting with the DNS and DHCP server services that already exist on our network? I want to be particularly responsible in that regard. Our parent company admins manage a huge network and the last thing I want to do is to become a thorn in their side.
My background is in Microsoft MSSQL administration. Linux server networking is something that makes me nervous.
-
@tcso Surely run this by your network admins but if you use my configuration there is low risk to your network infrastructure. https://forums.fogproject.org/topic/12796/installing-dnsmasq-on-your-fog-server?_=1690230679683
dnsmasq is a swiss army knife of services and if misconfigured will cause problems in your network. But using it in a proxydhcp configuration it will only provide pxe boot information only for your network. When the fog server is powered off then no pxe boot information, which you can’t pxe boot without fog anyway. So no harm no foul here. FWIW, proxydhcp is what windows wds uses to configure the target computers for pxe booting. A ProxyDHCP announcement will override anything configured in dhcp options 66 and 67.
