Wiki source code of Network Boot Service

Last modified by Jannis Klein on 2024/08/13 08:20

version	line-number	content
1.1	1	{{aagon.priorisierung}}
	2	120
	3	{{/aagon.priorisierung}}
	4
	5	{{aagon.floatingbox/}}
	6
4.1	7	= General information =
1.1	8
4.1	9	The Network Boot Service is the central point responsible for the network boot of client computers.
	10	Components of the Network Boot Service are a DHCP Proxy Service, which responds to DHCP requests from Boot Clients, and a TFTP Service, which is responsible for downloading files through the TFTP Client of the Network Boot Clients.
1.1	11
4.1	12	The installation file for the Network Boot Service can be found on the ACMP share in the NetworkBoot directory. Executions the file ACMP Network Boot Service.msi to start the installation. First enter the name of the ACMP Server and the port.
1.1	13
	14
	15	(% style="text-align:center" %)
	16	[[image:https://manual.aagon.com/acmp/de/61/hmfile_hash_f12bc69d.png\|\|alt="14.1 - Server eintragen" height="311" width="399"]]
4.1	17	Enter server name and server port
1.1	18
4.1	19	Once you have confirmed your details by clicking on //Next//, you can start the installation. Once the installation is complete, the Network Boot Service that has just been installed is entered and must be configured.
1.1	20
4.1	21	= Configuration of the Network Boot Service =
1.1	22
4.1	23	Navigate to the configuration in the ACMP Console to //System > Settings > OS Deployment > Network Boot Service//.
	24	The upper area of the window deals with general settings for the Network Boot. Firstly, specify whether Clients should be imported automatically. Choose between the following options:
1.1	25
4.1	26	* Only import Network Boot requests
1.1	27
4.1	28	Only Clients for which the network boot has been performed are imported. These are displayed in the inventory with the computer name [NetworkBoot].
1.1	29
4.1	30	* Import all DHCP requests
1.1	31
4.1	32	All devices are imported. It is irrelevant whether the PXE boot was performed or not.
	33
	34	* Disable
	35
	36	No Clients are imported.
	37
	38
	39	You can also enter MAC addresses from which the network boot should ignore all requests. To create a filter, select //Add// and enter the address mask. You can use '*' (asterisk key) as a wildcard to specify address patterns. You can also enter an explanatory description. The filter is only applied after you enable it. You can enable the filter directly in the overview or select the //Edit// button when the filter is selected.
	40
	41	The Client on which you have just carried out the installation appears in the Network Boot Service area at the bottom. Select the entry and click on //Edit//. A file repository must be integrated to use the Network Boot Service, which you can integrate here.
	42
1.1	43	{{aagon.infobox}}
4.1	44	The file repository used must be of the "network share" type. Only these are supported for use in OS Deployment.
1.1	45	{{/aagon.infobox}}
	46
	47	(% style="text-align:center" %)
	48	[[image:https://manual.aagon.com/acmp/de/61/hmfile_hash_d5ec0f48.png\|\|alt="14.2 - Bindungen bearbeiten" height="384" width="512"]]
	49	Bindungen des Network Boot Services bearbeiten
	50
4.1	51	All network cards of the Client are displayed. Enable the checkbox only for the IP address that is to use the Network Boot Service.
1.1	52
4.1	53	Always send boot response is used if no Rollout has been started for boot requests from Clients. A timeout is prevented.
1.1	54
	55	{{aagon.infobox}}
4.1	56	Please note that this option may affect Thin Clients and IP phones, depending on the configuration.
1.1	57	{{/aagon.infobox}}
	58
4.1	59	Confirm your customisations and save the changes. You will be prompted to restart the Network Boot Service on the Client. You will find the service in the local services with the name ACMP Network Boot.
1.1	60
4.1	61	= Firewall settings =
1.1	62
4.1	63	The firewall must be configured accordingly for the Network Boot Service to function properly. No additional information is required when using the Windows firewall. All items are already entered during the installation of the Network Boot Service.
1.1	64
4.1	65	If you are using a firewall from another manufacturer, the following information must be entered.
