RE: How to PXE boot to a Windows PE ISO

Has there been any development on the ability to boot into one’s custom WinPE ISO on a UEFI system?

Thank you
Boyan

@Derek-Newbold FYI I have seen ton of people running FOG in AWS with totally public IP and that works outside of any firewall issues, of course those instances involve people who have access to the local sites DHCP so they can update the tftp option in their scopes with the public IP

In my case it’s a private IP but I do have access to the networking side of things so sites throughout the organization can boot fine from HQ FOG server.

@obeh What’s the express service code or exact model number? I may have one laying around and would be happy to try it on my end… Thanks

@Derek-Newbold You’re correct, the ps1 is called from C:\Windows\Setup\Scripts\SetupComplete.cmd but since it is a power shell script it can not be pasted into the bat file, so I use powershell.exe -executionpolicy bypass -file “C:\Windows\Setup\Scripts\expandhdd.ps1”

As for partition numbers, this was a trial and error process, the disk only has 2 partitions, windows reserved and the OS so that is how it came about.

I do agree that if your OOBE bombs out due to disk space issues then my suggestion won’t work, the HDD expansion happens downstream

@obeh said in Fog imaging problem:

latitude 7400

7400 does not have integrated Ethernet, I’ve had my share of crap with these. You MUST use the $50 bucks DELL sold USB-C to Ethernet dongle, not some cheap USB-to-Ethernet or else all kinds of weird unexplained stuff happens.

Are you using the DELL USB-C dongle?

@Derek-Newbold I’ve had HDD expansion issues using FOG’s native feature for years and even though it maybe fixed by now here’s what I’ve used.

I have a “last boot” script as part of the sysprep and there the HDD happens. Simple power shell script to expand it to maximum physical size possible:

$size = (Get-PartitionSupportedSize -DiskNumber 0 -PartitionNumber 2)
Resize-Partition -DiskNumber 0 -PartitionNumber 2 -Size $size.SizeMax

@mpatel as others have mentioned here - speed is the key; we’re in an identical situation, all sites connect to HQ via VPN but then all sites have Gig Internet so imaging machines at the remote sites has never been an issue, you just talk the end user over the phone to his F12 and that’s that (FOG job must be submitted ahead of time of course).

@ckasdf @george1421 guys I must also share with you that getting the expensive dongle wasn’t the end of the line for me In a mixed environment (as was my case) meaning one has legacy PXE laptops and the newer iPXE machines the tftp server needs to know which image file name to serve back the the client based on a bare metal architecture ID, and that must occur at the DHCP level, which of course only Windows 2016 supports lol

So doing the USB stick automatically solves that problem since the human knows which is which (architecture wise that is) and would pick the correct stick to boot from

@ckasdf I can share my DELL experiences, the 2-in-1 do NOT have Ethernet port and a generic Amazon dongle did NOT work. However the 2-in-1 has “recommended DELL made Ethernet dongle” which was detected by the UEFI and network boot was possible. So I would look for (Microsoft Surface tablets, Lenovo Carbon X1 laptops, etc) recommended dongle (which will be expensive, I paid $50 for the DELL one) and I bet one would exist which then will be recognized by the device UEFI. In summary: generic dongle IMHO doesn’t work for these non-Ethernet integrated devices.

I agree with @Sebastian-Roth - a new install runs, in fact just recently I asked the same exact question just to be sure before I undertake a move since I’ve seen some prior issues but the discussion put that to rest, Ubuntu 18.04.1 LTS installs just fine:

@bsalogga Just to be sure, this is NOT a brand new install of Ubuntu 18.04.1 LTS but rather there was a previous “clean” install of some older version and then it was UPGRADED to the current LTS of Ubuntu 18.04.1 LTS? Yes?

Hi everyone,

So to put this discussion to rest do we all agree that the current version of FOG 1.5.4 (master branch, tarball, latest stable and production release) fogproject-1.5.4.tar.gz installs just fine on Ubuntu 18.04.1 LTS server?

Thank you
Boyan

@Wayne-Workman Great link Wayne, I am actually going to do this myself very soon, one point of clarification if I may: section “Arranging Images”. Is it really necessary to copy the images to a folder, other than /images on the new fog server and then once they are copied there “rearrange” them by moving them again into the final destination of /images (assuming fog defaults)?

Is there a problem by simply mounting /images at the old fog server and then copying the image files straight to their final destination on the new fog sever (which would be /images by default)?

Thanks

@imagingmaster21 Thanks - I don’t get any files replaced or indicated as an anomaly when using sfc. This isn’t an anomaly caused by some corruption, it is replicated 100% of the time using a clean install and going into audit mode straight on the first boot.

I am astonished how nobody is actually using sysprep from a clean ISO boot and ctrl-shift-f3 since those who claim to be “using” sysprep do not confirm this issue yet this is a FOG forum. If one is using FOG then sysprep and audit mode is a must? I may be missing something of course.

The MDT method does not manifest this issue, sure but then that requires changing to a whole another animal. There’s a reason why I love fog!

