/build/static/layout/Breadcrumb_cap_w.png

K2000 - UEFI and PXE best practices

In our current environment our PXE server is not allowing our machines to boot to our KACE appliances when in UEFI mode. As a result we have been booting machines to the PXE server with BIOS mode on and then changing the boot mode after the image is deployed. 

Obviously this is not practical. We are working on deploying Windows 10 organization-wide and here are my questions:

1) Can our PXE server be set to boot both BIOS and UEFI capable devices? I will need to get with our systems team and go from there if so and this will fix our issue most likely. Some of our devices will require BIOS boot in 10 unfortunately so an "all-or-nothing" approach is not desirable.

2) If not, how can I avoid the "Apply UEFI Partitions" task in K2000 failing? As of right now, even when using CCTK in the deployment and setting the boot mode to UEFI after booting to the KACE appliance with BIOS mode the apply partitions task fails which I assume is by design. Strangely though, even though the task fails, the system boots fine after deployment. Is this expected behavior? This is the tasks I'm using:

Create UEFI Partitions
Select disk  0
Clean
Convert gpt
Create partition efi size=200
Assign letter=s
Format quick fs=FAT32
Create partition msr size=128
Create partition primary
Assign letter=c
Format quick fs=NTFS
Exit

Apply UEFI Partitions (which fails)
bcdedit /set {bootmgr} device partition=s:
bcdedit /set {memdiag} device partition=s:
bcdedit /set {default} device partition=c:
bcdedit /set {default} osdevice partition=c:
Bcdedit /set {FWbootmgr} displayorder {Bootmgr} /addfirst

And my CCTK script does the following at the beginning of the deployment:

cctk.exe bootorder --activebootlist=uefi
cctk.exe --secureboot=enable
cctk.exe --legacyorom=disable
cctk.exe --embsataraid=ahci

I know the obvious answer is we could use a USB boot disk to boot in UEFI mode but I'm talking about around 1,500+ devices we will need to migrate to 10 and UEFI. I would much rather have a solution that works reliably with our existing infrastructure than running around with 10-20 USB disks but if that is my only option so be it. I just can't imagine this hasn't been talked about and solved somewhere... so here I am. :)

2 Comments   [ + ] Show comments
  • try leaving that task out, the fix bcd task may be taking care of those changes.

    see

    http://www.itninja.com/question/what-does-fix-bcd-do - SMal.tmcc 7 years ago
  • zsheppar, to address your initial statement "In our current environment our PXE server is not allowing our machines to boot to our KACE appliances when in UEFI mode" what in your environment is not supporting the UEFI PXE boot? I am having the same problem and trying to find a solution to making it work. I'm not sure where to look because KACE has zero information regarding this. - jjvillani 7 years ago

Answers (1)

Posted by: gerald_mack 7 years ago
Orange Belt
0
what if you change the mid level apply uefi partition task 

from:

bcdedit /set {bootmgr} device partition=s:
bcdedit /set {memdiag} device partition=s:
bcdedit /set {default} device partition=c:
bcdedit /set {default} osdevice partition=c:
Bcdedit /set {FWbootmgr} displayorder {Bootmgr} /addfirst

to:

bcdedit /store S:\efi\microsoft\boot\bcd /set {bootmgr} device partition=s:
bcdedit /store S:\efi\microsoft\boot\bcd /set {memdiag} device partition=s:
bcdedit /store S:\efi\microsoft\boot\bcd /set {default} device partition=c:
bcdedit /store S:\efi\microsoft\boot\bcd /set {default} osdevice partition=c:
Bcdedit /store S:\efi\microsoft\boot\bcd /set {FWbootmgr} displayorder {Bootmgr} /addfirst

bootsect /nt60 s:

Q) does it successfully finish?

Also, I assume if you look on s: is there the file S:\efi\microsoft\boot\bcd, which is what the task expects to exist, in order to edit it ?

If not you could run this as a mid task, prior to the apply uefi partition task:

bcdboot c:\windows /s s: /f UEFI

of course, you have to run this using PE10 based KBE.

Comments:
  • I simply removed the mid-level task and the "fix BCD" built-in task automatically fixed this problem. Thanks! @gerald_mack - zsheppar 7 years ago
    • heres a long shot...but do you have the info on the fix bcd built in task? I dont have that built in? - CMLou 5 years ago
      • It doesn't exist. This re-write by @geral_mack is the replacement for the included "Apply UEFI Partitions" task, thusly, it includes the "fix." - RD94 5 years ago
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