Webcast: Imaging with FOG, Managing with PDQ
-
@Wayne-Workman but the only reason for me for this is because their software pieces are really great
and i really like that they offer the free mode of the the product even when i am pdq deploy pro user.Cool for guys who cannot make the yearly invest.
-
For anybody wanting to get in on this.
They are about to go live now.
-
@PDQ If there were FOG specific questions posted in chat or asked where you deferred to the FOG Project, if you could repost them here. We will answer them where we can (maybe better idea another clean thread). This was a very lively session that touched on a lot of things.
Thank you for taking the time to set this up and give a great overview of how the best of FOG and the best of PDQ Deploy can work together.
Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
-
to complete this:
https://www.adminarsenal.com/blog/automating-software-installs-for-imaged-computers/
https://www.adminarsenal.com/wp-content/uploads/2017/02/pdq-deploy-start-deployment.txt<# .SYNOPSIS Start a PDQ Deploy Deployment on a target machine .DESCRIPTION Trigger a PDQ Deploy deployment to start locally or on a remote machine with PDQ Deploy installed .EXAMPLE Start-Deployment -PackageName "Example Package" -Targets "Wolverine" .EXAMPLE Start-Deployment -ScheduleName "Example Schedule" -Targets "Wolverine" .EXAMPLE Start-Deployment -ScheduleID 123 -Targets "Wolverine" .PARAMETER DeployComputerName The machine with PDQ Deploy installed. This defaults to the local machine .PARAMETER PackageName The names of packages on DeployMachine that you wish to use .PARAMETER ScheduleName The names of schedules on DeployMachine that you wish to use .PARAMETER ScheduleID The schedule IDs on DeployMachine that you wish to use .PARAMETER Targets A list of targets that you wish to deploy a package or schedule to. Leave blank if you wish to target the local machine. #> [cmdletbinding( SupportsShouldProcess = $True )] Param( [String]$DeployComputerName = $env:COMPUTERNAME, [Parameter (ParameterSetName = "Package")] [string]$PackageName, [Parameter (ParameterSetName = "Package")] [String[]]$Targets = $env:COMPUTERNAME, [Parameter (ParameterSetName = "Schedule")] [string]$ScheduleName, [Parameter (ParameterSetName = "ScheduleID")] [Int]$ScheduleID ) Process { # Add parameters to a hashtable to easily push into invoke-command as an argument $MyParameters = @{ DeployComputerName = $DeployComputerName PackageName = $PackageName Targets = $Targets ScheduleName = $ScheduleName ScheduleID = $ScheduleID DeploymentType = $PSCmdlet.ParameterSetName } # This outputs a pwoershell.log to the root directory of the target machine $MyParameters | Out-String | Out-File C:\powershell.log # Testing to see if PSRemoting is enabled If (Test-WSMan -ComputerName $DeployComputerName) { Write-Verbose "Test-WSMan test passed on $DeployComputerName" # Added -Whatif capability to script If ( $PSCmdlet.ShouldProcess($DeployComputerName, "Starting deployment with the following parameters:`n $($MyParameters | Out-String)") ) { # Connect to Deploy machine and attempts to start a deployment Invoke-Command -ComputerName $DeployComputerName -ArgumentList ($MyParameters) -ScriptBlock { Param ($MyParameters) # This outputs a powershell.log to the root directory of the deploy machine $MyParameters | Out-String | Out-File C:\powershell.log # Build command string based on deployment type Switch ($MyParameters.DeploymentType) { "Package" { $PDQDeployCommand = "pdqdeploy deploy -package ""$($MyParameters.PackageName)"" -targets $($MyParameters.Targets)" } "Schedule" { $DB = "$env:ProgramData\Admin Arsenal\PDQ Deploy\Database.db" $SQL = "SELECT ScheduleID FROM Schedules WHERE Name = '$($MyParameters.ScheduleName)' COLLATE NOCASE;" $ScheduleID = $SQL | sqlite3.exe $db $PDQDeployCommand = "pdqdeploy StartSchedule -ScheduleId $ScheduleID" } "ScheduleID" { $PDQDeployCommand = "pdqdeploy StartSchedule -ScheduleId $($MyParameters.ScheduleID)" } } # Append the actual command that will be run to powershell.log "Invoke-command: $PDQDeployCommand" | Out-File C:\powershell.log -Append # Create and invoke scriptblock $PDQDeployCommand = [ScriptBlock]::Create($PDQDeployCommand) $PDQDeployCommand.Invoke() } } } }the webcast contains a lot of questions regarding to fog that couldnβt been answered by the two scotch loving guys.
Regards X23
-
Here are the questions from the webcast⦠the more or less regarding to FOG
-
How can you image using FOG on Windows 10? Also can you use FOG with Intel Gen 6 Processors? -OCSD A.
-
FOG is one of my favorite tools, but we purchased quite a few Lenovo M78 desktops in the past few years that will not boot with FOGβs iPXE. Is there a workaround to use on just these desktops or a way to push out bios updates safely? -Chris R.