@Joe-Schmitt Thanks Joe, yes I’ve tried to copy the immersive control panel folder to c:\uses\default – no go.

The unattended file is below, I’ve tried with the simplest of all files - still the same thing.
Are you saying that you sysprep your win10 images, re-seal them with an answer file and this issue doesn’t occur for you? FYI: I am using MAK enterprise media: SW_DVD9_Win_Pro_10_1709.1_64BIT_English_Pro_Ent_EDU_N_MLF_X21-67518.ISO straight from Microsoft.

<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
    <settings pass="specialize">
        <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <RunSynchronous>
                <RunSynchronousCommand wcm:action="add">
                    <Order>1</Order>
                    <Path>net user Administrator /active:yes</Path>
                </RunSynchronousCommand>
            </RunSynchronous>
        </component>
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <CopyProfile>true</CopyProfile>
            <ShowWindowsLive>false</ShowWindowsLive>
            <TimeZone>Pacific Standard Time</TimeZone>
            <DoNotCleanTaskBar>true</DoNotCleanTaskBar>
            <ComputerName>*</ComputerName>
            <OEMName>SEIU 1021</OEMName>
            <RegisteredOrganization>ORG</RegisteredOrganization>
            <RegisteredOwner>ORG</RegisteredOwner>
        </component>
    </settings>
    <settings pass="oobeSystem">
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <AutoLogon>
                <Password>
                    <Value>....</Value>
                    <PlainText>false</PlainText>
                </Password>
                <Enabled>true</Enabled>
                <LogonCount>1</LogonCount>
                <Username>Administrator</Username>
            </AutoLogon>
            <OOBE>
                <HideEULAPage>true</HideEULAPage>
                <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
                <NetworkLocation>Work</NetworkLocation>
                <ProtectYourPC>1</ProtectYourPC>
                <SkipMachineOOBE>true</SkipMachineOOBE>
                <SkipUserOOBE>true</SkipUserOOBE>
                <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
                <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
                <UnattendEnableRetailDemo>false</UnattendEnableRetailDemo>
            </OOBE>
            <UserAccounts>
                <AdministratorPassword>
                    <Value>....</Value>
                    <PlainText>false</PlainText>
                </AdministratorPassword>
                <LocalAccounts>
                    <LocalAccount wcm:action="add">
                        <Password>
                            <Value>....</Value>
                            <PlainText>false</PlainText>
                        </Password>
                        <Description>Local Administrator</Description>
                        <DisplayName>Administrator</DisplayName>
                        <Group>Administrators</Group>
                        <Name>Administrator</Name>
                    </LocalAccount>
                </LocalAccounts>
            </UserAccounts>
            <RegisteredOrganization>Your Org</RegisteredOrganization>
            <RegisteredOwner>End User</RegisteredOwner>
        </component>
    </settings>
    <cpi:offlineImage cpi:source="wim:c:/soft/install.wim#Windows 10 Pro" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
</unattend>

Mod note: edited out some strings

Hi guys,

I’m posting here as a long time FOG user and although this isn’t FOG specific thing I am using the collective expertise accumulated around FOG user base to seek Windows advice.

We’ve observed this anomaly with ANY sysprepped windows 10 image where sysprep was used with an answer file. I am deliberate in making that clear because the issue doesn’t manifest itself if one uses the stand alone sysprep method where you have to answer by hand the interview questions after a re-seal/generalize without an answer file.

So back to the issue; once the image has been reselaed then any future user will get stuck with moving blue dots upon any kind of start menu search. The only fix is to copy c:\users\Administrator\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy to the profile of the user in question. Of course that must be done for every user that would use that machine - you can see how crazy that is.

Domain join or workgroup – no difference. It happens with local users so this isn’t the GPO thing some are talking about as a potential culprit.

Has anyone encountered this and if so what’s the remedy? Thank you all!

@itcc I do – please send me yours. I’ve done million tests, I’ve had MS case open (we have EA with unlimited cases but you get what you pay for - shit) and the issue with windows.immersivecontrolpanel is plaguing us. If you don’t know about this in 1709 it has to do with search not working and from there IE and ton of other crap. The lousy fix is to copy windows.immersivecontrolpanel to each future user c:\users\xxx profile. As I said a lousy fix.

If anyone can share their working xml that would be awesome!

Hi, the on-the-fly kernel build didn’t work for me but downloading efi from 1.3.5 worked like a charm. However just as you predicted FOG 1.2 can’t see NVMe hardware so an upgrade effort is in progress.

Just as an FYI: here is what I get when I attempt quick inventory on 1.2.0:

So even though this was a great fix – what would you oh great FOG gurus say about officially giving the green light to deploy FOG on 18.04 LTS?

Is it ok or should we still deploy FOG on 16.04 LTS until 18 is fully vetted?

Thanks
~B

@george1421 Aha that explains it. Thank you very much for the clarification. Will figure out the DHCP thing and get going on the two machine types, with an upgrade planned for 1.5.x for sure! Thank you