1.1	66
	67	== Inbound Rule ==
	68
4.1	69	\|(% style="width:150px" %)Field\|(% style="width:1213px" %)Indication
1.1	70	\|(% style="width:150px" %)Name\|(% style="width:1213px" %)ACMP Network Boot Service Proxy DHCP (UDP)
	71	\|(% style="width:150px" %)Group\|(% style="width:1213px" %)ACMP Network Boot Service
	72	\|(% style="width:150px" %)Protocol\|(% style="width:1213px" %)UDP
	73	\|(% style="width:150px" %)Local Port\|(% style="width:1213px" %)67,4011
	74	\|(% style="width:150px" %)Remote Port\|(% style="width:1213px" %)Any
	75	\|(% style="width:150px" %)Name\|(% style="width:1213px" %)ACMP Network Boot Service TFTP Server (UDP)
	76	\|(% style="width:150px" %)Group\|(% style="width:1213px" %)ACMP Network Boot Service
	77	\|(% style="width:150px" %)Protocol\|(% style="width:1213px" %)UDP
	78	\|(% style="width:150px" %)Local Port\|(% style="width:1213px" %)69
	79	\|(% style="width:150px" %)Remote Port\|(% style="width:1213px" %)Any
	80
	81	== Outbound Rule ==
	82
4.1	83	\|(% style="width:150px" %)Field\|(% style="width:1213px" %)Indication
1.1	84	\|(% style="width:150px" %)Name\|(% style="width:1213px" %)ACMP Network Boot Service (TCP)
	85	\|(% style="width:150px" %)Group\|(% style="width:1213px" %)ACMP Network Boot Service
	86	\|(% style="width:150px" %)Protocol\|(% style="width:1213px" %)TCP
	87	\|(% style="width:150px" %)Local Port\|(% style="width:1213px" %)Any
4.1	88	\|(% style="width:150px" %)Remote Port\|(% style="width:1213px" %)2106 (You specified this port during the installation of the Server)
1.1	89	\|(% style="width:150px" %)Name\|(% style="width:1213px" %)ACMP Network Boot Service Proxy DHCP (UDP)
	90	\|(% style="width:150px" %)Group\|(% style="width:1213px" %)ACMP Network Boot Service
	91	\|(% style="width:150px" %)Protocol\|(% style="width:1213px" %)UDP
	92	\|(% style="width:150px" %)Local Port\|(% style="width:1213px" %)67,4011
	93	\|(% style="width:150px" %)Remote Port\|(% style="width:1213px" %)Any
	94	\|(% style="width:150px" %)Name\|(% style="width:1213px" %)ACMP Network Boot Service TFTP Server (UDP
	95	\|(% style="width:150px" %)Group\|(% style="width:1213px" %)ACMP Network Boot Service
	96	\|(% style="width:150px" %)Protocol\|(% style="width:1213px" %)UDP
	97	\|(% style="width:150px" %)Local Port\|(% style="width:1213px" %)69
	98	\|(% style="width:150px" %)Remote Port\|(% style="width:1213px" %)Any
	99
4.1	100	= NBS in Subnets =
1.1	101
4.1	102	There are different scenarios in which the NBS is used. Two common cases are described below.
1.1	103
4.1	104	==
	105	Operation in another subnet ==
1.1	106
4.1	107	If you have multiple subnets / VLANs, you must set up IP helpers on the routers/switches, which forward the DHCP requests to the NBS in addition to your DHCP Server. This ensures that the blocked broadcasts are forwarded to the subnets according to the IP helper configuration.
1.1	108
	109	{{aagon.infobox}}
4.1	110	Please note that no option 66 or 67 must be set on the DHCP Server.
1.1	111	{{/aagon.infobox}}
	112
4.1	113	Alternatively, an NBS must be installed in each subnet in which you want to roll out. This ensures direct communication between the NBS and the ACMP Server.
1.1	114
4.1	115	However, if you do not have the option of forwarding multiple broadcast requests across the subnet and configuring them, you can install the NBS on the DHCP Server directly.
1.1	116
	117	{{aagon.infobox}}
4.1	118	This option should only be used if the IP Helper/DHCP Relay settings cannot be set! Make sure that the Network Boot Service is configured to "automatic (delayed start)" so that the DHCP Server always starts before the Network Boot Service.
1.1	119	{{/aagon.infobox}}
	120
4.1	121	For this to be possible, the DHCP area options 60 and 66 must be configured. Option 66 can be set in the DHCP GUI. Option 60 is not displayed in the DHCP GUI by default. It must therefore be enabled via CMD.
1.1	122
	123
4.1	124	The commands for this are:
1.1	125
	126	netsh
	127
	128	dhcp server
	129
	130	add optiondef 60 PXEClient STRING 0 comment=//Option added for PXE support//
	131
	132	set optionvalue 60 STRING PXEClient
	133
	134	set optionvalue 66 STRING (Hostname DHCP Server)
	135
	136	exit
	137
	138
4.1	139	The host name of the DHCP Server must be inserted in the row, unless option 66 has already been set accordingly in the GUI.
1.1	140
4.1	141	== Operation at another location ==
1.1	142
4.1	143	To be able to operate the NBS at a different location, you must first create a deployed file repository ([[Verteiltes File Reposititory>>doc:ACMP.65.ACMP-Solutions.System.Verteilte File Repositories.WebHome]]) You install an NBS at this location.
