Diskless booting of windows over the network. Setting up WTware to boot the terminal over the network. Diskless terminals. How to boot computers using ISO over local network

News 29.09.2022
News

Technology PXE relies on standard protocols, including TCP/IP and Dynamic Host Configuration Protocol.

Many years ago, in order to configure a user's computer or troubleshoot a problem on it, someone from the IT service or corporate HelpDesk service had to take installation disks for software products, as well as disks with diagnostic tools and drivers, and go to it problem PC.

With the creation of corporate networks, a solution to this problem was found. In the mid-1990s, Intel, along with many other hardware and software manufacturers, began supporting specifications based on open standards called Wired for Management (WfM).

Aimed at reducing total cost of ownership, these specifications allowed system administrators to access PCs over a network for monitoring, updating, and configuration using standardized communications software and remote management applications. It required standardization of hardware (including chips, BIOS, memory, power supplies and network cards) in consumer PCs. The WfM specification supports a wide range of PC networking technologies, including Desktop Management Interface, remote launch (also called LAN launch or service boot), and Preboot Execution Environment(PXE).

PXE takes us back to a time when not all computers had internal hard drives. Typically, PXE involves booting the computer from firmware, that is, from read-only memory or from a ROM chip, rather than from magnetic media. Booting from firmware eliminates the hassles associated with using an electromechanical device (physical disk), which increases reliability, eliminates disk read errors, and speeds up the boot process. Additionally, PXE can be used to boot a computer over a network.

Although WfM has been supplanted by newer management standards such as Intel Active Management Technology, network administrators still find the capabilities that PXE supported very useful.

PXE technology is designed for automated remote control of user PCs and workstations. It relies on industry standard Internet protocols, including TCP/IP and Dynamic Host Configuration Protocol (DHCP). Computers that support PXE typically have a network card that remains active and connected to the local network even when the power to the PC itself is turned off. This board scans local network traffic for a special data sequence - a media access control address unique to the PC, repeated six times. When the network card receives this "magic packet", it turns on the PC. For this to happen, LAN support must be enabled in the BIOS of the PC. Running over LAN may not be supported on some very old PCs because it requires an electrical connection between the network board and the system board - a mandatory hardware requirement that cannot be met by updating the BIOS alone. However, most enterprise PCs meet this hardware requirement.

As soon as the local PC is turned on, the network card is activated and configuration is performed. In order to use PXE, an appropriate server infrastructure is required. When the PXE client boots, the following occurs. First, the client obtains an IP address from the DHCP server. Unfortunately, PXE requires some functionality that may not work on all DHCP servers, so most software that supports PXE also includes a DHCP proxy service. This proxy service does not provide IP addresses directly, but allows DHCP to work.

After connecting to the DHCP server, the system locates the PXE boot server, which sends it the necessary files. The DHCP server provides the boot file name, and the PC then downloads it from the Trivial File Transfer Protocol (TFTP) server.

Once PXE is activated (that is, whenever the PC boots), a message appears on the screen prompting the user to choose whether to PXE boot or continue the normal boot sequence from the local hard drive or optical media. PXE offers a list of boot options that can include a variety of support and diagnostic tools that perform tasks such as scanning for viruses, checking the integrity of hard drives, inventorying installed software, updating drivers, or even installing an entirely new operating system on a PC. All this can be done remotely and largely automatically, requiring virtually no manual action.

PXE technology allows the computer to boot from firmware, that is, from read-only memory or ROM chip, rather than from magnetic media. This speeds up the download process, increases its reliability and allows it to be done over the network.

  1. The network card listens to local network traffic for certain data patterns
  2. The network card captures the “magic packet” in the transmitted data and supplies power to the PC through the power connector on the motherboard
  3. PXE client requests an IP address from DHCP or proxy server
  4. DHCP passes the boot file name
  5. PXE requests file from download server
  6. The PXE client downloads the file from the TFTP server. The PXE client boots from the received file

Using the Preboot Execution Environment (PXE), you can place boot files in a folder on another computer on the network, and then boot the PC using those files. It will take some work, but it's easier than booting from disk.

