There are several configuration decisions to consider before you use the pre-execution environment (PXE) to initiate the deployment of the operating system in your System Center 2012 Configuration Manager environment.
PXE Deployments and Windows Deployment Services
Windows Deployment Services (WDS) must be installed on the same server as the distribution point that you use to deploy the operating system. For more information about WDS and other operating system deployment prerequisites, see Prerequisites For Deploying Operating Systems in Configuration Manager.
Configuring Distribution Points to Support PXE-Initiated Deployments
To initiate an operating system deployment by using PXE, you must configure a distribution point to accept PXE requests from the destination computers where the operating system is deployed. There are two ways to configure a distribution point to support PXE requests. You can set the appropriate PXE settings when you install the distribution point by using the Create Site System Server Wizard, or you can configure the PXE setting on an existing distribution point by using the Property page for the distribution point.
For distribution point considerations that are not specific to PXE, see the Plan for Distribution Points section in the Planning for Content Management in Configuration Manager topic.
You can configure the following PXE options for the distribution point:
- You must specify that the distribution point
supports PXE requests from clients.
- You can specify if Windows Deployment
Services is enabled or disabled for the distribution point.
- You can specify that the distribution point
accepts PXE requests from unknown computers. Unknown computers are
computers that are not managed by Configuration Manager: the
Configuration Manager client is not installed on the computer or
the computer is not imported into the Configuration Manager
database. For more information about how to deploy operating
systems to unknown computers, see How to Manage Unknown
Computer Deployments in Configuration Manager.
- You can specify that a password is required
to start the PXE boot.
- You can specify user device affinity for the
destination computer. This setting allows you to associate a user
with the destination computer after the operating system is
deployed. For more information about how Configuration Manager uses
user device affinity, see the Deploying
Applications in Configuration Manager section of the Introduction to
Application Management in Configuration Manager topic.
- You can specify that the distribution point
responds to PXE requests on all network interfaces, which is the
default, or if it responds to PXE requests on only specific network
interfaces.
- You can specify how long the distribution
point delays, in seconds, before it reacts to a PXE request.
Distributing Boot Images to the Distribution Point
You must have both an x86 and an x64 PXE-enabled boot image deployed to the distribution point for the PXE deployment to succeed. The packages for these boot images must specify that they will be deployed to distribution points that support PXE requests. When this is done, Configuration Manager distributes the boot image to the RemoteInstall folder on the distribution point. In addition, when this setting is disabled, the image is removed from the RemoteInstall folder. For information about how to create a PXE enable boot image, see the How to Create a PXE enabled Boot Image section in the How to Deploy Operating Systems by Using PXE in Configuration Manager topic.
Note |
---|
The boot image is copied or removed locally by the distribution point when it updates the RemoteInstall folder. The boot image is not sent over the network when the folder is updated. |
PXE Deployments
When you deploy operating systems by using PXE, you have the following options:
- Required deployment: Required
deployments will use PXE without any user intervention. The user
will not be able to bypass the PXE boot. However, if the user
cancels the PXE boot before the distribution point responds, the
operating system will not be deployed.
- Available deployment: Available
deployments require that the user is present at the destination
computer so that they can press the F12 key to continue the PXE
boot process. If the user is not present to press F12, the computer
will boot into the current operating system or from the next
available boot device.
- Re-deploy a deployment: You can
re-deploy a required PXE deployment by clearing the status of the
last PXE deployment assigned to a Configuration Manager collection
or a computer. This action resets the status of that deployment and
re-deploys the most recent required deployments.
Security Note |
---|
The PXE protocol is not secure. Ensure that the PXE server and the PXE client are located on a physically secure network, such as in a data center to prevent unauthorized access to your site. |
Windows Deployment Service and Dynamic Host Configuration Protocol (DHCP)
Consider the following configuration issues if you plan to co-host the distribution point on a server running DHCP.
- You must have a functioning DHCP server with
an active scope. Windows Deployment Services uses PXE, which
requires a DHCP server.
- DHCP and Windows Deployment Services both
require port number 67. If you co-host Windows Deployment Services
and DHCP, you can move DHCP or the distribution point that is
configured for PXE to a separate server. Or, you can use the
following procedure to configure the Windows Deployment Services
server to listen on a different port.
To configure the Windows Deployment Services server to listen on a different port
-
Modify the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WDSServer\Providers\WDSPXE
-
Set the registry value to: UseDHCPPorts = 0
-
For the new configuration to take effect, run the following command on the server:
WDSUTIL /Set-Server /UseDHCPPorts:No /DHCPOption60:Yes
-
- A DNS server is required to run Windows
Deployment Services.
- The following UDP ports must be open on the
Windows Deployment Services server.
- Port 67 (DHCP)
- Port 69 (TFTP)
- Port 4011 (PXE)
Note In addition, if DHCP authorization is required on the server, you need DHCP client port 68 to be open on the server. - Port 67 (DHCP)