ConfigMgr 2007, PXE Service Point and DHCP Options

As I’m getting some questions lately about the DHCP Options in combination with PXE Service Points (PSP), I decided to devote this post to those possibilities. When talking about a PSP and DHCP Options, there are three often used options:

  • 060 = client Identifier (PXEClient)
  • 066 = boot server host name
  • 067 = boot file name

Now lets start with saying: “It shouldn’t be necessary to make manual additions to the DHCP Options on the DHCP Server”. Now I can already hear the questions pop-up, what about a combined server of DHCP and WDS/PSP, what about crossing over subnets and vlans, etc., etc.. These are all good and justified questions, but not necessary.

DHCP Option 060

In case there is a combined server of DHCP and WDS/PSP, then there is the need for a DHCP Option 060 (client identifier), but as I stated “no manual additions”. This all gets done by the installation of the PSP. Just follow these steps and no manual addition is needed:

  1. Install WDS and do not configure it.
  2. (Optional) Restart the server.
  3. Install PXE Service Point (takes care of creating DHCP Option 060).
  4. Change the REGVALUE UseDHCPPorts to 0. This value can be found in: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WDSServer\Providers\WDSPXE
  5. Run the command: WDSUTIL /Set-Server /UseDHCPPorts:No /DHCPOption60:Yes
  6. (Optional) Restart the server.

DHCP Option 066 and 067

In case there is traffic crossing over subnets and vlans then then there is the need for a DHCP Option 066 (boot server host name) and 067 (boot file name). Okay, I do admit that it’s easy to configure DHCP Options in this case, but also not necessary… Its mentioned multiple times, even by Microsoft (http://support.microsoft.com/kb/926172), that DHCP Options are not as reliable as IP Helpers. So i would always advise to use IP Helpers instead of DHCP Options.

Now to conclude my story I would like to say that: “It shouldn’t be necessary to make manual additions to the DHCP Options on the DHCP Server”.

More information about Planning for PXE Initiated Operating System Deployment: http://technet.microsoft.com/en-us/library/bb680753.aspx

After upgrading to ConfigMgr 2007 R2 SP2 (RC) all OS Deployment Task Sequences are failing

After the upgrade of my test lab (which is running in Native Mode) to ConfigMgr 2007 R2 SP2 (RC) all my Task Sequences suddenly fail with the error: An error occurred while retrieving policy for this computer (0x80004005).

Taking a look at my SMSTS.LOG it showed me the error: No cert available for policy decoding.

This made me wonder what happened to my PXE Certificate that I applied to my PXE Service Point. So I took a look at my certificates (System Center Configuration Manager > Site Database > Site Management > <MySiteName> > Site Settings > Certificates > PXE). Here I noticed that my PXE Certificate was just suddenly missing…

So after re-adding my PXE Certificate to my PXE Service Point it all worked fine again. To add a PXE Certificate to the PXE Service Point follow the next steps:

  1. Open the Configuration Manager console and browse to System Center Configuration Manager > Site Database > Site Management > <YourSiteName> > Site Settings > Site Systems.
  2. Select the PXE Service Point and click in the Actions pane Properties to open the ConfigMgr PXE Service Point Properties.
  3. Select the Database tab and select Import Certificate.
  4. Browse to the needed certificate, fill in the Password and click Ok.