Hello @Tom-Elliott

No LDAP plugin, logins are local
I don’t have any pending mac to approve.

Thank you for your time @Tom-Elliott

My workarounds for update on Debian Trixie are:

A)
git checkout master ; git pull
userdel fogproject
cd bin ; ./installfog.sh

or
B)
apt install lastlog2
git checkout master ; git pull
ln -s /usr/bin/lastlog2 /usr/bin/lastlog
cd bin ; ./installfog.sh

Peter

@george1421 I probably found the reason of disSYNC of fog password and FOG settings. My old fog generated password included an & char (password looked like q&Y**********) but after some updates I found q&#38#38#38…********** in FOG_TFTP_FTP_PASSWORD and Storage Management Password.

To solve thi issue , I used https://forums.fogproject.org/topic/11203/resyncing-fog-s-service-account-password bit first I changed password in /opt/fog/.fogsettings.

Then update

update FOG_TFTP_FTP_PASSWORD update Storage Management Password, delete fogproject user (debian 13 installer bug lastlog vs. lastlog2) rerun installfog.sh

Now kernel update (tftp access) is working again.

@BLT Hi I am working on an updated kernel that should support newer hardware like the Framework Desktop.

I have a windows 11 golden VM residing on an xcp-ng 8.3 host, I am able to boot into the fog menus and upload images(although sometimes the console window blanks out after 3-4 minutes so I use snapshots and brute force to get it to complete).

Try adding this to your host kernel arguments: xen_emul_unplug=unmodified nomodeset vga=788

Also use the intel nic option not realtek. I am not using a custom kernel for my VM, just the latest same as any other machine.

UEFI bios mode on the VM(required for TPM).

@jas777 Hi sorry for the delay. I believe I have the solution for this issue.
I haven’t been able fully test these changes on physical hardware, so I pushed them to another branch. Please clone the repository and change the branch like this before installing:

git clone https://github.com/fogproject/fogproject.git cd fogproject git switch ipxe-bios-test

Let me know if it works out for you.

@Tom-Elliott Hi, sorry for the delayed response. I updated both the Fog server and storage node, but the same error is thrown at the end of multicasting.

As a workaround, we’re doing deploy in these Appliances by Schedule Deploy Tasks, as it bypass the authentication screen. But i would be interesting if we could do deploys without this need.

I think this is an issue envolving this kind of nic hardware (Intel I226-V). I opened an issue (18125) where I have some appliances for pfsense, they have got four NICs with this kind of hardware, and we are not getting successfull to deploy an image because it’s not processing authentication, even typíng correct user and password.

Yes, you are right!
I can confirm that it is still functional.
Install clean Windows 11 + drivers + all the updates -> configure windows as you like it -> sysprep -> shutdown -> Image -> Deploy.

Although, I have searched the answer for the main question, to sysprep or not, for years!
What I mean, is that if you sysprep, some of the Windows settings and configuration will be wiped out during the sysprep, so you cannot configure image 100% ready and need some manual steps after the cloned pc (deployed) boots up.
Of course those manual configurations can be automated (by a script or some other way), but still, it would be nice that image can be setup without sysprepping if it is not needed anymore in Win10/11.

I have tested hundreds of PC-s in domain environment without sysprepping - they work flawlessly, no issues with Domain, WSUS or other things, but I am little bit worried, that if some issues arise, e.g some weird errors then I must reinstall all the deployed pc-s with sysprepped images…

Can somebody confirm?

Yes, I understand, that without sysprep, all the PC-s deployed from the same image will be using same SID, but is it bad somehow?
Can someone confirm that for Intune it is also OK?
Domain doesn’t care, WSUS either, but what else might break?

