• Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login
  • Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login

Option to edit Windows registry via FOG PXE boot?

Scheduled Pinned Locked Moved
Feature Request
7
10
2.3k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • P
    psyfer9983
    last edited by Nov 27, 2017, 2:37 PM

    Would it be possible to edit the Windows registry via FOG PXE boot? I have machines that tend to reset the CMOS settings which causes endless boot loops due to the wrong SATA mode. Having the option to make changes to the registry with PXE would allow me to edit the keys to allow Windows to boot without touching the machine.

    1 Reply Last reply Reply Quote 0
    • J
      Joe Schmitt Senior Developer
      last edited by Nov 27, 2017, 2:58 PM

      @psyfer9983 since editing the Registry can be done via Linux, you could just add another boot option for a live ISO that contains a distribution with a registry editor pre-installed (or install it manually).

      Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

      1 Reply Last reply Reply Quote 0
      • T
        Tom Elliott
        last edited by Nov 27, 2017, 4:26 PM

        FOS already contains a registry editor too, just in case anybody was unsure. That’s how we do “hostname early”

        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

        1 Reply Last reply Reply Quote 2
        • W
          Wayne Workman
          last edited by Nov 27, 2017, 6:52 PM

          Following along with what Tom said below, you just need to write a postdownload script to do the work you need done. Get started with that here:
          https://forums.fogproject.org/topic/7740/the-magical-mystical-fog-post-download-script
          Try your best to do it yourself. If you need help, ask here.

          Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
          Daily Clean Installation Results:
          https://fogtesting.fogproject.us/
          FOG Reporting:
          https://fog-external-reporting-results.fogproject.us/

          1 Reply Last reply Reply Quote 0
          • G
            george1421 Moderator
            last edited by Nov 27, 2017, 8:14 PM

            look at the tail end of the first script in this post: https://forums.fogproject.org/topic/8889/fog-post-install-script-for-win-driver-injection/4

            It explains how to use the linux utility reged to import registry changes into Windows. You will need to use a postinstall script to deliver this script to your target computer.

            But just a point to mention you are saying that your CMOS settings are being reset. (First replace your battery). Setting registry values will not do you any good since your windows install won’t boot because the SATA mode is incorrect, causing windows to not boot. I assume you need linux to change your BIOS/firmware settings to correct this condition? If so you are out of luck. FOG/linux/Windows dosen’t have the ability to change bios settings.

            Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

            1 Reply Last reply Reply Quote 0
            • P
              psyfer9983
              last edited by psyfer9983 Nov 28, 2017, 12:54 AM Nov 28, 2017, 6:51 AM

              Thanks for the replies. The reason for the method is due to an image made for over 200 machines (thankfully all the same model) and not wanting to go to each machine, back them up, set bios setting, reimage and restore data. The machines all have good cmos batteries but a power flicker will sometimes cause them to revert to defaults like it has a post failure detection. Anyway, the image was made with AHCI mode and the default BIOS setting is RAID (stupid Dell). The SATA mode was set to AHCI mode in case some of them were to be upgraded to SSD as AHCI gives better compatibility/performance boost, we would just need to clone it and boot it. This site in question for me is a “site as is” problem that I’m sick of having to go to the machines just to change one setting in the BIOS to fix. Since I know what the default SATA mode is that’s being reverted too, I’ve been looking for a method of just changing the reg keys to reflect the settings but doing it remotely. It would save me having to physically go to the machines. I’ll check out the posted URLs and give them a try. My goal is to “fix” the image with the defaults for new installs and have the “reg patch” for the rest. The reg keys in question need to be changed to the following:

              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\msahci]
              "Start"=dword:00000000
              
              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\pciide]
              "Start"=dword:00000000
              
              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\iaStorV]
              "Start"=dword:00000000
              
              1 Reply Last reply Reply Quote 0
              • Q
                Quazz Moderator
                last edited by Quazz Nov 28, 2017, 3:48 AM Nov 28, 2017, 9:47 AM

                You could also simply edit the registry before capture of course.

                But if you have, say an SSD, I don’t particularily recommend leaving it in IDE mode.

                1 Reply Last reply Reply Quote 1
                • P
                  protools_operator
                  last edited by protools_operator Dec 13, 2017, 1:01 PM Dec 13, 2017, 12:00 PM

                  Update BIOS settings directly from fog.
                  Joe’s and Tom’s suggestions are great for registry editing.
                  I suggest a different approach, Update UEFI Firmware (BIOS) setting directly.

                  I’ve used this method when I was working in a highschool, I don’t have my documention and batch scripts as I’m not working there anymore, but I can give some direction and contribute rescripting it.

                  • Build a WINPE 3 or later ISO and Add WMI component and WINPE DriverPack (possibly with DISM or Winbuilder)
                    (LINUX based official bios tools are less popular)
                  • Copy necessary files to the ISO for each name-brand company (HP/Lenovo/Dell/Intel)
                  • Edit Startnet.cmd /OR/ Wpeinit with RunAsynchronous commands in unattended xml file to run startup powershell script or batch file (for HP) and reboot or shutdown
                  • Create a fog menu entry to boot into the autorun WINPE and run it once to a group contains hosts from same company (or same model number).

