Background / Environment
Component Details
FOG version
1.5.10 (fresh install)
OS on FOG server
Ubuntu 22.04 LTS
Boot services
Proxy DHCP via dnsmasq (no ISC‑DHCP on same network)
Client hardware
Mixed Dell OptiPlex 7× / Latitude 5× series (UEFI‑only)
Secure Boot policy Must remain enabled at all times; only Microsoft‑signed keys are in the firmware (no option to enrol custom keys).
What I’ve attempted
Replaced FOG’s default bootloaders with Microsoft‑signed shim (bootx64.efi) and GRUB (grubx64.efi).
Updated dnsmasq.conf to hand out the signed shim.
Configured GRUB to chain‑load FOG’s ipxe.efi.
Result: GRUB launches but i can’t make it boot to fog
If you have a Secure‑Boot‑friendly FOG setup—or tips on signing iPXE/adjusting the boot chain—I’d greatly appreciate: