PXE boot menu with System Center Configuration Manager

We consider extending the capabilities of System Center Configuration Manager (product for managing IT infrastructure) when loading custom PCs over the network using PXE. Create a boot menu based on PXELinux with System Center functionality and add anti-virus scanning capabilities, diagnostic and repair images. At the end of the article, we are concerned with the features of the work of System Center 2012 Configuration Manager in conjunction with Windows Deployment Services (WDS) when booting via PXE.

All actions are performed on a test environment in which there is already an installed System Center 2012 Configuration Manager SP1, a domain controller and a number of test machines. It is assumed that SCCM is already deploying over a network using PXE.

Introduction

The test environment consists of several virtual machines. All machines have Microsoft Windows Server 2008 R2 guest OS (x64), E1000 network adapter, SCSI Controller: LSI Logic SAS

Name (Roles)	IP address / DNS name	Functional
SCCM (System Center Configuration Manager)	192.168.57.102 sccm2012.test.local	Installed System Center Configuration Manager 2012 SP1
DC (AD, DHCP, DNS)	192.168.57.10 dc1.test.local	The role of the domain controller, DHCP server and DNS server
TEST (Test machine)	192.168.57.103 test.test.local	For testing
GW (Gateway)	192.168.57.1	Routing between networks. Gateway role

1. Add PXELinux to SCCM

We perform actions on the machine where System Center Configuration Manager is installed

Determine the directory where the WDS files are located for download; for this, look at the value of the RootFolder parameter in the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WDSServer\Providers\WDSTFTP
The default is C:\RemoteInstall
Downloadable files from the SCCM deployment point are located in the smsboot\x86\ and smsboot\x64\ directories depending on the architecture.
First, configure the directory for the 32-bit architecture, the default is c:\Remoteinstall\smsboot\x86\
Download the archive with the latest syslinux . Copy the following files from syslinux-5.01.zip to c:\Remoteinstall\smsboot\x86\ :
memdisk, chain.c32, ldlinux.c32, libcom32.c32, libutil.c32, pxechn.c32, vesamenu.c32, pxelinux.0
Additional files are needed to avoid a similar error.
In c:\Remoteinstall\smsboot\x86\ rename pxelinux.0 to pxelinux.com
In the folder c:\remoteinstall\smsboot\x86\ make a copy of abortpxe.com and rename it to abortpxe.0
If you do not rename the extension .0 , then for example the instruction
```
 Kernel abortpxe.com 
```
will be executed with an error: Booting kernel failed: Bad file number
For PXELINUX the file extension of the download should be set according to the plate
```
 none or other Linux kernel image .0 PXE bootstrap program (NBP) [PXELINUX only] .bin "CD boot sector" [ISOLINUX only] .bs Boot sector [SYSLINUX only] .bss Boot sector, DOS superblock will be patched in [SYSLINUX only] .c32 COM32 image (32-bit COMBOOT) .cbt COMBOOT image (not runnable from DOS) .com COMBOOT image (runnable from DOS) .img Disk image [ISOLINUX only] 
```
Source: http://www.syslinux.org/wiki/index.php/SYSLINUX#KERNEL_file section “Kernel file”
In order not to press the F12 key several times when loading SCCM through the menu, rename pxeboot.com to pxeboot.com.f12, copy pxeboot.n12 to pxeboot.com
If this is not done, then when choosing we will receive such a message every time.

Note: Do not forget to rename these files in the x64 folder too. when x86\wdsnbp.com from the x86 folder, the boot loader determines the processor architecture and loads the next file from the folder with the corresponding architecture. Thus, for x64, the following file will not be x86\pxeboot.com , but x64\pxeboot.com
Download / create background.png , resolution 640x480, copy to the same folder. Create a folder \ISO where we will place the ISO images. Create a folder \pxelinux.cfg for configs.

In the \ pxelinux.cfg folder we create the default file, in a non-unicode encoding, with the contents

default (Click to display)

 #    DEFAULT vesamenu.c32 PROMPT 0 timeout 80 TOTALTIMEOUT 9000 MENU TITLE PXE Boot Menu (x86) MENU INCLUDE pxelinux.cfg/graphics.conf MENU AUTOBOOT Starting Local System in 8 seconds # Boot local HDD (default) LABEL bootlocal menu label Boot Local menu default localboot 0x80 # if it doesn't work #kernel chain.c32 #append hd0 #      Qwerty,  MD5 label av menu label Antivirus and tools menu PASSWD $1$15opgKTx$dP/IaLNiCbfECiC2KPkDC0 kernel vesamenu.c32 append pxelinux.cfg\av.conf label sccm menu label Start to SCCM COM32 pxechn.c32 APPEND sccm2012.test.local::smsboot\x86\wdsnbp.com -W label pxe64 menu label Start to x64 pxelinux COM32 pxechn.c32 APPEND sccm2012.test.local::smsboot\x64\pxelinux.com LABEL Abort MENU LABEL Exit KERNEL abortpxe.0