First you need a working computer with Internet access. Install the Windows Automated Installation Kit (WAIK), which can be downloaded for free from http://go.microsoft.com/fwlink/?LinkId=136976. From the Start menu, open the Windows PE Tools Command Prompt and, if you are installing a 32-bit version of Windows 7, type

  • copype.cmd x8b C:\output

or, for the 64-bit (x64) version,

  • copype.cmd amd64 C:\output

and press Enter. The batch file will automatically create the C:\output footer. After copying the files, type the following command to mount the Windows Preinstallation Environment (PE) image:

  • imagex /mountrw C:\output\winpe.wiro 1 C:\output\mount

Next, open Windows Explorer and create a folder inside c:\output, calling it boot Copy all the files from C:\output\mount\Windows\Boot\PXE to the new folder C:\output\boot. After this, detach the Windows PE image:

  • imagex /unmount C:\output\mount

Copy the boot.sdi file from the WAIK installation folder to the C:\output\boot folder. If you are installing a 32-bit version of Windows 7, take boot.sdi from C:\Program Files\Windows AIK\Tools\PETools\x86\boot, and if you are installing a 64-bit (x64) version, then take it from C:\Program Files\Windows AIK\Tools\PETools\amd64\boot.

Return to the command prompt window and copy the winpe.wim file to the boot folder, renaming it boot.wim:

litter C:\output\winpe.wim c:\output\boot\boot.wim

After that, all that remains is to enter a few more commands to create a Boot Configuration Data (BCD) file using bcdedit.exe, the same utility used to create a dual boot. Just download makebcd.bat from http://files.creativelement.com/annoyances/makebcd.bat and run it on your PC. To copy and paste a GUID, right-click anywhere in the Command Prompt window, select Mark, highlight the text in curly braces above the command, then press Enter to copy the text. Right-click again, select Paste to paste the text, and press Enter to continue. If everything is OK, the message The operation completed successfully will appear.

The last step is to install a Trivial File Transfer Protocol (TFTP) server program, such as Tftp32, so that the computer can connect to the work PC to retrieve the download files. Install Tftp32 and run tftpd32.exe. Click Browse, select the C:/output folder and click OK to set the Current Directory. Next, select the DHCP server tab, click Help and fill out the fields following the prompts. In the Boot file field, type boot. sdi. After that, click Save.

After setting up the PXE server, you need to enable PXE network boot in your PC's BIOS setup. You will need the hostname and IP address of the computer acting as the PXE server.

Attention! This article describes actions that can damage your equipment. We do not accept any responsibility for any damage that may occur. Perform them at your own risk. You can purchase a ready-made solution from specialists.

Background

Every personal computer has a memory chip that does not lose its contents when the power is turned off. This chip contains executable codes. basic computer input/output system, BIOS. At all times, the BIOS executable code solved one task: to load the executable operating system code into memory.

Previously, BIOS could only work with disk drives. It loaded the first 512 bytes from the floppy disk with the operating system and then performed service functions; the computer was controlled by the operating system, the header of which, according to the standard, was contained in these 512 bytes.

Then hard drives appeared in computers, and in the BIOS settings there was an additional menu item that determined where the BIOS should load the operating system from: from a floppy disk or from a hard drive.

Further, the ability to download from CDROM, ZIP, and USB memory cards was added. All these devices have one thing in common: the interface for working with them at the hardware level is described by the standard. And if the BIOS code can boot from one CDROM that supports the ATAPI standard, it can boot from any other that also supports this standard.

Boot from network card

Manufacturers of network cards have never bothered to develop a standard protocol for managing the card at the hardware level. They simply released drivers for Windows, and in most cases this was enough for the consumer.

boot from CDROM, the BIOS manufacturer needs to write one driver: ATAPI driver. And all BIOS manufacturers quickly added this driver after the advent of the ATAPI standard. Therefore, any new computer can now boot from a CDROM.

So that the computer can boot from network card, the BIOS manufacturer needs to write many drivers, one for each of the existing network cards. Because there is no single standard that describes network card management at the hardware level, and 3com cards are managed completely differently than Intel cards. No BIOS manufacturer will do this. Therefore, computers usually cannot boot from network cards.

There is only one way out of this situation. Since BIOS chips on motherboards do not contain control code for all existing network cards, there must be some way add control code to it with one single card. The one we inserted into the computer. And this method exists.

