Thursday, March 6, 2014

PXE Boot files in RemoteInstall folder explained (UEFI)

2 years ago I published a blogpost about PXE Boot Files. Today this is the most read blogpost on Henk's blog. This time I want to update this blogpost for UEFI. The Unified Extensible Firmware Interface (UEFI) is meant to replace the Basic Input/Output System (BIOS) firmware interface. When using PXE boot or want to deploy an image some special configuration is needed. Let's have a look.

Recently I did a deployment on a new Lenovo Helix device with UEFI firmware. By default when using PXE boot in combination with DHCP Options this isn't working. This because some special configuration is needed in DHCP. When using IP-helpers, BIOS and UEFI can be used both together. No special configuration needed for that. But with DHCP Options PXE boot doesn't seems to work at all!

As described before (PXE Boot files in RemoteInstall folder explained) there are multiple files in the RemoteInstall folder. These days there is however a new file added for UEFI support called wdsmgfw.efi. This file is a special NBP developed for use by Windows Deployment Services (WDS) UEFI usage.

When using DHCP Options for PXE Boot, Option 66 and 67 are needed. Option 66 must be the IP-address of your WDS or SCCM server, Option 67 must be SMSBoot\x86\wdsnbp.com (which is the first file needed during the PXE Boot process). This is working only on systems with a BIOS firmware, not a UEFI firmware. When using UEFI, Option 67 must be set to wdsmgfw.efi (No BIOS support)!

 
When changing SMSBoot\x86\wdsnbp.com to SMSBoot\x86\wdsmgfw.efi an error message is displayed. This because my SCCM server (which is Windows 2008 R2) doesn't support an x86 UEFI boot file. Therefore x64 must be used instead. When using Windows 2012 (R2) both x86 and x64 are supported. After using x64 the device gets the wdsmgfw.efi file and tries to contact the WDS Server, but after some time I get error 0x102.

Therefore another fix is needed. This time DHCP Option 60 must be added. DHCP Option 60 is used normally when DHCP and WDS are on the same box. In my situation this isn't the case, but still this fix is needed! Try to configure this one to PXEClient to get the job done. All seems fine now, but still an error message will be displayed. This time the error \Windows\System32\boot\winload.efi and 0xc0000359 is showed. Therefore a different boot image must be used.

When deploying Windows images I normally use an x86 boot image. For UEFI support (on Windows Server 2008 R2 only?) it's needed however to select an x64 boot image. When that's done OS deployment is working finally. Let's do a recap on all configuration needed when using Windows Server 2008 R2 for WDS in combination with UEFI firmware on endpoints.

1) DHCP Option 67: smsboot\x64\wdsmgfw.efi
2) DHCP Option 60: PXEClient
3) Task Sequence: Select x64 boot image

Multiple sources were used to get the job done:
PXE Boot with UEFI. WDS not sending WinPE wim
Black screen or trap error when booting EFI PXE client to Windows Server 2008 R2 WDS Server
SCCM OSD to UEFI laptop with PXE boot crashes - winload.efi

40 comments:

  1. Thanks for the information! We are going to get PXE going tomorrow and this is something good to note.

    ReplyDelete
  2. Wow really Awesome blog its so informative for us,,Click on this link. BOOTMGR Missing in Windows 7 its can help to solve your bootmgr problem
    Thank you
    Aalia lyon

    ReplyDelete
  3. Very Educational Henk, It is close to a problem I am having..maybe you know the solution. I am using x86 boot image to deploy Windows 7 x86 to a UEFI workstation...How would I make that work, currently it gives me the 0xc0000359 error. Any ideas on how to have x86 WinPE work with UEFI successfully?

    ReplyDelete
    Replies
    1. Thanks for comment. I had the same error before. Solution was to select a x64 boot image in both SCCM task sequence and DHCP options. Have you tried that already? Configuration shown in blogpost.

      Delete
  4. Many thanks for this, worked great for WDS on Server 2012 R2

    ReplyDelete
  5. Good info but a bit confusing, why even use options 66 and 67 when MS advises not to do this. You either have a flat network where these options are not required or use IP helpers. Most issues occur when people are told to use these options!

    ReplyDelete
    Replies
    1. You're right on that, but when on customer locations I'm seeing DHCP options a lot. Besides of Microsoft telling not to do this, this is not always applicable for specific subnets. Therefore a blogpost to help you with the config.

      Delete
  6. awesome ! DHCP option 60 was my issue.
    Thanks a lot

    ReplyDelete
  7. As I exclusively use x64 UEFI machines, I've worked out the following:

    1. Backup wdsmgfw.efi
    2. Make a copy of bootmgfw.efi and rename it wdsmgfw.efi
    3. Boot via PXE. This guarantees the drivers built into UEFI are used, the laptop screens are running at full resolution and network connectivity is available when connecting to WDS/MDT/SCCM for the installation image. (Try installing via USB and you get the same results - full resolution on the laptop screen)

    This also avoids having to alter DHCP settings -- although I couldn't work out how to keep wdsmgfw.efi being "replaced" with bootmgfw.efi - whenever WDS is restarted, it seems to restore the old file!

    ReplyDelete
    Replies
    1. Yes, renaming the file will do indeed. Did that before on n12 file also. Unfortenately when WDS is restarted the file will be in the original state again (as you mention)!

      Delete
  8. I wonder if you set the file to read-only if it will be preserved past a WDS restart. That's what I used to do with the n12 files.

    ReplyDelete
    Replies
    1. Will try that at next SCCM implementation. Sounds like a good idea!