In the \pxelinux.cfg folder, create the file graphics.conf with the contents

graphics.conf (Click to display)

 MENU MARGIN 10 MENU ROWS 16 MENU TABMSGROW 21 MENU TIMEOUTROW 26 MENU COLOR BORDER 30;44 #00000000 #00000000 none MENU COLOR SCROLLBAR 30;44 #00000000 #00000000 none MENU COLOR TITLE 0 #ffffffff #00000000 none MENU COLOR SEL 30;47 #40000000 #20ffffff MENU BACKGROUND background.png NOESCAPE 0 ALLOWOPTIONS 0

In the \pxelinux.cfg folder, create an av.conf file with the contents

av.conf (Click to display)

 DEFAULT vesamenu.c32 PROMPT 0 MENU TITLE Antivirus and tools MENU INCLUDE pxelinux.cfg/graphics.conf label main menu menu label return to main menu kernel vesamenu.c32 append pxelinux.cfg/default label drweb menu label DrWeb kernel memdisk append iso raw initrd=iso\drweb.iso label eset menu label Eset kernel memdisk append iso raw initrd=iso\eset_sysrescue.iso label kav menu label KAV Rescue CD KERNEL kav/rescue APPEND initrd=kav/rescue.igz root=live rootfstype=auto vga=791 init=/init kav_lang=ru udev liveimg doscsi nomodeset quiet splash # ISO   ,     TFTP label winpe menu label WinPE from another TFTP kernel sccm2012.test.local::smsboot\x86\memdisk append iso raw initrd=sccm2012.test.local::smsboot\x86\iso\WinPE_RaSla.iso label clonezilla menu label Clonezilla kernel memdisk append iso raw initrd=iso\clonezilla.iso

As a result, the directory c: \ remoteinstall \ smsboot \ x86 \ contains the structure

	c: \ remoteinstall \ smsboot \ x86 \	pxelinux.cfg \
\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \	chain.c32 ldlinux.c32 libcom32.c32 libutil.c32 pxechn.c32 vesamenu.c32 pxelinux.com background.png pxelinux.cfg \ pxelinux.cfg \ pxelinux.cfg \ ISO \ abortpxe.0 wdsnbp.com bootmgfw.efi wdsmgfw.efi bootmgr.exe pxeboot.n12 pxeboot.com abortpxe.com	') default av.conf graphics.conf * .iso

For x64 architecture, we similarly copy and create the same structure in the folder c:\remoteinstall\smsboot\x64\

Addition
When using the menu PASSWD you can set the password either as is, or use a hashing algorithm by adding the appropriate signature at the beginning of the parameter
Algorithm Signature
MD5 $ 1 $
SHA-1 $ 4 $
SHA-2-256 $ 5 $
SHA-2-512 $ 6 $
Thus for the Qwerty password and MD5 algorithm
 menu PASSWD $1$15opgKTx$dP/IaLNiCbfECiC2KPkDC0 
You can generate a password, for example, through an online hash generator www.insidepro.com/hashes.php?lang=rus , the string MD5(Unix)

Algorithm	Signature
MD5	$ 1 $
SHA-1	$ 4 $
SHA-2-256	$ 5 $
SHA-2-512	$ 6 $

2. Customize PXELinux boot

Now we specify how to download pxelinux.com and get the menu.
Specifying the pxelinux.com bootloader via WDS functionality does not work in SCCM. View commands

 wdsutil /set-server /bootprogram:boot\x86\pxeboot.com /architecture:x86

not processed. Make sure that boot images are not specified by running the WDS server configuration output command

 wdsutil /get-server /show:images

Thus, in SCCM 2012, you cannot specify your download file via PXE for the SMSPXE provider. Therefore, we will configure the active area of the DHCP server.
In the parameters of the active DHCP area, set the parameters according to the plate

DHCP option	Parameter name	Value
066	Boot server host name	sccm2012.test.local
067	Bootfile name	smsboot \ x86 \ pxelinux.com
006	DNS Servers	192.168.57.10
015	DNS Domain Name	test.local

In option 066 we specify the FQDN name of the sccm server, in option 067 we specify the path to the x86 bootloader pxelinux.com starting from the TFTP root, in option 006 we specify the IP address of the DNS server. If the option 066 uses the short server name, in option 015 we specify the DNS suffix of the domain.

