@Joe-Gill i successfully ran through a pallet of these - 27 - and no issues. this was my process:
boot into BIOS setup.
Click enable UEFI network stack, scroll down to AHCI and click it. hit Apply.
on the left, select secure boot. disable using checkbox - it will ask if you’re sure. hit yes, hit apply. hit exit.
it reboots, hit f12, network boot ipv4
it works
if it doesn’t work for you, make sure your ipv4 UEFI boot settings are setup on your dhcp server (ipxe.efi instead of undionly.kpxe)
@victorkrazan6267 oooh nice something I can help with.
So I tried exactly what you are trying times 1000, and the very last thing I could get to work was adobe. In fact, I saved the command to finally install it as a txt file called F**ingfinallyabletoinstalladobe.txt lol.
What worked for me in the end was using JUST the installer exe by itself but with a command switch. It basically extracts to a path, uses a switch called
(Exe path) -sfx_o”c:(path to extract)” /sALL msi EULA_ACCEPT=YES
this worked for me. I found it off an adobe forum titled “how to download reader dc 2017.009.20044 msi”
@wayne-workman thanks man but turns out it was due to my crappy netgear switches. actually used a cisco enterprise switch and all the clients connected on meraki AP’s, didn’t do all at once but it did send out office 13 (800mb) and a slimmed down version of smart (1.2) to ~10 at once at any one time.
worked well.
i can’t tell you how awesome this software is - i just got a new job, they gave me this new client to us with 350 machines, 2 weeks to reimage them all and i have a baby due in that 2 week period.
started yesterday, only 320 more go to lol.
Thanks again!
@Wayne-Workman never before. i’ll check it out - thanks.
the makefogmobile project would help me out probably too (for little one and done labs here and there)
Thanks for that!
i’ll see if it helps my current issue. if not i’ll just reinstall them all.
@george1421 I know this isn’t expected and is super insecure. I can secure things later as needed (or just security by obscurity…possibly even turning it off when not in use) but we’ll worry about that if it works as expected.
I believe I’m ahead of you.
I can ping OVH, get to fogserver url and management pages.
Instead of installing tftp in windows I used a linux box - in both my network, and the OVH network.
OVH worked, however my network did not. I then (for shits and giggles) created a storage node in my own network, pointing it to the OVH fogserver, and pointed my DHCP from the 167.x OVH IP, to my storage node. Changed storage node to 0 clients.
This gave me success, in all forms.
So for whatever reason, the tftp connection won’t open between behind my pfsense box and the OVH server. I can see the ports going through the logs - but I get single:no_traffic as the status.
I guess what I’d love to try to do is this:
Create a USB device that houses the ipxe kernel, and information for undionly.kpxe/ipxe.efi to point to that server out in the wild. Put all the TFTP boot files on this drive.
I did image from/to the OVH server. Just couldn’t boot to it.
@george1421 correct -
i have cloud hosting platform, open to the internet (OVH) ((fogserver on debian 10 on an esxi VM with a public IP))
i have a home network, that i had my own personal fogserver running. pfsense is my home routing platform. i changed the IP address in DHCP to go from my internal IP, to the 167.x OVH IP.
i created a VM inside my home network, on an esxi box. i booted PXE, and got nothing.
i then went to OVH Server number 2. it’s running proxmox. i opened a tftp connection between OVH2 and OVH and was able to transfer undionly.kpxe.
if i go to a box inside my pfsense home network, and try to open the same tftp connection, i get a timeout.
so for now, it might be a routing thing, or where tftp doesn’t like the goofy network configuration that OVH requires me to have.
@george1421 OVH is just a cloud hosting provider.
I have no connection whatsoever to this env. Just wide open, dedicated server at the moment.
I was hoping to do this without modifying the client network in any way.
I just started testing.
With a server in the same datacenter, TFTP works as expected (I’m not able to mess with pxe settings at the moment but probably can in the future)
With a server at my home, I cannot chainload an image from the OVH server. TFTP times out. I’ve tried to manually open the connection and transfer, but it fails.
