RE: PXE Background Image and Screen Resolution?

If it helps, I remember changing bg.png in a past version by using the GIMP and then compressing it to minimal filesize (an online tool like compresspng.com/tinypng.com gave the best results back then)

Update BIOS settings directly from fog.
Joe’s and Tom’s suggestions are great for registry editing.
I suggest a different approach, Update UEFI Firmware (BIOS) setting directly.

I’ve used this method when I was working in a highschool, I don’t have my documention and batch scripts as I’m not working there anymore, but I can give some direction and contribute rescripting it.

• Build a WINPE 3 or later ISO and Add WMI component and WINPE DriverPack (possibly with DISM or Winbuilder)
  (LINUX based official bios tools are less popular)
• Copy necessary files to the ISO for each name-brand company (HP/Lenovo/Dell/Intel)
• Edit Startnet.cmd /OR/ Wpeinit with RunAsynchronous commands in unattended xml file to run startup powershell script or batch file (for HP) and reboot or shutdown
• Create a fog menu entry to boot into the autorun WINPE and run it once to a group contains hosts from same company (or same model number).

Tools used for different namebrand companies:
HP Bios Configuration Utility (Extract files with 7-zip or alike):
http://ftp.hp.com/pub/caps-softpaq/cmit/HP_BCU.html
( Guide: https://ftp.hp.com/pub/caps-softpaq/cmit/whitepapers/BIOS_Configuration_Utility_User_Guide.pdf )
Examples:
Prerun the HP Tool to Create a new password (/nspwdfile) or enter the current password (/cspwdfile) using keyboard ASCII/ANSI characters you have on your keyboards (so you’ll be able to gain local access to BIOS easily if needed):
HPQPswd64.exe /s /p"<password>" /f"<encrypted-password-file.ext>"
(Password can be empty, or 8-32 characters)

Batch example:
BiosConfigUtility64.exe /cspwdfile:“<current encrypted-password-file.ext>” /setvalue:“<setting>”,“<value>”
BiosConfigUtility.exe /nspwdfile:“<NEW encrypted-password-file.ext>” /setvalue:“Enter Ownership Tag”,“Foobar Highscool”
BiosConfigUtility64.exe /cspwdfile:“<CURRENT encrypted-password-file.ext>” /nspwdfile:“<NEW encrypted-password-file.ext>” /setvalue:“SATA Device Mode”,“AHCI”
HP WINPE DriverPack: https://ftp.hp.com/pub/caps-softpaq/cmit/HP_WinPE_DriverPack.html

Dell uses the newer Command / Configure or older Dell Client Configuration Toolkit (CCTK):
Guide: http://topics-cdn.dell.com/pdf/command-configure-v3.3_user’s guide_en-us.pdf

Intel: Intel Save and Restore System Configuration Utility (SYSCFG)

Lenovo BIOS Setup Tools using WMI:
https://pcsupport.lenovo.com/il/en/solutions/ht100612
Guide:
https://download.lenovo.com/pccbbs/mobiles_pdf/kbl_deploy_01.pdf

Lenovo Example in powershell:
(Get-WmiObject -class Lenovo_SetBiosSetting –namespace
root\wmi).SetBiosSetting(“<SETTING>,<VALUE>,<PASSWORD>,ascii,us”)
(Get-WmiObject -class Lenovo_SaveBiosSettings -namespace
root\wmi).SaveBiosSettings("<PASSWORD>,ascii,us”)

Ofcourse you can use similar approach to update the firmware to latest,
You can also use this approach with fog client snapin script, new images unattend.xml/setupcomplete.cmd, or george’s post imaging scripting tutorials, findings and contribution , but I’ll not recommend it as I still think it’s a bit risky to update bios automatically, maybe I’m just oldschool and today there shouldn’t be any problem doing so.

Personally I won’t use this method as a fog snapin without precaution as I still think some buggy system resource intensive (for Ex: antivirus) could break the bios update or WMI functionality.

post-install-scripts might be useful for changing asset tracking number in bios based on host name or tags in host inventory.
(Probably could be also done with current/future API call)

Btw, when clicking on the “Home” icon (dashboard link), I see the new hosts that needs to approve in a popup small java banner with a hyperlink “here” that directs to the hosts-waiting-for-approval webpage.

I can’t recall what git version I’m running though, will update tommorow.