Addition
More details on the DHCP configuration described by mvgolubev here . But on DC option 150, the IP address of the TFTP server was missing in the settings of the DHCP area and the indication of option 150 via netsh did not work.

3. Verification of work

The basic settings are complete and you can start testing. Indicate on the test computer in the BIOS is loaded over the network and boot into the menu

Select the «Start to SCCM» item and if a task sequence is assigned to the computer, then after some time the “Task Sequence Creation Wizard” window will appear asking you to enter a password

Reboot the machine, go back to the menu, select «Antivirus and tools» in the menu and enter the password Qwerty

Select an arbitrary item and observe the loading of an ISO image into memory

We are waiting and seeing the result

Verification complete

4. Advanced Settings and Features

Routing Setup

If the client, DHCP server and the server containing the network bootloader are in the same network segment, then no additional configuration is required. If the client and the DHCP server or the WDS / SCCM server are located in different network segments, it is recommended to configure the routers to forward the broadcast packets from the client to the existing DHCP server and the existing WDS / SCCM server. In English-language literature, this process is known as “IP Helper table updates”. In this case, the client, after receiving the IP address, communicates with the server containing the network bootloader directly through DHCP packets in order to download the network bootloader.
For Cisco routers, use the command

 ip helper-address {ip address}

where {ip address} address of the DHCP server or the WDS / SCCM server. When using this command, the following UDP broadcast packets are also sent.

Port	Protocol
69	Tftp
53	Domain Name System (DNS)
37	Time service
137	NetBIOS Name Server
138	NetBIOS Datagram Server
67	Bootstrap Protocol (BOOTP)
49	Tacacs

The second method for the client to obtain information about the network loader directly from the DHCP server is to specify options 60.66.67 on the DHCP server. Using DHCP option 60 with «PXEClient» value in all DHCP «PXEClient» only if the DHCP server is located on the same server as the Windows Deployment Services. In this case, the client communicates with the Windows Deployment Services server directly via TFTP protocol over UDP port 4011, and not via DHCP. This method is not recommended by Microsoft due to problems with load balancing, incorrect processing of DHCP parameters and Windows Deployment Services response parameters on the client side. And also because using only two options 66 and 67 DHCP allows you to bypass the parameters set on the network boot server.
You must also open the following UDP ports on the Windows Deployment Services server.
port 67 (DHCP)
port 69 (TFTP)
port 4011 (PXE)
and port 68, if DHCP authorization is required on the server.

The configuration process and the nuances of redirection between different WDS servers are described in more detail in the sources below:
Managing network boot programs http://technet.microsoft.com/ru-ru/library/cc32321 (v=ws.10 ).aspx
Server management http://technet.microsoft.com/ru-ru/library/cc770637(v=ws.10).aspx
Microsoft Product Support Services (PSS) support Microsoft Windows Preinstallation Environment (Windows PE) 2.0 support boundaries http://support.microsoft.com/kb/926172/en-us
How to forward UDP broadcast (BOOTP / DHCP) on Cisco http://www.cisco-faq.com/163/forward_udp_broadcas.html
Features of work and DHCP settings on Cisco routers (Part 2) http://habrahabr.ru/post/89997/

Additional local boot features

On a test environment, the team

 localboot 0

gives this error

From the syslinux documentation, it follows that when

 localboot 0

boot will go from local disk. And if you specify a specific value of 0x00 from the main (primary) floppy disk, if you specify 0x80 from the main (primary) hard disk. Changing the command to

 localboot 0x80

local OS booted.
If there is a need to boot from a specific disk, partition or localboot command localboot not work, then you can use the capabilities of the chain.c32 module. After it is loaded, the append command specifies a specific disk or partition of the disk, the numbering of the disks starts from 0, the numbering of sections from 1 because specifying section 0 loads the MBR. When specifying the disk partition can be omitted.