-
What do you guys at PDQ use FOG for? What could we do if we incorparated FOG with our current PDQ use? -Zach M.
-
When you create a baseline, are those updated to the latest updates as they come out? If not is there away to make sure your baselines are always updated? -Paul K.
-
Are there significant advantages to FOG over MDT for an evironment that does not have remote assets that are not VPNβd in? -Zach M.
-
Can you create an image on FOG using an SSD? -OCSD A.
-
Our HP desktops can boot via PXE, but our dell vostro 260βs are no longer working. I was abte to create the image, but now they are no longer working. Any ideas? -Paul K.
-
Does fog allow offline imaging via usb key? -jorlando d.
-
How does FOG and PDQ handle windows updates? -Ryan M.
-
I havenβt worked with Snapins much but after I Image with Fog is there a way ti set the OOBE answers (i.e. user that will be using this computer, etc), using the snapin feature for when I image Windows 10? -C P.
-
Are there any network card driver issues using FOG imaging? -Rod C.
-
Do you create a Windows 7 image with full updates or are you updating with Rollup packages? -Chris W.
-
Can I use existing SCCM images with FOG or do I need to create all new images? -Doug K.
Regards X23
-
-
This post is deleted! -
What was in this deleted post from PDQ?
-
@x23piracy I was responding to george about starting a new thread with the questions, but then I noticed that you had already posted them
We now have timestamps posted on the video for easy access to the answers
-
@PDQ I think moving it to a new βcleanβ thread is a good idea. Iβll take care of that a bit later. Iβll move the questions and then we can answer them in one location. Thanks for adding the time codes too. That will make referencing the exact spot a bit easier.
-
@george1421 answering that questions only makes sense if we have the connection to the askers.
Also i am wondering about some questions, why we have not seen this kind of questions before? Maybe they didnβt find the forum or itβs the gap between registering an account, formulating a question and wait for the answerRegards X23
-
@PDQ i love your employers, drinking at work
are you even allowed to smoke? Do you have jobs to offer?.. just joking -
@x23piracy said in Webcast: Imaging with FOG, Managing with PDQ:
Do you have jobs to offer?.. just joking
If you βwatchedβ the video, they are looking for a sys admin. So yes they do.
-
@PDQ & @george1421 Hi guys I have a question how did you guys pass the PDQ background user credentials from fog. Did you change the fog service user to match that user?
-
@Troye-Johnson I think that part needs to be answered by the PDQ guys. I can tell you by default the FOG client runs as the SYSTEM account.
I could see its possible that if the fog service account was changed to run as a domain user account and that domain user account had local admin rights (on the target computer) as well as rights to reach out to the PDQ Deploy server, and listed as a console user in PDQ Deploy that would work and still keep everything secure and functional.
-
@george1421 I did try this and it worked, but also in the webcast I heard them say βdid you remove your password from the scriptβ my boss thinks they have a way to run the script as any user from from the fog console. @PDQ can you explain how that process works?
-
@george1421 the FOG client should never be set to run a domain user. The clientβs security model relies on the assumption of running as SYSTEM/root. In addition if the client runs a domain user then it will not be able to rename, join, or leave a domain. Since when the client needs to temporary leave remove a machine from the domain, the client would loose all privileges.
Ultimately the client may or may not work as non-SYSTEM users, but its not something we recommend or will officially support.
-
@x23piracy said in Webcast: Imaging with FOG, Managing with PDQ:
Sounds great how do you guys want to manage fog images in a better way as it is? Little details please?
FYI i am a paying PDQ Deploy Customer Lovely tool.What i found so far:
http://bobhenderson.org/fog-zero-touch-imaging-with-pdq-deploy/
http://bobhenderson.org/pdq-deploy-fog-imaging-happiness-take-2/Regards X23
Mod edited
ha, holy crap, thatβs me!
-
@Bob-Henderson == Now famous.
-
@george1421 Actually reminded me to renew the domain name on that one before I lost it! God I need to post more updates.
Weβre still using FOG and PDQ to image out our 1:1 fleet of computers, as well as having it tied into our server deployments automated via Ansible onto our Proxmox KVM boxes. Itβs working fantastically.
The next thing Iβm working on (shoot for the moon, right?) is to use FOG to host Snapins and make them accessible outside of the LAN, thatβll then pull down some powershell to grab files via HTTPS from our web cluster to do remote installations if needed. Iβve got a proof of concept working, but Iβm a 1 man shop and havenβt had time to do much more on it. But if it works, Iβll effectively be able to push installs both on and offsite, without having to use DirectAccess as the tie back. The powershell has some ifβs in there to see if theyβre on the LAN, which will then tell it to grab PDQβs packages, but if theyβre off, itβll grab them from the HTTPS repository and fire off msiexec on them manually.
Itβs poor mans SCCM!
-
@Troye-Johnson Did you ever get an answer to your question? I am running into the exact same problem. Since the service runs as SYSTEM, it doesnβt have permissions to even remote powershell to our PDQ server.
