Lenovo Dock/MAC Passthrough Settings

fry_p

Hi All,
Apologies for my absence. I am not much better than when I went on leave from work back in February, but here I am. For the first time in months, I will be working on something FOG related

I am tasked with imaging a bunch of Lenovo T495S laptops. We see the following behavior on the T495S laptops and our X1 Carbons that are already deployed. Neither of these devices have an integrated Ethernet NIC (i hate this).

To remedy the whole “missing a vital component of a modern enterprise computer” thing we use a pair of Lenovo docks. We currently have a Gen 1 Lenovo USB-C dock and a separate Gen 2 Lenovo USB-C dock.

The problem is that we are presented with two options: Use the docks’ MAC addresses to image the laptops, thus having to join the domain and name each manually, or somehow make MAC pass through (an option to enable in the BIOS) work.

It seems that though the docks have their own MAC’s, there is also an internal MAC for a Lenovo accessory that turns a special usb-c port on the side into an Ethernet port. With using the dock, we are always stuck using each of the two Dock MACs for imaging. We cannot do full registration because it only recognizes the two docks, not anything with the devices themselves. Auto-Naming/registering/joining is not an option using the docks because of 2 MACs vs like 50 Laptops.

Regarding MAC pass through, the devices PXE boot and load into the fog menu perfectly with the correct internal MAC. However if you go anywhere past that (deploy image or Full Registration) it hangs up and times out. I see when it tries to use the Dock MAC to start any task past the FOG menu.

So, it seems the pass through breaks somewhere in the PXE environment and it reverts to the Dock MAC.

So our options are currently order a couple of the special Lenovo Accessory ports and cross our fingers that the dock mac elimination fixes this (back ordered until Mid-July though) or to try to see if getting pass through working is feasible. I am working from home 95% of the time, but please let me know any info you need for the next time I go in. We are still 1.5.6 and are willing to upgrade to 1.5.8 if need be. As always, CentOS 7 is the OS and client is…whatever shipped with 1.5.6 (I’m so out of touch I forget what version…)

Thanks folks!

george1421

Let me ask you a question, do you manage these workstations with the fog client after they are imaged?

What I’m thinking…

Part 1: There is a process that an System Rebuilder would use, what I call “load and go”. For most System Rebuilders once the computer is imaged with FOG the rebuilder will probably never see that device again. There is no value in registering the computer with FOG. Once imaged the FOG server forgets about the computer. I think you could use a variation of this process for your install. They simply pxe boot into the iPXE menu and pick deploy image, pick the proper image and “load and go”…

Part 2: On my campus I don’t use the FOG Client, its simply not installed in our golden image. I let the unattend.xml file name the computer and connect the target computer to AD in the proper OU. I do this bit of magic with a FOG post install script that sets the system unique name and a few other settings just after FOG downloads the image. The first boot of the target computer OOBE does all of the work setting up the target computer.

Part 3: I do use the deploy image menu from the iPXE menu since my systems are all self contained and the unattend.xml and postinstall scripts do all of the configuration of the unattend.xml file at deploy time. Again I don’t use the fog client so there is no real value in registering the computers with the FOG server.

Part 4: If you use this method, but had the fog client installed, but not use it during system imaging, once OOBE was done and the FOG service was enabled in the setupcomplete.cmd file, it would reach out to the FOG server. In this case the target computer wasn’t registered originally, the client connection would go into a pending state on the FOG server. The only thing I’m unsure of is will the fog client do an inventory of the target computer or is that only done during the registration phase??

I’m only presenting this as an alternative method to get around having multiple computers with the same mac address messing up the works.

fry_p

@george1421 You have a great point. I discussed it with the boss, and we went the path of no client on the laptops. It is a relatively small number right now that need a somewhat quick turnaround. I figure we can bang out renaming and joining manually for these. Perhaps I will investigate other methods if there is a future order or it is the direction we end up going. Thanks!