1.1	144
4.1	145	The NBS of the location is configured to the deployed file repository. This saves your bandwidth and requests are edited more quickly.
1.1	146
4.1	147	= Error messages during Rollout via the Network Boot Service =
1.1	148
4.1	149	If you start up the Network Boot Service at your site, you may receive various error messages. There may be different reasons for these error messages. The most important error messages, what they mean and how you can identify and solve the problem are described below.
1.1	150
4.1	151	In the event of an error message on the Rollout Client, you must open the command line using the key combination "SHIFT + F10" in the foreground of your screen. If you are working with a notebook, you may also need to press the "FN" key ("SHIFT" + "FN" + "F10") due to the shift key.
1.1	152
4.1	153	Then find the relevant error message and follow the suggested solutions to correct the condition.
1.1	154
4.1	155	\|Error message\|Description\|Problem identification\|Proposed solution
1.1	156	\|"Error while downloading OSInstaller"
4.1	157	\\(network card driver missing)\|For example, if you want to transfer an operating system to a new Client via a Rollout Templates, the error message "Error while downloading OSInstaller" may appear. This message indicates that a driver is missing from the Boot Images.\|(((
	158	Use the command line (SHIFT + F10) to call up the command "IPCONFIG /ALL" and check whether the network card has been assigned an IP address.
	159
	160	If this is not the case, the driver is missing.
	161	)))\|Download the manufacturer's network card driver and integrate it into the Boot Images. Recurrence the Rollout by starting it again.
1.1	162	\|"Error while downloading OSInstaller"
4.1	163	\\(Naming scheme of the ACMP Server is not correct)\|(((
	164	An error occurred when downloading the OSInstaller. This may be due to the name not being stored correctly and therefore not working.
	165
	166	Once you have ensured that an IP address has been assigned to the Client, the next step is to check whether the ACMP Server can be reached via the network. The information is stored in the Settings.ini in the Boot Images.
	167	)))\|Open the command line ("SHIFT + F10") and enter the command "notepad X:\Settings.ini". This can be used to determine which server name is stored. The "Ping" command is then used to check whether the Client can be reached with the specified name. If this is not the case, you can try the ping again with the FQDN and the IP address.
	168	\\Computer name:(((
1.1	169	(% style="text-align:center" %)
	170	[[image:63_OS Deployment_Network Boot Image_Computername_379.png]]
	171
4.1	172	IP-Adress:
1.1	173
	174	(% style="text-align:center" %)
	175	[[image:63_OS Deployment_Network Boot Image_CIP Adresse_381.png]]
	176
	177	FQDN:
	178
	179	(% style="text-align:center" %)
	180	[[image:63_OS Deployment_Network Boot Image_FQDN_379.png]]
4.1	181	)))\|(((
	182	To enable the client to reach the ACMP server, the Settings.ini must be adjusted so that the server can be reached via the IP address or the FQDN.
	183	The Settings.ini is located in the "<ACMPServer>\Clients" directory and under "\OsdRepo\OSD\{41646469-7469-6F6E-616C-46696C657300}\AdditionalFiles\$1\Acm pAgentInstall".
	184
	185	The Settings.ini is copied into a boot image when it is created in the ACMP Console.
	186	)))
1.1	187	\|"Error while downloading OSInstaller"
4.1	188	\\(Incorrect time stamp (date/time) in the BIOS)\|(((
	189	An error occurred when downloading the OS installer. This may be due to an incorrect date or time being stored in the BIOS.
	190
	191	Similar to the previous source of error, it is possible that the client has been assigned an IP address and can also reach the name stored in Settings.ini, but an incorrect date and/or time is set in the BIOS. If there is a difference between the server and client, the server certificate is not recognised as valid and the client cannot establish a connection.
	192	)))\|Open the BIOS of the client and check whether the current time stamp, which is also displayed in the boot image, matches.
	193	\|Adjust the date and time so that the certificate check can work correctly.
	194	\|"PXE Boot - Request does not arrive at the Network Boot Service"{{aagon.infobox}}The error mentioned here is system-wide and refers to the fact that a rollout template was assigned to the client via the MAC address, but the computer does not boot via the network. The client's PXE boot request times out and the normal boot process continues.{{/aagon.infobox}}\|(((
	195	The request sent by the booting client does not reach the Network Boot Service.
	196
	197	This may be the case, for example, if you want to roll out to a new subnet in your company and the client cannot send the PXE broadcast to the ACMP Network Boot Server via a router.
	198	)))\|There may be several reasons why the request does not arrive.