      Delete
  9. DHCP Options in Place, WDS Server 2012, UEFI -Clients, trying to deploy Win8.1 x64
    My clients keep reporting "error 0x102" after loading wdsmgr.efi.
    With option 60 set to PXEClient, clients are not even able to load wdsmgr.efi, so I removed option 60 again.
    Same configuration with BIOS-Machines and wdsnbp.com works perfectly.
    Am I getting something wrong?

    ReplyDelete
    Replies
    1. Maybe restart the WDS service did the trick?

      Delete
  10. DHCP scope option 60 can be added using the command listed here: https://msdn.microsoft.com/en-us/library/dd128762(v=winembedded.51).aspx
    In my case Option 60 was not visible in the DHCP Scope options list.

    Thanks for this most, it really helped me out!

    ReplyDelete
    Replies
    1. Thanks for comment and URL on this!

      Delete
    2. Is it possible to configure DHCP options to support both UEFI and BIOS booting machines? When the DHCP options are configured for UEFI, when a BIOS machine boots it won't work because of the reference to the .efi file.
      What are your suggestions for a mixed scenario (in the same DHCP scope)?

      Thanks in advance!

      Delete
    3. When having a mixed scenario, the only solution possible is using IP-helpers (which is the preferred method anyway). Otherwise you can setup multiple DHCP scopes with different boot files (it works, but is a bad solution). Hope it helps!

      Delete
    4. When using IP-helpers the correct boot file will be used by default..

      Delete
    5. This is not true. You can do it via DHCP using policies. See e following:

      White paper describing in detail how to setup DHCP.
      http://2pintsoftware.com/?wpdmdl=12324


      Video or the setup for those more impatient.
      http://m.youtube.com/watch?v=k5E97ndlRog

      Delete
  11. I am having an issue with UEFI and x64 boot.wim. I am not using WDS. My DHCP and TFTP Servers work great for x86. x64 looks like it should be working but after the x64 boot.wim file completes downloading the laptops I am testing with either do nothing or reboot. I've tried the DHCP option 60 set to PXEClient and it actually prevents the process from working.

    ReplyDelete
    Replies
    1. Maybe a NIC driver is missing? Just press F8 and have a look. Hope it helps!

      Delete
  12. Hello
    I have the following issue :
    I 'm testing a zti installation
    all is ok but when I clear requirement pxe deployxement
    when i boot my windows machine each time he try ro tun
    the n12 file. but he keep asking me to press on f12 ...
    ( i have renamed the file in the boot /x64 folder
    my pc are x64 and i change the dhcp option to point to x64 folder
    tks

    tks for your help

    ReplyDelete
    Replies
    1. The n12 file is working only in WDS, not in SCCM unfortunately..

      Delete
  13. Hello,

    thx very much for the good explanation. I have another problem with SCCM 2012 R2 and PXE-Boot with UEFI. After deploying Windows 8.1 x64 to an UEFI based client, I cant do the the deployment again, bacause of Windows Boot Manager is the first boot device now. We prefer a "zero-touch" installation, so teh should be no person to enter the boot priority. Do u have any suggestion??

    ReplyDelete
    Replies
    1. Yes, saw that behavior too. Maybe you need to remove the PXE tag (in SCCM) as well?

      Delete
    2. If you are using Dell or HP you need to change boot priority via vendor tools running in WinPE. You can include them as a step of task sequence in MDT/SCCM

      Delete
  14. Hi, Iam having the issue that I cant use a zero-touch installation, because Windows Boot Manager is taking over as the first boot device. How can I force PXE-Boot after a full installation??

    Best regards
    Joerg

    ReplyDelete
    Replies
    1. Yes, saw that behavior too. Maybe you need to remove the PXE tag (in SCCM) as well?

      Delete
    2. I did that, unfortunately still no PXE-Boot. Any other suggestion??

      Delete
  15. In out environment, we have older legacy BIOS clients and UEFI clients. I've implemented the settings described in your article and the UEFI clients work well, but some of my legacy BIOS clients give the "PXE-079: NBP is too big to fit in free base memory" error. How do I set things up in a mixed environment?

    ReplyDelete
    Replies
    1. When you have both UEFI and Legacy, you need to use different VLANs or IP-Helpers instead of DHCP options. Then it should work!

      /Henk

      Delete
    2. Check out these 2 links. One is for configuring Infoblox DHCP to auto-boot for both UEFI and BIOS. The other is Microsoft DHCP.

      https://community.infoblox.com/t5/DNS-DHCP-IPAM/UEFI-PXE-Boot/m-p/6297#M970

      https://www.youtube.com/watch?v=k5E97ndlRog

      Delete
  16. Um, if you want to do both UEFI and BIOS, watch this how-to video about DHCP Policies. We did that because we had some images we didn't want to mess with and it worked instantly.

    https://www.youtube.com/watch?v=k5E97ndlRog&app=desktop

    ReplyDelete
  17. Thaks for the information.
    I have a situation here that we have both Legacy and UEFI machines which needs to be build by PXE (SCCM 2012). We are using Windows server 2008 R2.. Is it possible to achieve this? As of now i am getting the "Windows Field to start" error which you are provided above

    ReplyDelete
  18. Hi ,

    I get this error when the client if trying to PXE boot. "nbp is too big to fit in free base memory pxe-e79". I have set up the boot file server and boot file name in DHCP server.

    Can you please help?

    ReplyDelete
  19. hi sir thank you for a good information but sir can you tell me the working of sms boot files plz..

    ReplyDelete