Bitlocker network unlock (WDS) and FOG
-
Does anyone know how to get FOG working with PXE boot when bitlocker network unlock (which installs WDS) is installed?
The network unlock service turns on WDS with its settings configured so that it listens on DHCP ports and responds to PXE requests. The DHCP server is still set up to use FOG but because WDS is listening on DHCP ports it’s taking all the PXE boot traffic. If I stop WDS from listening on DHCP ports the network unlock no longer works so at the moment it’s one or the other not both.
-
Right now your only option is to image on an isolated network away from your production network. I suspect that WDS is using proxydhcp which will override your setting in dhcp options 66 and 67. There is no way around this AFAIK.
It would be interesting to see what WDS is actually doing this tutorial tells you how to do this with the fog server: https://forums.fogproject.org/topic/9673/when-dhcp-pxe-booting-process-goes-bad-and-you-have-no-clue
Or you can use wireshark with the capture filters of
port 67 or port 68 or port 69 or port 4011If you want us (or me) to look at it upload the pcap to a google drive and either post the link here or IM me the link and I’ll review it. It would be interesting to know exactly what WDS is doing here. But in the end, having an isolated (but routable) imaging network is probably your only solution. You just need a network where you can limit the broadcast domain to only that subnet.