	199	Either the request from the booting client does not reach the Network Boot Service or the response from the Network Boot Service is not sent to the booting client.
	200	Use the "Wireshark" application to retrieve all connections and requests. This allows you to check where exactly the request is not arriving:
	201	If you start a Wireshark on the computer on which the Network Boot Service is installed, you can check whether the request arrives there and whether it sends a response.
	202	If a Wireshark is started in the network segment of the booting client, you can see whether the DHCPOFFER of the Network Boot Service arrives there.\|To ensure that the request arrives, you can either configure an IP helper on the switches or install an additional network boot service in the respective subnet.
	203	\|"PXE-E55“ – „Proxy DHCP service did not reply to request on port 4011“\|The proxy service is not responding to the request for port 4011.\|Check whether options are set on the DHCP server that are related to ACMP. \|(((
	204	The Network Boot Service does not support DHCP options, which is why you must either configure an IP helper on the switches or install another Network Boot Service in the respective subnet.
	205	)))
	206	\|"PXE-E53“ – „No Boot Filename Received"\|(((
	207	No boot file name was recipients.
	208	)))\|Check whether the Network Boot Service is installed on a domain controller or another Server with DHCP service.\|The Network Boot Service (NBS) is a DHCP proxy that works on port 67. If you have installed the NBS on a host with an active DHCP service, the following configurations must be set in the DHCP service on the host or the NBS must be installed on another device.
	209	Configure the DHCP range with Options 60 and 66.
	210	Option 60 is not displayed in the DHCP GUI by default and must be enabled via CMD.
	211	Option 66 can be set by you in the DHCP GUI. The problem occurs when both options are set and the DHCP must be forwarded to the port.
	212	The required commands are
1.1	213	\\netsh
	214	dhcp server
	215	add optiondef 60 PXEClient STRING 0 comment="Option added for PXE support"
	216	set optionvalue 60 STRING PXEClient
	217	set optionvalue 66 STRING (Hostname DHCP Server)
	218	exit
4.1	219	\\If option 66 has not yet been set via the GUI, insert the host name of the DHCP Server in the row.{{aagon.infobox}}The Network Boot Service should be configured to "delayed automatic start" so that the service always starts after the DHCP service in future. This is necessary for the port to bind.{{/aagon.infobox}}
1.1	220	\|Windows Setup Failed
4.1	221	(Hard drives are not recognised) \|An error occurred during Windows setup.\|Use the command line ("SHIFT + F10") to call up the "Diskpart" and "List Disk" commands. You can use these two commands to check whether the disk is recognised.\|If no disk is recognised, you must integrate a hard drives controller driver into the Boot Images. This is often SCSI. With Dell devices, the error can also be rectified if the settings for RAID ON are set in the BIOS.
1.1	222	\|Windows Setup Failed
4.1	223	(No correct partitions) \|The Windows setup has failed although a disk has been recognised. This may be because the settings in the response file do not match.\|(((
	224	Open the command line ("SHIFT + F10"). If a hard drive has been recognised, you can enter the commands "set disk 0""list part" to display the partitioning of hard drive 0.
1.1	225
4.1	226	This allows you to check whether this corresponds to the settings in the response file.
	227	)))\|If the settings do not correspond to the response file or the Client's prior configuration is identical to the new setting, it may not be possible to recognise whether the partitioning has been applied correctly.enter the "clean" command after entering "sel disk 0", which will cleanup the partition and allow the Rollout to be tested again. Alternatively, you can change the response file to a DiskPart script execution in the tab //[[Partitioning>>https://learn.microsoft.com/de-de/windows-hardware/manufacture/desktop/oem-deployment-of-windows-desktop-editions-sample-scripts?preserve-view=true&view=windows-10]]//
1.1	228
4.1	229	= Updating the Network Boot Service =
1.1	230
4.1	231	After installation of an ACMP Updates, it may be necessary to update the Network Boot Service.
	232
1.1	233	{{aagon.infobox}}
4.1	234	Refer to the [[ACMP Release Notes>>https://www.aagon.com/produkte/ueberblick/release-notes-acmp/]] to find out whether and which additional components you need to update.
1.1	235	{{/aagon.infobox}}
	236
4.1	237	If a new version of the Network Boot Service is available in the ACMP Updates, you can update your existing installation as follows:
1.1	238
4.1	239	1. Navigate to the installation file on the ACMP share in the NetworkBoot directory.
	240	1. Executions the file //ACMP Network Boot Service.msi//.
	241	1. After the update, check the status of the Network Boot Service by navigating to //System > Settings > OS Deployment > Network Boot Service// in the ACMP Console. If the configuration has been completed correctly and the Network Boot Service is active, it will be displayed with a green tick.