Any device on the ISA bus, and later on the PCI bus, can have your own non-volatile memory chip, in which it will be stored executable control code this device. There are standards for the design of this code, which, openly or secretly, are supported the vast majority of BIOS.

The most common example of such a device is the 3C905C-TX-M card from 3com. On board the card there is a 64 kilobyte flash memory in which 3com has written the executable bootloader code. We just need to insert this network card into the computer and specify in the BIOS settings that we want to boot from the network card.

I repeat: our computer’s BIOS does not know how to boot from the 3C905C-TX-M network card. The rules for hardware control of this card will forever remain a mystery to him. But the BIOS of our computer, most likely, can find the control code for an arbitrary ISA or PCI device located in a non-volatile memory chip on this device itself, and transfer control of the computer to this code. This microcircuit is called BootROM, and the executable code that is written in it is usually called firmware.

In practice, two types of firmware are currently used: PXE-compatible and opensource firmware from the Etherboot project. These two types of firmware have different requirements for the design of the boot image of the operating system. Therefore, when loading WTware, for cards with PXE firmware, you must specify the file wtware.pxe, and for cards with Etherboot firmware, the file wtshell.nbi.

PXE

Pre-boot(or Pre-OS) eExecution Environment(preboot runtime) is a specification proposed by Intel. Such and only such firmware are used by manufacturers in the manufacture of network cards and BIOS of motherboards with integrated network cards. Read the documentation for your hardware to see if it supports PXE boot. If your network card or motherboard is already equipped with PXE firmware, then you will not have to do any additional actions. Such network cards and motherboards are ready for use as diskless terminals immediately after purchase.

For some cards (including all models of cards on the rtl8139C,D chip), the firmware can be found on the website of chipset manufacturers. This firmware must be flashed into the BootROM chip yourself. The details of this process are described below.

If the manufacturer has not provided firmware for your network card, then the only solution is to use Etherboot firmware.

Etherboot

The cheapest and most accessible in any radio parts store are one-time programmable microcircuits (ROM, EPROM) series 27C256. 27 means "once programmable", 256 is the memory size in kilobits, i.e. 32 kilobytes. Manufacturers can add additional characters before and after the series. For example, the Atmel microcircuits that we use are called AT27C256R. The chips must be in a DIP package (a parallelepiped approximately 12x36x3 millimeters in size with 28 legs), this is important.

Microcircuits are additionally characterized by the class of operating conditions ("commercial", "industrial", "military" and others). Microcircuits of any class are suitable for use as BootROM.

Another parameter is access time. I dare say that chips with any access time are suitable for use as BootROM. Simply because we have never encountered problems associated with this in practice.

The network card must have a socket for installing the microcircuit. The pads can be 28, 32 or even 34 feet. No pad - no diskless terminal.

Next, you need programmer. This is a special device that can flash microchips. Factory-made programmers cost from $100; those made by radio amateurs can be found on radio markets for a third of this amount. We have never encountered programmers that could not flash 27C256 microcircuits; this is the simplest possible microcircuit. Programmers are connected to the computer via a COM or LPT port. The programmer comes with software and operating instructions.

You can do without a programmer. This option has not yet been fully developed, and sometimes new problems appear.

Next, you need to select the firmware. Everything is exactly the same as described above, only you need to get the “Binary ROM Image”. If you get a file of 16 kilobytes in size, you need to glue the file to the file itself so that the size doubles.

Next, read the instructions about the programmer and flash the chip. We install the chip on the network card. Don't forget that the mark on the chip should be on the same side as the mark on the block. If there are more than 28 holes in the block, all empty holes should remain on the side of the marks on the chip and the block. Install the card into the computer. Turn it on.

Does not work? We proceed according to the list:

1. Find the configurator utility on the floppy disk that came with the network card or on the manufacturer’s website. Usually this utility is launched only from clean DOS. We boot from a bootable DOS floppy disk, launch the configurator, find the option that allows the use of BootROM. We allow it. Let's reboot.

2. Update the motherboard BIOS. We carefully read the description of the BIOS settings and look for what is responsible for booting from the network card. Sometimes you come across mysterious settings, for example, on one of my Fujitsu it was necessary to set the “Boot” option to “Legal”. Let's reboot.

3. Remove the chip from the card, put it back into the programmer and try to read its contents. It should read exactly what you wrote there.

