WDS and UEFI not playing nice

Forums › IT Pro and developers › WDS and UEFI not playing nice

toyonut

1508 posts

Uber Geek

# 136623 3-Dec-2013 16:27

Having a rather large issue with WDS and UEFI clients. I set up a new Server 2012R2 server with the WDS role on it to role out Windows 8.1 to our new hardware.
Got the BIOS set up to allow PXE boot but on every attempt it would come up with PXE-E16 no offer received.
Following advise here after much banging of my head on google, I reinstalled the WDS role in standalone mode. Clients now respond correctly and install, but we have no prestaging and we have no AD integration and possibly no domain join, but going to confirm that now.
Laptops are HP Envy touchsmart J038TX's.

Anyone else set up WDS in AD integrated mode and got it working with UEFI clients?

Try Vultr using this link and get us both some credit:

http://www.vultr.com/?ref=7033587-3B

toyonut

1508 posts

Uber Geek

# 944874 3-Dec-2013 17:16

Seems Domain Join is not working either. Going to install a previous image to try and narrow down the list of stuff that can go wrong.

Try Vultr using this link and get us both some credit:

http://www.vultr.com/?ref=7033587-3B

mightymidget

4 posts

Wannabe Geek

# 946597 6-Dec-2013 14:12

Got a simliar problem with Type2 VM's. TYPE-2 VM's have no legacy NIC and the use UEFI.

I have an AD with WDS. In my tests pre-staged UEFI clients will not PXE boot. They get an IP okay from the DHCP server but then fail to get an ACK from the WDS server. I've tried everything. The pre-staged computers have the correct BIOS GUID information and the DHCP server is set correctly. If I change the WDS server to 'Respond to all client computers' and select 'require admin approval' then I can get a UEFI client to boot, but this isn't ideal as they then get added to the 'Pending Devices' and have to be manually approved before WDS can deploy. When manually approving the pending clients it effectively creates a new pre-staged computer account to allow WDS to continue.

If I used TYPE1 VM's with BIOS and Legacy NIC then the everything works fine.

If you find the answer please post it back here. Would love to get this working.

OmniouS

320 posts

Ultimate Geek

Lifetime subscriber

# 946611 6-Dec-2013 14:35

We had an issue a while back with UEFI PXE clients not booting.

If you have DHCP options 66 and 67 set, remove them - they should only be used in special circumstances.

If your PXE clients are not on the same subnet as your WDS server, the correct thing to do is configure an IP helper address for your WDS server on the client VLAN.

mightymidget

4 posts

Wannabe Geek

# 946837 6-Dec-2013 23:19

OmniouS: We had an issue a while back with UEFI PXE clients not booting.

If you have DHCP options 66 and 67 set, remove them - they should only be used in special circumstances.

If your PXE clients are not on the same subnet as your WDS server, the correct thing to do is configure an IP helper address for your WDS server on the client VLAN.

Thanks for the advice Ominous. I'll check options 66/67. The WDS server is already on the same subnet as the clients, so no issues there.

I think my issue has more to do with using VM's as appose to physical machines. I think the problem lies with the WDS server, for some reason it doesn't recognise my pre-staged Type2 (UEFI) VM's as legitimate targets. When I pre-stage the VM's in AD I'm adding the BIOS GUID from the VM's xml file. It's here where the WDS server appears to be having a problem and is choosing to ignore any requests.

If I change the WDS server properties to 'Allow all', (but require admin approval) then after approval the UEFI VM's boot as expected. When I've done this I haven't bother to pre-stage, WDS adds the computer entry in AD. If I look at the BIOS GUID for the machine it adds it's the same as the manual entry I was using for previously failed attempts. I guess the above success kind of proves that the DHCP/WDS/ADDS is all synching otherwise I'd be getting nowhere, but I really need for WDS to accept pre-staged Type-2 UEFI VM's.

Seems like type-2 VM's have a few glitches when it comes to WDS. Fortunately my problems are limited to a test lab, but it doesn't give me much confidence about rolling out WDS in a live environment.

Thanks all the buddy, I'll post back if I find an answer.

nathan

5173 posts

Uber Geek

Trusted

Microsoft

# 947025 7-Dec-2013 12:00

any Configuration Manager involved here, or just native WDS on Server 2012 R2?

mightymidget

4 posts

Wannabe Geek

# 947364 8-Dec-2013 06:27

nathan: any Configuration Manager involved here, or just native WDS on Server 2012 R2?

Just WDS on Server 2012 R2, no config manager.

Done some more tests, Type 1 VM's (std BIOS) PXE boot and install perfectly, both pre-staged VM's and unknown VM's (once I change the WDS properties to allow unknown clients).
Type 2 VM's (UEFI) install perfectly if I leave the WDS properties to allow any or unknown clients but if I change it to allow only known clients and then pre-stage the VM's it fails to deploy. The Type2 VM's PXE boot and get an IP from my DHCP server but the WDS server fails to respond and deploy. For some reason it's not acknowledging my pre-staged clients as legitimate known systems. Yet for Type1 VM's it will.

The only difference between Type1 & 2 VM's is the NIC and UEFI, so it must be one of these things causing the problem either that or the 2012 R2 WDS doesn't like either. What's strange is it works fine with unknown clients once WDS set to accept unknown clients.

Drawing blanks here, I think it's more than just a simple setting or configuration issue.

toyonut

1508 posts

Uber Geek

# 952481 15-Dec-2013 10:56

Wow, this topic took off, I had given up hope after no replies when I posted it.
I am not sure what happened to our server. It is just straight WDS and it is handling WSUS as well. The idea was to make it an SCCM 2012R2 server to better handle the surfaces that are coming, but that is a job that takes a lot of time and it is a low priority. I started off with option 66 set just like our old wds server on the scope options.
UEFI Clients had trouble connecting properly but were getting an IP address. After running through lots of combinations of 66 and 67 options I set option 66 only as a server option on our dhcp servers.
It has now run through 20+ clients happily except for one where I spelled the name of the referral server wrong when naming the client. After finding the mistake and fixing it it was fine.

Our Server is AD integrated, I have run through the process to give object creation rights to the 2012R2 WDS server over the default computers OU in AD. After setting the AD object creation options I had to reboot the server to get it to recognize it had the right to create new objects. With no DHCP helper options set, it would not work, but now with option 66 set as a server option it is fine and clients find it. It selects the correct boot file for the client type without any option 67 intervention. We use the option to respond to all clients but require admin intervention for unknown clients so we can specify a name for them and set any options if required.
I think my biggest mistake was setting too many options at once, just make one change, give it a minute and then check. In the server properties I have set all the options manually too instead of relying on the server to guess them. Things like setting the GC and DC servers, setting the UDP ports, the server is authorized in DHCP (need to be enterprise admin in the parent domain to do this) and the OU to put new computers in is manually set to match the OU the WDS Server has rights over. In the end the config matches the 2008R2 old WDS server pretty much exactly and it all works.

Try Vultr using this link and get us both some credit:

http://www.vultr.com/?ref=7033587-3B

toyonut

1508 posts

Uber Geek

# 952484 15-Dec-2013 11:01

Mightymidget, when prestaging, are you setting the option for the referral server?

Try Vultr using this link and get us both some credit:

http://www.vultr.com/?ref=7033587-3B

mightymidget

4 posts

Wannabe Geek

# 952534 15-Dec-2013 13:15

paulmilbank: Mightymidget, when prestaging, are you setting the option for the referral server?

Hi there, yeah I'm pretty sure I tried it quoting the referral server. I'll go back and try it again just to be sure. I'll let you know what happens.