Using DHCP to Boot WDS to BIOS & UEFI with SCCM

One of the challenges that an IT deployment administrator may face in the field is the ability to boot both BIOS and UEFI machines from the same WDS environment. This is exactly the issue I faced when our organization decided to purchase a number of new Surface devices. These were the first set of devices that were configured to natively boot to UEFI. This leaves you to decide from an organization standpoint whether you wish to boot all your devices using UEFI or the legacy BIOS…or does it.
 
I am a strong believer that finding a workaround to a problem is not a fix to the problem. To that end modern devices such as the surface are meant to be booted using the native UEFI boot. However, many organizations may also still have legacy BIOS devices that do not support UEFI boot or just work better booting from BIOS. Whatever the reasoning behind this it is actually quite easy to setup DHCP to provide the BIOS or UEFI boot file depending on what is used.

The solution!
By using DHCP policies and custom vendor classes for the following DHCP Options:
 
Option 60
Option 66
Option 67
 
The below assumes that you have SCCM configured with a PXE enabled distribution point and a valid and configured DHCP server. You should therefore be at a configured state where you are able to PXE boot BIOS based devices.
 
Create Custom Vendor Classes for Use with your DHCP Policy
 
Think Custom Vendor Classes as Detection Method’s used to determine how devices are requesting a boot image from the DHCP server.
 

• Open the DHCP Console and expand the IPv4 Node
• Right-Click on ‘IPv4 Node’ and select ‘Define Vendor Classes’
• Click ‘Add’
• Create the UEFI 64-Bit Vendor class first by entering the following information
• Enter the following information for the respective fields:
  
  • DisplayName: PXEClient (UEFI x64)
  • Description: PXEClient:Arch:00007
  • ASCII: PXEClient:Arch:00007
• Click ‘OK’
• Click ‘Add’
  
  • DisplayName: PXEClient (UEFI x86)
  • Description: PXEClient:Arch:00006
  • ASCII: PXEClient:Arch:00006
• Click ‘OK’
• Click ‘Add’
  
  • DisplayName: PXEClient (BIOS x86 & x64)
  • Description: PXEClient:Arch:00000
  • ASCII: PXEClient:Arch:00000
• Click ‘OK’

 
Creating Custom DHCP Policies
 
UEFI 64-Bit DHCP Policy
 

• Right-Click ‘Policies’ and click ‘New Policy’
• Give the policy a friendly name that coincides with the your vendor class naming scheme:
  
  • PolicyName: PXEClient (UEFI x64)
  • Description: Delivers the correct bootfile for (UEFI x64)
• Click ‘Next’
• On the ‘Configure Conditions for the policy’ page click ‘add’
• Select the ‘Value’ drop-down box and select the PXEClient (UEFI x64) vendor class that you created in previous steps
• Ensure that you check the box ‘Append wildcard(*)’
• Select ‘Add’
• Select ‘Ok’
• Click ‘Next’
• If you want the policy to affect only a specific range within your scope configure it, otherwise select no and click ‘next’
• On the Configure settings for the policy page ensure that ‘DHCP Standard Options’ is selected from the drop down box
• Configure the following scope options:
  
  • 060: PXEClient
  • 066: IP Address of the SCCM or WDS Service
  • 067: smsboot\x64\wdsmgfw.efi
• Cick ‘Next’
• On the Summary page click ‘Finish’

 
BIOS 32-Bit & 64-Bit DHCP Policy
 

• Right-Click ‘Policies’ and click ‘New Policy’
• Give the policy a friendly name that coincides with the your vendor class naming scheme:
  
  • PolicyName: PXEClient (BIOS x86 & x64)
  • Description: Delivers the correct bootfile for BIOS machines
• Click ‘Next’
• On the ‘Configure Conditions for the policy’ page click ‘add’
• Select the ‘Value’ drop-down box and select the PXEClient (BIOS x86 & x64) vendor class that you created in previous steps
• Ensure that you check the box ‘Append wildcard(*)’
• Select ‘Add’
• Select ‘Ok’
• Click ‘Next’
• If you want the policy to affect only a specific range within your scope configure it, otherwise select no and click ‘next’
• On the Configure settings for the policy page ensure that ‘DHCP Standard Options’ is selected from the drop down box
• Configure the following scope options:
  
  • 060: PXEClient
  • 066: IP Address of the SCCM or WDS Service
  • 067: smsboot\x64\wdsnbp.com
• Cick ‘Next’
• On the Summary page click ‘Finish’

 
UEFI 32-Bit DHCP Policy

• Right-Click ‘Policies’ and click ‘New Policy’
• Give the policy a friendly name that coincides with the your vendor class naming scheme:
  
  • PolicyName: PXEClient (UEFI x86)
  • Description: Delivers the correct bootfile for (UEFI x86) machines
• Click ‘Next’
• On the ‘Configure Conditions for the policy’ page click ‘add’
• Select the ‘Value’ drop-down box and select the PXEClient (UEFI x86) vendor class that you created in previous steps
• Ensure that you check the box ‘Append wildcard(*)’
• Select ‘Add’
• Select ‘Ok’
• Click ‘Next’
• If you want the policy to affect only a specific range within your scope configure it, otherwise select no and click ‘next’
• On the Configure settings for the policy page ensure that ‘DHCP Standard Options’ is selected from the drop down box
• Configure the following scope options:
  
  • 060: PXEClient
  • 066: IP Address of the SCCM or WDS Service
  • 067: smsboot\x86\wdsmgfw.efi
• Cick ‘Next’
• On the Summary page click ‘Finish’

 
Remove Default PXE Options
 

• Ensure that you have removed the 067, 066, 060 options from the default scope options to ensure that the Policies take precedence otherwise you will end up with conflict

 
As long as you have configured everything correctly you should now have the ability to boot machines from  BIOS or UEFI. Hopefully this helps alleviate some of the stress surrounding your PXE deployments. This has worked great on all of our distribution points since implementation and has allowed our deployments to be much more flexible.