4. Perhaps the computer is pathologically unable to boot from a network card? Find the 3c905c-tx-m card and try to boot from it. If the computer refuses, this computer is in the morgue, you will have to use another one.

5. Still not working? This also happens, especially with exotic cards. Try with a different card. The best card for installing BootROM is any card with an RTL8139C or RTL8139D chip. They always work.

Could it be simpler?

Yes, if there are people from your city on this list. Contact them and they will help you for some compensation.


Today, more and more tasks are being automated, and virtualization is increasingly being used to maximize the efficiency of servers. But you still have to install operating systems. Everyone does it in their own way: some have pockets full of different images for all occasions, others carry a “purse” with discs, or even two, in the old fashioned way. As a rule, administrators do this work with little pleasure. Let's look at how to reduce time for trivial tasks, how to teach computers to install systems on their own, without the participation of an administrator at all, using only a local network.

So, today we will learn: install Windows and Linux over the network, load small ISO images, useful software (all sorts of Kaspersky, Acronis, WinPE, memtests), deploy thin clients and manage them. So that, for example, an accountant working with 1C via RDP doesn’t beat you up because her Windows crashed, and the report needed to be prepared yesterday... Or a stingy boss who doesn’t want to update his computer admired your professionalism when will see how Windows 8 flies on old computers... A server that provides boot over the network (PXE) will help us achieve our insidious goals.

Every system administrator has a universal USB drive in their stash for emergency computer resuscitation. Agree, it would be much better to have the same functionality using just one network card. It should also be noted that it is possible to simultaneously work with several nodes at once. So, based on our needs, we have two solutions: use PXE or LTSP.

LTSP is not very suitable for us: it is designed to load the OS installed on the server itself over the network, which allows the use of LTSP server applications. This is not exactly what we need. PXE is a tool for booting a computer over a network without using local storage media, just like LTSP. PXE allows you to organize a multi-boot boot menu, similar to a universal “USB resuscitator”.


What will we implement?

It all started with the need to have at hand a tool for remote installation of Ubuntu/Debian Server over the network, with the ability to boot a Live CD of a small system, like SliTaz or Kolibri OS.
As they say, appetite comes with eating: we didn’t have time to implement what we planned, and a number of “wants” were added to the plan. As a result, the list turned out to be quite impressive.

  1. Thinstation Linux-based thin clients.
  2. Linux section.
    1. Installing Ubuntu 14.04 x86.
    2. Installing Ubuntu 14.04 x64.
    3. Installing Ubuntu 12.04 x86.
    4. Installing Ubuntu 12.04 x64.
  3. Windows partition.
    1. Installing Windows 2012.
    2. Installing Windows 7.
  4. Acronis.
    1. Windows PE with a package of useful software.
    2. Acronis True Image.
      1. Legacy BIOS.
      2. UEFI.
    3. Acronis Disk Director.
      1. Legacy BIOS.
      2. UEFI.
  5. Kaspersky Rescue v 10.
  6. ERD Commander from 5 to 8 via ISO image.
  7. Memtest.

We put everything together and take off

As the distribution for the server, the choice fell on Ubuntu Server 14.04.2 LTS. You can choose any other OS, the only difference will be in the syntax. So let's get started. We will need TFTP, DHCP (not necessarily installed on the same server; a router can act as a DHCP server), a service for organizing an NFS network file system. We will consider only those settings that interest us within the topic. First of all, let's install everything you need, after making all the updates:

Continuation is available only to members

Option 1. Join the “site” community to read all materials on the site

Membership in the community within the specified period will give you access to ALL Hacker materials, increase your personal cumulative discount and allow you to accumulate a professional Xakep Score rating!

It happens that you need to reinstall the operating system on a netbook or computer without a drive when you don’t have a flash drive at hand to write the installation distribution onto it, so Windows developers offer several methods to install the operating system:

  • , which can be a CD or flash drive;
  • from a local hard drive partition connected to the target computer;
  • via a network using a remote computer, if the BIOS supports booting the computer via a network card.

Today we will look at how to remotely install an operating system via the Internet (3rd method) in detail.

Installing the operating system using an autoinstall package

Installing Windows 7 over a network will require:

  • image with installed Windows;
  • AIK automatic installation package downloaded from the Microsoft website;
  • TFTP and DHCP servers;
  • utility for virtualizing images UltraISO, Daemon Tools.