It’s time for for me to show some
presence

Hey George,
following are the steps I used today to register 2 computer labs to fog, hoping It’ll
help you a bit, specifically using mobile phone for the host approval.

In 2 days we have a competition for “cyber” classes between highschools. As those classes learn hacking and programming, I didn’t have enough time to prepare a golden security-best-practice image for those labs. I decided to update the software the students need for the contest on they’re already working windows 7 with their already implemented sandbox software (revert to base snapshot on restart). Those PCs doesn’t have any central management, specifically none sandbox management, nor aren’t attached to any server/ windows domain or other kind.

I quickly and dirtly scripted a batch file to check network, hiding fog and sandbox software dirs, changing settings, update required software, installing fogservice, starting “FogService” service, and taking sandbox snapshots.
7 Flash drives were reused serveral times while writing log progress for a few steps.

PCs : lab-A : HP 6200 Pro, Lab-B Dell 755
Steps used :

1. Restarting PC (returning to basic snapshot)

2. Starting in BIOS setup :

• Setting Admin setup password (on the
  PCs that didn’t have any set)
• configure boot sequence (Network PXE, Hard Drive).
• removing other boot devices like USB storage, CD etc (to prevent cracking BIOS password).
• WOL-boot to server
• Disable quick boot

3. Waiting for OS and running batch script as an admin.
   Batch also pinging fog server 1 time and pause on error (to fix network infrastructure/ network cable replace/connect), then retries ping.
4. Approving new hosts in my mobile
   phone logged on to fog by wifi. +++
5. Restarting PC for updated software to finish installation and taking 2nd snapshot on boot.
6. Waiting for windows and running 2nd batch waits a few seconds, takes a final 3rd snapshot and copy fog. Iog to flash drive.

Tommorow I’ll write my steps used for new PCs with preimaging.

I’ll introduce myself in a different post.
Just have to say how much I appreciate all the open team work.
I follow the project since 2008 and was donating best amounts I can under different usersnames.

In the past 6 monthes I watch the project very close almost daily, I feel like personally know the big contributers that put so much time and effort and also detailes and helping a lot support the development and forums.

@george1421 George I really like your mini projects you
make helping fog development be more
efficient, @Wayne-Workman Wayne you are the best helping everyone so much and working on wiki and also practice coding on your projects, doing everything perfect to the last bit, @Jbob I really like your efficient code, contribution and focus on your targets, and ofcourse-
@Tom-Elliott I must get some personal tips from you, have no clue how you handle your wife after all the time you spent making fog alive again, I remember you had some relationship troubles putting all the effort in fog development and v0.32 code cleaning

And all others I must have forgotten, you must excuse me it is 4:15am here in Israel.

I’ll soon find the time to write an introduction, for now I can say my daily job in the past 6 monthes is IT
in a 350pc’s highschool+college. Mostly HP and Dell.

C’ya around !

Good night for now

@george1421 I see what you mean,
This what I tried to write in the post that have been deleted. I’ll try to reconstruct it (took some screenshots when I saw network is going to fail over here)

Not sure if it’s a bug, I use an older stable git,
If I recall, there is an option in the menu configuration allowing approve hosts, if you didn’t change nothing, possibly it’s a bug.
If I understand correctly, hosts approving this is not a new feature and Tom made it a few months ago (could be more).
I can guess you see it the first time because as you say, you’re using a new golden image stradegy.

This is what I did, maybe it can help:
On management webpage, under menu configuration,

• set quick or full registergistration as default item
• set quick or full registration to appear on non-registered hosts

*On the boot menu options set a 1-3 seconds menu apperance
(I also use Hide Menu, No Menu, and Advanced Login)

When a new unregistered host is identified, I can press the defined key combination (defaul is ESC) to quickly register a new host, and then approve it by my mobile phone very quickly.

You can also make a first logon script on your image to logon as administrator, (reg key next logon as user), wait a minute or a few, restart “FogService” service so you’ll have enough time to approve the new host/rebuild public key as necessary.

Just wrote a long post (my first after a few years) and had a power outage in my router, hate when it happens
Long story short,
Can you log to fog webpage by your mobile phone?
You can use wifi, or if it’s restricted, possibly teamviewer/screenconnect or alternative.

ofcourse! would love to help and contribute, as well as try and buy.

Well, except helping with the code,
Where is the donation button?:)

-Edit - I found it, thought there isn’t any.