@Tom-Elliott

So I tested current release, and it seems you were able to fix it. It registers new hosts correctly now. However, you still have errors in sed used to enable USB_HCD_USBIO in iPXE compilation to fix non-working keyboard mentioned here: https://forums.fogproject.org/topic/17870/fog-ipxe-menu-no-input/

You have TAB in your sed, but it doesn’t work correctly. So lines number 80-82:

sed -i 's+//#define USB_HCD_USBIO+#define USB_HCD_USBIO+g' config/usb.h sed -i 's+//#undef USB_KEYBOARD+#define USB_KEYBOARD+g' config/usb.h sed -i 's+//#undef USB_EFI+#undef USB_EFI+g' config/usb.h

should be:

sed -i 's+//#define USB_HCD_USBIO+#define USB_HCD_USBIO+g' config/usb.h sed -i 's+#undef USB_KEYBOARD+#define USB_KEYBOARD+g' config/usb.h sed -i 's+#define USB_EFI+#undef USB_EFI+g' config/usb.h

TAB after define and undef makes difference and current iPXE release have different syntax. They have:

#define USB_EFI //#define USB_HCD_USBIO #undef USB_KEYBOARD

So we need to uncomment define USB_HCD_USBIO, switch undef USB_KEYBOARD to define and switch define USB_EFI to undef.

@astrugatch we have firewalld but you can make the adjustments… some ports have been changed from the initial setup due to network restrictions.

- name: FOG_Services short: FOG Server network rules description: >- For FOG Server to handle boot, image and various tasks on workstations sources: - SUBNET_IPS allow_icmp: - echo-request - echo-reply services: - ftp - http - mountd - nfs - rpc-bind - tftp ports: - { port: 20048, proto: tcp } # nfs - { port: 20048, proto: udp } # nfs - { port: "35350-36350", proto: udp } # tftp - { port: "49512-65532", proto: udp } # multicast

@pcnr I noticed this issue so many years a go. It may be issues refering undionly.kpxe file. You can find some solutions from this forum about this. In my case I did following:

Make a backup of /tftpboot/undionly.kpxe to undionly.kxpe.bak; Copied /tftpboot/undionly.kkpxe to undionly.kpxe.

So at next time, this stuck problem was solved.

I have solved my issue by changing the Host EFI Exit type:

REFIND_EFI for Windows images
SANBOOT for Ubuntu/Debian images

Xavier

Hello,
In my attempt to switch to HTTPS for the Fog server, I encountered the same issue of the keyboard being disabled in the iPXE menu. After several unsuccessful tests, I consulted Copilot. After reviewing all the scripts and .h files, it indicated that the issue stemmed from the size of the iPXE.efi file I was using. It was too large due to all the necessary modules for HTTPS, causing iPXE to deactivate the USB keyboard functionality during loading. Consequently, I opted for snponly.efi instead, and now the keyboard works perfectly.

I modified the script buildipxe.sh :

sed -i ‘s+#define USB_HCD_USBIO+//#define USB_HCD_USBIO+g’ config/usb.h
sed -i ‘s+#define USB_KEYBOARD+//#define USB_KEYBOARD+g’ config/usb.h
sed -i ‘s+//#define USB_EFI+#define USB_EFI+g’ config/usb.h

May I propose a change in the console.h : Could you set the keyboard map to “dynamic” instead of “us” ? That way we can easily set our language in default.ipxe

//#define KEYBOARD_MAP us // Default US keyboard map
#define KEYBOARD_MAP dynamic // Runtime selectable keyboard map

@Greg-Plamondon I’m going to try delving into this but I’ve been very busy with other things and just haven’t gotten around.

I do appreciate the patience and assistance.

The changes you were doing that fixed the problem, please implement them again and you should be back to functional

Once that is done, do you mind doing a diff between that file and the relevant file in the git repository side:

Files I think you changed were under: <path>/<to>/<installer>/packages/service/<servicename>/<servicefile>

I’m not seeing any issues on my test systems.

not really sure why it isn’t working either.

I believe you were editing the files in /opt/fog/service/<servicename>/<servicefile>

So you would do:

diff -u <path>/<to>/<installer>/packages/service/<servicename>/<servicefile> /opt/fog/service/<servicename>/<servicefile>