Cannot reach Dir -> Bitlocker prompt right After. Help!



  • Greetings, all.

    Recently I updated my Kernel to 4.9.137-0.1.ac.218.74.329.metal1.x86_64 and after that, i’m unable to reach dir then it triggers bitlocker screen. Disabling bitlocker is very time consuming and even then, it might not reach it dir.

    Below are the SCCm settings from advance menu->

    :SCCM

    initrd tftp://fog-server-99.lan14.test.com/tftpboot/fog/sccm/sccm.iso

    chain memdisk iso raw ||

    ENDTEXT

    From my understanding, this is the booting path -> initrd tftp://fog-server-99.lan14.test.com/tftpboot/fog/sccm/sccm.iso, Correct?

    Storage Nodes Info ;

    Storage Node
    lan14 Node

    Path
    tftp:///fog-server-99.lan14.test.com/tftpboot/fog/sccm/sccm.iso

    Also I see the node has another path as well, does it pull from node or initid?

    Please advise on why the fog might not be reaching its host.

    Thank You.


  • Moderator

    @lxrsd Now on this part. Its giving you a bitlocker screen when you boot the iso image?

    This may show ignorance on my part with bitlocker, but isn’t bitlocker dependent on uefi mode?



  • @george1421 Thanks for the help! I was able to reach Dir by changing to initrd tftp://fog-server-99.lan14.test.com/fog/sccm/sccm.iso.

    Now the only thing I’m dealing with is the Bitlocker issue. As you mentioned, it is doing its job but i’m curious to why after the kermel upgrade it keeps prompting for it instead of going straight to SCCM like before.


  • Moderator

    @george1421 said in Cannot reach Dir -> Bitlocker prompt right After. Help!:

    tftp://FOG-FQDN/fog/sccm/sccm.iso

    You could also test to ensure you have the right path with a windows computer. Just install the tftp client feature, then open a command prompt and issue tftp <fog_server_ip> GET fog/sccm/sccm.iso (note that command syntax is from memory, it may not be 100% accurate). What we are testing here is does it download the file. If so then you know you have the permissions setup correctly and the file exists at the path provided.


  • Moderator

    @lxrsd Well again you have a lot going on here. So much so its not clear what your problem is.

    If your issue is not being able to boot the sccm.iso I can see why
    You have this section in your menu

    :SCCM
    initrd tftp://FOG-FQDN/SCCM.iso
    chain memdisk iso raw ||
    goto MENU
    

    But according to yourls command the files are in /tftpboot/fog/sccm/sccm.iso Also SCCM.iso != sccm.iso. In linux case is important.

    If it was me I would update your sccm section to look closer to this.

    :SCCM
    initrd tftp://FOG-FQDN/fog/sccm/sccm.iso
    chain memdisk iso raw ||
    goto MENU
    

    If the bitlocker bluescreen is your issue then that isn’t fog’s issue. That is related to bitlocker being activated when the image was captured. Bitlocker is doing what it should and stopping disk access on a system where the tpm chip doesn’t match the encryption key. That is kind of the point of bitlocker.

    Really what you are doing with this hand crafted ipxe menu, you could do with the FOG iPXE menu and the menu editor. I would have to look into why you are chaining to pxelinux instead of just using the more capable iPXE boot kernel, but your setup might be a bit more complex than needed.



  • @george1421 Thank you so much for your fast turn around.

    You are correct, that’s the kernel on the linux OS on the FOG. initially, I installed I combined Kickstart ( Linux imaging) with our SCCM (Windows imaging). I changed DHCP settings where it allowed me to boot from kickstart and sccm by extending the FOG Boot Menue.

    Example :MENU
    menu
    item --gap – ---------------- Advanced menu ----------------
    item KICKSTART Boot to local Kickstart
    item SCCM Boot to SCCM
    item LINUXBOOTKEY Boot to LinuxBootKey
    item return return to previous menu
    choose --default SCCM --timeout 10000 target && goto ${target}
    :KICKSTART
    set net0/next-server Kickstart-IP-Adress
    set filename pxelinux.0
    chain tftp://kickstart.lan14.test.com/pxelinux.0 ||
    goto MENU
    :SCCM
    initrd tftp://FOG-FQDN/SCCM.iso
    chain memdisk iso raw ||
    goto MENU
    :LINUXBOOTKEY
    initrd tftp://FOG-FQDN/AcimPXE-0.09.iso
    chain memdisk iso raw ||
    goto MENU
    :return
    chain http://${fog-ip}/${fog-webroot}/service/ipxe/boot.php?mac=${net0/mac} ||
    prompt
    goto MENU
    autoboot

    Command output -> -rw-r–r-- 1 lxrsd test 531785728 Jan 8 13:37 /tftpboot/fog/sccm/sccm.iso


  • Moderator

    @lxrsd I don’t know how to say this nicely, but you have soooooo many things going on here I’m not sure where to start.

    How does this kernel update (4.9.137-0.1.ac.218.74.329.metal1.x86_64) have anything to do with FOG? Is that the kernel on the linux OS on the FOG server? That isn’t a FOS linux kernel release number.

    I assume this bitlocker screen is on the target computer after its been imaged? If so, why is bitlocker been enabled before the image was captured? This will cause problem every time. You must disable bitlocker before image capture.

    This is an invalid path initrd tftp://fog-server-99.lan14.test.com/tftpboot/fog/sccm/sccm.iso If anything it should be this initrd tftp://fog-server-99.lan14.test.com/fog/sccm/sccm.iso From the fog server linux command prompt I would check to see if the file exists with this command ls -la /tftpboot/fog/sccm/sccm.iso That should return the file and its size. If not your path is incorrect. The base path for the tftp server is /tftpboot. So that path should not be listed in the ipxe initrd command.

    Understand that memdisk only works for BIOS based systems and not UEFI. If you are trying to boot a uefi system that ipxe menu line will fail.


Log in to reply
 

330
Online

6.0k
Users

13.4k
Topics

126.2k
Posts