 KERNEL chain.c32 APPEND hd0 0

 KERNEL chain.c32 APPEND hd0

Sources: http://www.syslinux.org/wiki/index.php/SYSLINUX#LOCALBOOT_type_.5BISOLINUX.2C_PXELINUX.5D
http://www.gossamer-threads.com/lists/syslinux/users/7127

Order and description of downloading files via PXE

As mentioned at the beginning of the article, the directory where the WDS files are located for downloading is contained in the value of the RootFolder parameter in the registry branch HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WDSServer\Providers\WDSTFTP
The default is C:\RemoteInstall
Here, in the ReadFilter parameter, ReadFilter are directories where the TFTP server searches for files to download, starting from the root. With SCCM 2012 SP1 installed, this parameter is

 \boot\* \tmp\* \SMSBoot\* \SMSTemp\* \SMSImages\*

If you change the value of the parameter to \* then all files located in the RemoteInstall directory will be processed.

The role of the SCCM 2012 deployment point is specified in the ProvidersOrder registry key located in the HKLM\System\CurrentControlSet\WDSServer\Providers\WDSPXE
ProvidersOrder may be

SMSPXE	PXE service point in SCCM
SMS.PXE.Filter	PXE Script Handler from MDT (Microsoft Deployment Toolkit)
BINLSVC	Standard handler WDS and RIS

When SCCM is set, the ProvidersOrder parameter is set to SMSPXE . By changing the parameter, you can change the order of loading providers.

The following standard files are located in the RemoteInstall directory.

wdsnbp.com	A network boot program developed for Windows Deployment Services that performs the following tasks: 1. Discovery architecture. 2. Maintenance of waiting computers. When the auto-add policy is enabled, this network boot program is sent to the waiting computers to pause the network boot and inform the server of the client computer architecture. 3. Using network boot links (including using parameters 66 and 67 of DHCP)
PXEboot.com	(Default) Requires user to press F12 key to continue network boot
PXEboot.n12	Does not require the user to press the F12 key and immediately starts the network boot
AbortPXE.com	Boot the computer using the next boot item in the BIOS without waiting
Bootmgr.exe	Windows boot manager (Bootmgr.exe or Bootmgr.efi). Using the firmware, loads the Windows boot loader from a specific disk partition or via a network connection (in the case of network booting)
Bootmgfw.efi	The EFI version of the PXEboot.com and PXEboot.n12 programs (in EFI, the choice to load or not load PXE is done in the EFI shell, not by the network boot program). Bootmgfw.efi combines the features of PXEboot.com, PXEboot.n12, abortpxe.com and bootmgr.exe. At the moment, it only exists for x64 and Itanium architectures.
Default.bcd	The boot configuration data store (BCD), REGF format, can be loaded into REGEDIT, replaces the text file Boot.ini

Download takes place in the following order as described above.
1. Loading wdsnbp.com.
2. Next, pxeboot.com of the appropriate architecture is loaded.
3. PXEBoot.com downloads bootmgr.exe and BCD boot configuration data store
4. Bootmgr.exe reads the entries for the operating system BCD boot configuration data and loads the Boot.sdi file and the Windows PE image (boot.wim)
5. Bootmgr.exe starts loading Windows PE by accessing Winload.exe in the Windows PE image

If there are folders in RemoteInstall

 \Boot \Images \Mgmt \Templates \Tmp \WdsClientUnattend

their presence means that before adding the distribution point role to SCCM 2012 (PXE service points in SCCM 2007), there was some action to configure the installed Windows Deployment Services (WDS) that automatically created these folders.
For the distribution point role (PXE service points in SCCM 2007), only the following folders are sufficient

 \SMSBoot \SMSIMAGES \SMSTemp \Stores

This does not mean that SCCM is installed incorrectly, but may indicate a possible source of errors.
A very detailed solution to the various problems of the WDS, SCCM and PXE bundles is described in the article Troubleshooting the PXE Service Point and WDS in Configuration Manager 2007.

Total

In the IT infrastructure managed by System Center Configuration Manager, a new tool has been added for the work of system administrators in the field.

List of links to ISO images (Click to display)

download.f-secure.com/estore/rescue-cd-3.16-52606.iso
git.ipxe.org/releases/wimboot/wimboot-latest.zip
download.geo.drweb.com/pub/drweb/livecd/drweb-livecd-602.iso
rescuedisk.kaspersky-labs.com/rescuedisk/updatable/kav_rescue_10.iso
esetsupport.ru/eset_sysrescue.iso
boot.ipxe.org/ipxe.iso
citylan.dl.sourceforge.net/project/clonezilla/clonezilla_live_alternative/20130226-quantal/clonezilla-live-20130226-quantal-i386.iso
ftp.rasla.ru/_Distr_/WinPE/RaSla/WinPE_RaSla.iso
www.kernel.org/pub/linux/utils/boot/syslinux/syslinux-5.01.zip

Thanks for attention!