I’ve read through the past comments and posts regarding this topic, but the one I saw that meant the most for me didn’t help much.
I have a server on an OVH platform that is hosting FOG. It doesn’t seem that my pfsense router/goofy network setup on the OVH server is allowing pxe to boot.
This is a proof of concept because my work had 3 servers with 1000/1000 bandwidth for the remainder of the month I can play with.
What I’d LOVE to do is boot to the cloud server like normal - pfsense is handing out the address correctly, but i get TFTP timeout.
I do not wish to create a storage node at the location. The idea will be used in an MSP model if I can get it to work.
If I have to, I wouldn’t mind creating a flash drive that would boot the correct stuff, to point to the cloud fogserver. It’d be a lot easier to bring a flash drive to a random client location than a fog storage node.
What steps should I take to make this happen?
For years I’ve been doing my reference image in ESXi, on a 30GB VHD, installed, audit mode, ran scripts, sysprep, captured with fog.
I’ve always used “Multiple Partition Image - Not Resizable” because I had issues with FOG trying to resize in the past - I handled this by using the <extendospartition>true flag in my unattend.xml.
I never noticed, but apparently my recovery partition always began the disk.
Any chance anyone knows how to force windows 10 to install the recovery partition at the beginning of the drive again? I’m not even sure how I did it in the first place - I’m realizing and testing that I can use single disk resizable in FOG, but would like to ‘fix’ it how it was used before if possible.
@Sebastian-Roth i apologize for the assumptions.
after further reviewing, and testing - it seems that for whatever reason, my scripts are not running at boot.
it is trying to find the old server, and the new installation never happens - just the enabling of the service - hence the errors i’ve been seeing.
not sure why, but win10 1909 is causing it for some reason. might be the computers and their speed but i don’t think so. i’m testing more.
bottom line - it is not a fog issue.
thanks for your assistance however.
i have many - one at most of the sites i support.
the one at the site i created the original image ( home ) is 1.5.6, most of my sites are 1.5.6. i have not changed them any time recently.
in fact, the one where i noticed this was a brand new install that day of 1.5.7.
could it be that pre-image, when i installed fog, it has some sort of file in a local directory that doesn’t get replaced when fog gets reinstalled?
i’d thought this be possible but typically reinstalling the client fixes the issue anyways. since my first run script does that, i’ve been confused.
for whatever reason - when i have been deploying 1909 the following appears in the log:
RSA FOG Server CA cert found
RSA ERROR Certificate validation failed
RSA ERROR Trust Chain did not complete to the known authority anchor. Errors: The signature of the certificate cannot be verified. NotSignatureValid
Authentication ERROR Could not authenticate
Authentication ERROR Certificate is not from FOG CA
This could be something I messed up as I haven’t prepped my images since 1903 over the summer. Workflow is as follows:
Created base 1909 in ESXi, installed scripts and such.
Ran FOG installation, set service to disabled, injected firstlogin script to run installation again, with all quiet batch strings.
Sysprep.
Capture image, then deploy to new machine.
Machine boots, script runs and installs fog successfully. Starts service. Error above appears.
This hasn’t happened on my previous images.
@george1421
yes. so ideally, with the ‘hack’ method with persistent groups - lets say i would go the route i understand.
create template host and template group.
assign template host to template group, assign properties to template host.
add additional hosts to group.
even so, lets say i do full reg. it asks if i want to associate to a group. this is awesome and will effectively get the settings that i need - however, when it asks if i want to deploy the image, and i hit yes, the machine gets imaged. nothing that was ‘set’ is actually ‘deployed’ but rather with the sql hack/trigger, its just a property of the host - but the sql function hasn’t actually ‘pushed’ those settings because maybe it doesn’t know its been changed?
i ran into the issue and as i read through your post for basic persistent groups, other people were having the same issue. so i gave up and scrapped the idea.
i do think code wise it would probably be easy to implement for quick reg.