@Bhav There is not at this point in time.

Secure boot is meant to be… well, secure.

There are people attempting to get there, but I can say, right now, FOG just isn’t there right now.

On the forums you can see this at:
https://forums.fogproject.org/topic/17949/fog-secure-boot-with-shim

Which might help lead you in the direction as well hopefully.

@toalalife

@KMEH Well, it must be another image I couldn’t attach.

Which image are you referring to here? bzImage? If so bzImage is the filename of the kernel.

I’ve honestly dedicated many hours to this without success. I’ve seen another project called foguefi (https://github.com/abotzung/foguefi), compatible with Secure Boot directly, without using MOK, and it works. It’s just that when you select options like quickreg or deploy an image, it takes forever. But the point is, it works with recursive boot enabled. It shouldn’t be that complicated.

Yeah, I am aware of foguefi (I actually reference it in the original post), but I think you are slgithly mistaken, it actually is also using MOK. It chains grub via shim (which is similar to what we’re doing here, chaining iPXE via shim) and then re-implements the iPXE menus into grub. This works great, but requires a lot of maintenance effort if anything changes upstream in FOG.

As you can see that project is currently archived, but FOG is also reasonably stable, so I’m not sure how long it will take for a breaking change to stop it from working. Part of the reason I devised this method is that (although hackier to implement on a user level), it doesn’t rely on any functionality that isn’t already present in standard FOG server itself for the most part and it could reasonably be implemented by the FOG developers should the wish to add it.

Anyway, do you have a list of commands to configure it? Maybe I or the AI ​​is missing something.

Sorry I’m a little lost here, commands to configure what? foguefi? If so I’m not sure, I haven’t used it myself so you’d have to ask the developer. If it’s commands to configure my method, the guide above should have everything you need.

@heix75 No.

Not because it’s not a QOL improvement (it is) but because what you see in 1.5.x.x is NOT what is the end goal.

If you want to see what the UX is moving toward install the version of FOG on working-1.6.

You’ll understand (I hope), then, why I’m saying this.

@pillbox1234567 Thanks for the suggestion. I turned Viridian off on the cloned VM, and it did not make a difference.

Interesting note that you’ve seen it cause boot issues on certain Linux VMs. I have not experienced that behavior yet but will keep an eye out for it.

@Preston Wow that was a super answer, thanks Preston! I’ll give this a go in the week. 🙂

@Exsival When you say “Causing the fog server to crash” what exactly do you mean?

If it’s just a “saying” I can understand that but from a technical standpoint what this means is completely different and would need logs. If all you mean is the machine in quesiton is hanging, that’s a different issue altogether. I highly doubt the whole FOG Server is crashing.

@Infojoe I forgot an important information : version 1.5.10.1826

@lucamathuse No, I would not move the files manually yet.

If the capture reports “Cloned successfully” but the task remains In-Progress, then the capture itself may have finished, but the post-capture process is not completing correctly. Under normal conditions, the host should finish the task and then reboot or shut down automatically based on your settings.

So, before moving anything by hand, I would want to know whether the host is actually stuck there indefinitely or whether it is still finishing something in the background. If it never updates the task status, that could also explain why your image set ends up incomplete or inconsistent.

@hariskar

I didn’t really catch the described use case…
But anyway, if application stores something in the database, then the database need to be backed up, of course. Fully and incrementally also (separate logic).

If you use application that stores data in the same machine where it is installed, better would be to configure it to store data on the remote database, e.g on specific database server or some other way.
You can create network drive or other remote storage and point your database files there - if needed to be separate (for each PC).

This way you have all the data in the same place, and you can make backups of this server or drive more easilly.

Backuping entire PC with database in it - this can be done, but why?
It feels strange.

Example:
Lets say, employees in your company are working with important documents.
Do you really want to backup of entire PC (with os and applications and data), instead of storing those documents on secure and reliable remote storage?
Better solution is to simply make network location (local or in cloud) and let the users to store documents there - so the documents would not be lost if some pc dies.
If PC dies, then you simply replace the pc and deploy ready to use system image.

@kratkale said in Windows 11 | 65x HP Z2 Tower G1i:

Can I specify in FOG which hard drive to clone to? For example, using the serial number? That could be stored in the host entry

Hi, this is a known issue when using NVMe, as you’ve probably already discovered. I’m not sure whether FOG 1.5 supports using serial numbers to target disks, but someone from the team may be able to confirm that. FOG 1.6, however, does support targeting disks by serial number.

I ran into the same situation. As a workaround, I customized my init.xz to use the PCI path instead, since those appear to be more persistent.

@lucamathuse
I don’t remember if it’s related to Win11 we have this in our postdownload script :

if [ -n "$hd" ]; then if [ "$hd" = "/dev/nvme0n1" ] ; then partsys=$hd'p2' partdata=$hd'p3' else partsys=$hd'2' partdata=$hd'3' fi

We use Virtualbox, install classic WIndows 11, disable Bitlocker, and capture with FOG with image set to “Multiple Partition Image - All Disks”
My folder capture :

d1.mbr d1p1.img d1p2.img d1p3.img d1p4.img d1.partitions d1.size

Maybe try capture debug to see which partition FOG get during your capture

@Tom-Elliott Hi, has there been any development with this?

I’m facing a situation that’s not quite identical but very similar in my 1.6.0-beta.2297.

I already posted to the Forum with the details I thought were relevant, but noticed my FOG status is showing the same messages that are posted here.

@lucasgfaj have you turned off secure boot?