FOG with UEFI - rEFInd Error: Failure booting legacy (BIOS) OS



  • So, we are trying to get FOG running with UEFI in order to be able to use the TPM for Bitlocker on our Windows10 systems.

    I got as far as being able to boot to the FOG menu from the PXE Boot by changing the boot file to ipxe.efi from ipxe.kpxe - before that there were troubles with the computer reverting back to the boot selection screen.

    Deploying via FOG works now.

    We have LAN Boot set to first priority - which would be great to have in order to make it easier for us to manage our systems via FOG without having to manually boot via LAN.

    During boot I get the rEFInd menu and then when trying to boot from the harddisk - that it finds and shows after I changed some settings in the refind.conf (uefi_deep_legacy_scan) - I get the error: “Failure booting legacy (BIOS) OS.”

    Any idea on where I could look to solve this?
    The other options in fog configuration (GRUB, SANBOOT, etc.) dont work either.


  • Developer

    @taspharel said in FOG with UEFI - rEFInd Error: Failure booting legacy (BIOS) OS:

    It finds a hard drive (after changing to uefi_deep_legacy_scan active) but then there is an error: Failure booting legacy (BIOS) OS

    Hmm, after reading through the rEFInd code a bit I think it’s not a good idea to have the option uefi_deep_legacy_scan on. AFAIK the firmware needs to support something called EFI_LEGACY_BIOS_PROTOCOL (find more about this on the web if you are keen) for this to work. So this is very specific and might work for some machines but fail on others. Anyway I’d suggest going the clean proper UEFI street and not fiddling with some kind of legacy mode stuff. So better disable uefi_deep_legacy_scan in refind.conf.

    We are using mostly Lenovo Laptops (X and T versions) and mostly HP Desktops, though there are a few older HP Laptops as well.

    Have your tried with all the different Lenovos and HP notebooks and they all show the exact same behavior? I’d guess they don’t.

    Boot from SAN device 0x80 failed: No such device and so on as stated above

    Stick to rEFInd for UEFI I reckon!

    only way to work around it is to not autoboot from LAN, then it starts (with UEFI exclusively on - no legacy).

    Looks like others see that as well - see here

    The harddrive is a nvme SSD drive.

    I think this is the piece of the puzzle we were missing. Did you have to install an extra driver for the nvme drive in windows? From what I read in some other forums not all UEFI firmware comes with a native driver for the nvme SSDs included. So rEFind would have to load a driver to be able to see this disk (though this post is a bit older it still sounds valid to me). By any chance you could make this work installing a UEFI firmware update!? Or you can try what is suggested in that forum post:

    If you can find an EFI driver for your board, rEFInd might be able to load and use it. (rEFInd can load and use filesystem drivers, but this feature is untested with other driver types – at least, AFAIK.) EFI hardware drivers are pretty rare, though; they’re either built into boards as firmware or are unavailable to the general public, in my experience.

    @george1421 Possibly this is what we have seen reported by a couple of other people here in the forum as well…

    EDIT: @Taspharel By the way, is the nvme SSD set to AHCI oder RAID mode?



  • Okay. So.

    I got around to testing again.

    The same problem remains.

    Using ipxe.efi - the LAN Boot works just find, but when exiting from the fog menu or just letting it time out the system tries to boot via refind.

    It finds a hard drive (after changing to uefi_deep_legacy_scan active) but then there is an error: Failure booting legacy (BIOS) OS

    The harddrive is a nvme SSD drive.



  • I just noticed that there are two places in FOGs configuration where you set what exit type is chosen, maybe I had a mixup there since I never registered it as being two separate settings for bios and efi.

    I’ll check that on monday and report back if I may.

    If you have any other input I’m very thankful.



  • Thanks for the hint with the TPM - for some reason I had it fixed in my mind that wouldnt work. Just checked, it does work.