Windows AIK is a package of tools developed by Microsoft for automatic installation of an operating system, its configuration, loading and deployment over a local network. It can also be used to burn images using ImageX and configure them. This set of tools greatly simplifies the process of installing Windows and its licenses on numerous computers for system administrators and IT specialists.

Let's move on to the preparatory stage.

  • We mount the Windows AIK image downloaded from the Microsoft website into a virtual drive or unpack it using an archiver into a convenient directory in the root of the disk.
  • Run the file “StartCD.exe” if disk autorun is disabled or does not work.

  • We install AIK by clicking “Install Windows AIK”.
  • Then follow the suggested instructions. There are no difficulties or nuances during the installation process.

  • Launch the deployment tools command line with administrator privileges.

  • We write “copype.cmd x86 d:\winpe” for a 32-bit OS or “copype.cmd amd64 d:\winpe” for x
  • After this, the “WinPE” directory will appear.
  • We execute the command:
  • We change the file “mount\windows\system32\startnet.cmd” by entering the following information into it.

To edit, open the document through a text editor.

  • Enter:

in the Start search bar.

  • Create a boot folder in any root directory and share it through the “Properties” of the folder (in the example it is d:\winpe).

  • Enter the following commands in the console to copy files.
  • Let's unmount the image.
  • Open a text editor and enter the code below into it.

  • Save the file under the name createbcd.cmd in the winpe directory.
  • We execute it through the console by entering:

Setting up servers

DHCP supplies the remote PC with information about a free IP, subnet mask and the name of the downloaded file with a TFTP address. The task of the latter is to implement data transfer between the server and the computer on which we install Windows.

  • Download the miniature TFTPD32 utility from the developer’s website.
  • We launch the program with administrator privileges through the context menu of the executable file.
  • In the settings, leave the checkboxes only next to TFTP and DNS servers.
  • On the TFTP server tab, set the path to the directory where the “boot” folder is located.

  • In DHCP, enter the IP address of the remote PC located on your local network.
  • Enter our IP in the DNS Server line.
  • Enter the remaining parameters as in the screenshot.

Set the path to the pxe loader file. This will be pxe boot.n12 or pxe boot.com. Read more about PXE at the end of the article.

  • We go to the “Network Control Center” and configure the local network.

  • We call “Properties” of the active connection if more than one network card is used on the PC.
  • Go to “Properties” of the TCP\IP protocol version 4.
  • Move the switch to the “Use the following IP” position and enter the server address.

  • Enter the DNS server address and close all windows, saving the results.

The server for installing Windows via the Internet is configured.

We switch to the PC on which we will install the operating system by using the local network as an interface for transferring installation files to the target computer.

  • We call the BIOS menu on the computer using the F2, Del or other key obtained from the manual or message on the BIOS boot screen.

  • We visit the basic input/output system point, which is responsible for the equipment built into the motherboard.

  • We activate the option responsible for booting the computer via the network card - move it to the “Enable” position.

  • We return to a higher level and go to the menu responsible for setting the priority of boot devices.
  • As the first priority device, select a network card - LAN or Legasy LAN.

  • Exit the BIOS using the F10 key and confirm the changes.
  • We reboot the computer, after which it will start booting from the local network.
  • After the computer is restarted, the network card obtains an IP address using DHCP.

Below, under the central inscription, the address of the PC from where the installation files are downloaded is displayed.

A command prompt window will then appear.

If configured correctly, the disk with installation files will be automatically mounted and the Windows installation process will begin. If everything is correct, a window appears with a choice of language, regional standards and layout.

What is Preboot eXecution Environment

PXE is a special environment designed to implement a PC boot mechanism using a network adapter, without requiring local information storage (optical disk, flash drive). It uses the PXE Linux boot loader. It was for PXE that we configured the TFTP server.

The executable code of the environment is hardwired into the ROM of the network adapter; it receives the executable file via the TFTP protocol from the network and transfers system control to it.

The pxe boot.n12 bootloader differs from pxe boot.com in that it requires you to press the F12 function key to start, in our case, the installation. Considering that performing this action in our case is not important, we will use pxe boot.n12.

(Visited 19,426 times, 8 visits today)



We recommend reading