@george1421 Understood, we have some older Dells floating around and anything purchased in the last 4+ years has been Lenovo so it sounds like the snp driver will probably work fine.
Thanks for your help, you saved me from spending a lot of time manually setting up these machines!
@george1421 Understood, we have some older Dells floating around and anything purchased in the last 4+ years has been Lenovo so it sounds like the snp driver will probably work fine.
Thanks for your help, you saved me from spending a lot of time manually setting up these machines!
@george1421 yes I was sending ipxe.efi to the target computer. I changed the DHCP server to snponly.efi and rebooted the target which instantly got an address and started the deployment as expected.
Is there any reason to not leave it set to snponly.efi going forward?
Not sure that it matters at this point since we’re up and running but we just updated to FOG 1.5.9 this afternoon on the off chance that would solve this problem.
Hello,
I think the issue here may lay more with iPXE than FOG but anyway, here goes. We made the decision to try a few AMD machines in our organization but I’m having issues getting them imaged, they are of course UEFI only, no legacy option at all. When I boot them from the network they are given the correct ipxe.efi file from the DHCP server and boot into iPXE. iPXE however cannot connect get an address from DHCP and gives this error:
“No configuration methods succeeded (http://ipxe.org/040ee186)”
My google-fu has failed me on this one, my only thought is perhaps these machines are so new that iPXE doesn’t have drivers or something. From the iPXE shell when I run “ifconf” there is a connection timeout error and “ifstat” shows TXE errors but nothing under RX or RXE which indicates to me the packets are never leaving the NIC.
Has anyone ran into this before and maybe have a suggestion of something else I can try?
Thanks!
Hello! The cert, key, and intermediate ca files all live in /root/certs. I don’t guess I realized there is a fog certificate directory. Where is it and would it help if I moved the files there instead.
Yes I do use the fog-client software, bummer that it wont’ work. That may be a deal breaker on going https.
Yep you can generate wildcard certs with letsencrypt, I do it using the dns-01 verification method which I think is the only way they let you.
I actually made a little progress on this, curl won’t recognize the letsencrypt cert using just the cert and key, you have to specific the intermediate ca file in the apache config as well which I have now done. Now instead of getting a no such file or directory error it says permissions denied. Still doesn’t work but that feels like progress at least!
If I wanted to take it back to http only can I do that without breaking all the things?
Hello!
I have been working on migrating my internal tools over to HTTPS and got to the fog server yesterday. Not sure if it matters but I am using a wildcard letsencrypt certificate for my internal domain. The way I got fog switched over to https was by running the installer with this command ./installfog.sh --force-https which got the web GUI over to https and that works fine however the issue is that when clients attempt to PXE boot they gets this error. 
I have verified the file exists and you can reach it at the address printed on the screen. I’m a little lost at this point, I’ve searched the forum for similar issues and the closest suggest I was able to find was to run the ./buildipxe.sh script which I believe runs as part of the installer now but I tried it anyway with no luck. And suggestions are greatly appreciated!
Thanks!
Right, I can absolutely do that if necessary. If I have them point to the local fog server can I still administer everything from the master?
Hello,
I’ve done all the research I can regarding multi-site FOG configurations but feel like I’m missing something and its probably very simple. I have 3 remote sites with approx 40 clients each, right now I have FOG configured at the main site with a FOG VM running at each remote location using image replication and the location plugin which seems to be working as it should. The problem is that when PXE booting at the remote locations the boot process hangs forever on “Downloading NBP file,” it seems this file is being downloaded from the main FOG server which takes some time over a 20Mbps WAN link especially if you try to image multiple machines at once. What, if anything, am I missing here? Ideally I’d like to leave all the machines on PXE boot so if I need to image one of them remotely I won’t have to try to explain to a user how to modify the boot order but with 60+ second delays while downloading the NBP file on each boot I can’t leave it on PXE. Any thoughts are greatly appreciated! Thanks!
Sorry I forgot to respond to this thread, thanks for your responses @Sebastian-Roth. I ended up solving this particular issue by simply integrating credentials that PDQ recognizes into the powershell script, it works smoothly every time and shouldn’t present much of a security concern because the creds are only allowed to kick of a PDQ deployment and nothing else.
@Sebastian-Roth
Thanks for the reply, I’ve tried using runas but since you can’t pass the password in the script it doesn’t achieve what I’m wanting to do which is completely hands off deployment.
Hi all,
I’m working on getting fog set up in my environment, one snag I’m running in to is that I would like so have a batch file snap-in that runs post deployment to trigger PDQ Deploy. The problem is that by default the Fog Service runs as local system, when it executes my script PDQ doesn’t run because it doesn’t recognize the user. The simple answer seems to be running the Fog Service as a domain user, okay fine but when you change the Fog Service user it requires you to reset the encryption data from the console. I’m trying to find a way to get this all automated and surely I’m not the only one that has had this problem. So, my thoughts on possible solutions are:
A) Be able to change fog service user (via script possibly) to domain account without resetting encryption data
B) Run the snap-in as a domain user so that PDQ kicks off
I’m of course open to any solutions those are just the two that I’ve thought of so far.
Thanks in advance!