                  Tools used for different namebrand companies:
                  HP Bios Configuration Utility (Extract files with 7-zip or alike):
                  http://ftp.hp.com/pub/caps-softpaq/cmit/HP_BCU.html
                  ( Guide: https://ftp.hp.com/pub/caps-softpaq/cmit/whitepapers/BIOS_Configuration_Utility_User_Guide.pdf )
                  Examples:
                  Prerun the HP Tool to Create a new password (/nspwdfile) or enter the current password (/cspwdfile) using keyboard ASCII/ANSI characters you have on your keyboards (so you’ll be able to gain local access to BIOS easily if needed):
                  HPQPswd64.exe /s /p"<password>" /f"<encrypted-password-file.ext>"
                  (Password can be empty, or 8-32 characters)

                  Batch example:
                  BiosConfigUtility64.exe /cspwdfile:“<current encrypted-password-file.ext>” /setvalue:“<setting>”,“<value>”
                  BiosConfigUtility.exe /nspwdfile:“<NEW encrypted-password-file.ext>” /setvalue:“Enter Ownership Tag”,“Foobar Highscool”
                  BiosConfigUtility64.exe /cspwdfile:“<CURRENT encrypted-password-file.ext>” /nspwdfile:“<NEW encrypted-password-file.ext>” /setvalue:“SATA Device Mode”,“AHCI”
                  HP WINPE DriverPack: https://ftp.hp.com/pub/caps-softpaq/cmit/HP_WinPE_DriverPack.html

                  Dell uses the newer Command / Configure or older Dell Client Configuration Toolkit (CCTK):
                  Guide: http://topics-cdn.dell.com/pdf/command-configure-v3.3_user’s guide_en-us.pdf

                  Intel: Intel Save and Restore System Configuration Utility (SYSCFG)

                  Lenovo BIOS Setup Tools using WMI:
                  https://pcsupport.lenovo.com/il/en/solutions/ht100612
                  Guide:
                  https://download.lenovo.com/pccbbs/mobiles_pdf/kbl_deploy_01.pdf

                  Lenovo Example in powershell:
                  (Get-WmiObject -class Lenovo_SetBiosSetting –namespace
                  root\wmi).SetBiosSetting(“<SETTING>,<VALUE>,<PASSWORD>,ascii,us”)
                  (Get-WmiObject -class Lenovo_SaveBiosSettings -namespace
                  root\wmi).SaveBiosSettings("<PASSWORD>,ascii,us”)

                  Ofcourse you can use similar approach to update the firmware to latest,
                  You can also use this approach with fog client snapin script, new images unattend.xml/setupcomplete.cmd, or george’s post imaging scripting tutorials, findings and contribution , but I’ll not recommend it as I still think it’s a bit risky to update bios automatically, maybe I’m just oldschool and today there shouldn’t be any problem doing so.

                  Personally I won’t use this method as a fog snapin without precaution as I still think some buggy system resource intensive (for Ex: antivirus) could break the bios update or WMI functionality.

                  post-install-scripts might be useful for changing asset tracking number in bios based on host name or tags in host inventory.
                  (Probably could be also done with current/future API call)

                  1 Reply Last reply Reply Quote 0
                  • P
                    psyfer9983
                    last edited by psyfer9983 Aug 10, 2018, 1:32 PM Aug 10, 2018, 7:30 PM

                    Been away for a while and haven’t had time to follow up with this. I have looked and looked and just can’t find how to do this. Is there any documentation for “reged”? How would one add a PXE menu option to add the following keys to the Windows registry WITHOUT booting into windows. The point of this is to remotely fix a machine that boot loops due to the wrong SATA mode set in the bios.

                    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\iaStorV]
                    "Start"=dword:00000000
                    
                    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\msahci]
                    "Start"=dword:00000000
                    
                    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\pciide]
                    "Start"=dword:00000000
                    
                    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\iaStor]
                    "Start"=dword:00000000
                    
                    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\atapi]
                    "Start"=dword:00000000
                    

                    I can’t update the BIOS directly (MB doesn’t support it). I’m trying to not go to the machine, I rather just go to the Fog server and tell it to run the reg fix remotely.

                    G 1 Reply Last reply Aug 10, 2018, 8:55 PM Reply Quote 0
                    • G
                      george1421 Moderator @psyfer9983
                      last edited by Aug 10, 2018, 8:55 PM

                      @psyfer9983 There isn’t a tutorial on what you ask, because poking about in the windows registry using a non-windows OS is not typically a good choice. But with that said, I can give you the match and can of gas. What you do with them is up to you.

                      In this post there is an example of how to use the reged linux utility. https://forums.fogproject.org/topic/8889/fog-post-install-script-for-win-driver-injection/4

                      From that post here is the interesting snippet of code.

                      regfile="/ntfs/Windows/System32/config/SOFTWARE"
                      key="\Microsoft\Windows\CurrentVersion\DevicePath"
                      devpath="%SystemRoot%\DRV;%SystemRoot%\inf;";
                      reged -e "$regfile" &>/dev/null <<EOFREG
                      ed $key
                      $devpath
                      q
                      y
                      EOFREG
                      

                      You can probably stack the ed commands so you only need to call reged once. Here is a help page for reged: http://manpages.ubuntu.com/manpages/bionic/man8/reged.8.html

                      So once you have the bash script you need, you can call it during the post install actions after the image is placed on the target hard drive and before FOS exits and reboots. The first link shows you how to update/attach scripts to the postinstall script (which can be used for driver deployments).

                      Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                      1 Reply Last reply Reply Quote 0
                      • 1 / 1
                      • First post
                        Last post

                      197

                      Online

                      12.0k

                      Users

                      17.3k

                      Topics

                      155.2k

                      Posts
                      Copyright © 2012-2024 FOG Project