    Regarding the other issue:
    I converted (using mbr2gpt) the disk of a windows 10 installed client to gpt. But alas, still the same error messages along: Boot from SAN device 0x80 failed: No such device and so on as stated above

    I just dont get it … when in my BIOS Settings I have only UEFI set it happens, compatibility mode activated or deactivated it happens … only way to work around it is to not autoboot from LAN, then it starts (with UEFI exclusively on - no legacy).


  • Moderator

    @taspharel said in FOG with UEFI - rEFInd Error: Failure booting legacy (BIOS) OS:

    , I would prefer to use UEFI since it allows me to use the TPM in order to Bitlock

    I don’t know this is mutually exclusive. I know with our dells, the TPM chip is active in even Win7. We don’t currently use bitlocker so I can’t say for absolute if there is another requirement beyond that. But TPM is functional in Win7 even in bios mode. I can say for sure that secure boot does require uefi mode.

    Off-Topic: In regards to this, I would create each arch type listed on that document. It will save you headaches when you get new hardware. But I can say 90% of the time your hardware arch type will be 0 for bios and 7 or 9 for uefi.



  • Off-Point: Thanks for the link, I’ll have a look into it. Is there an easy way to find out what PXEClient: I will have to enter there for our hardware? We are using mostly Lenovo Laptops (X and T versions) and mostly HP Desktops, though there are a few older HP Laptops as well.

    On Point: I suppose I’ll have to go and set up a legacy (bios) and an Uefi Image as well.

    In general, I would prefer to use UEFI since it allows me to use the TPM in order to Bitlock our drives. We have to have the bitlocking functionality activated.

    Using BIOS we would have to use a password with Bitlocker, something I would like to avoid since most systems have the ability to boot using EFI.

    I guess the reason for not completely switching to UEFI is that I want to keep clients that might not be able to boot via UEFI functional and still use FOG with them…


  • Moderator

    @taspharel First the non-point bit. If your dhcp server is a windows 2012 or newer then you can use this process to make bios/uefi booting a bit more dynamic: https://wiki.fogproject.org/wiki/index.php?title=BIOS_and_UEFI_Co-Existence just follow the Windows section.

    Please understand that bios (legacy) mode and uefi mode are two different critters. Hardware access is different between the two. If your hardware is in uefi mode then you MUST load a uefi based operating system. That counts for FOS, linux or windows. Once you load a uefi operating system you can’t switch the firmware back to bios mode. If you do the system will not boot. In my case I have one Win10 reference image captured in bios mode and one Win10 image captured in uefi mode for deployment.

    Now in the case of FOG it uses two different exit modes to chain load the target computer OS when exiting from iPXE. For the bios mode the default is SANBOOT, which works pretty well for most situation. For uefi mode computers rEFInd works the best. Using rEFInd as an exit mode for bios computers won’t work well.

    What hardware are you having difficulties with?



  • Hi
    Thanks for your help.

    I am using our exisiting Windows DNS Server as DHCP.

    I removed the uefi_deep_legacy_scan and I already had the scanfor setting activated (sorry for not mentioning it).
    No change though.

    So do I get it right that I would have to install our Windows 10 Clients as UEFI Images in order to get it work with rEFInd? Or would that throw up other problems then?

    I changed the default for bios mode back to SANBOOT, the error I get is:

    Boot from SAN device 0x80 failed: No such device
    and then twice:
    Could not boot: No such device


  • Moderator

    First the off-point question. What do you use as your dhcp server? There may be options to have your dhcp server automatically switch between the uefi and bios iPXE boot files. That would address your pxe booting issue.

    The second for rEFInd. rEFInd should work well for you but only fur UEFI systems. You should set the default for bios mode to SANBOOT. When trying to boot a uefi system and its not finding the hard drive, you may want to update the refind.conf file by enabling this parameter.

    scanfor internal,hdbios,external,biosexternal
    

    From the default scanfor setting. Set uefi deep scan back to default. See if that improves your results.


Log in to reply
 

358
Online

39.3k
Users

11.0k
Topics

104.4k
Posts

Looks like your connection to FOG Project was lost, please wait while we try to reconnect.