Unable to load OS through PXE-SCCM

Posted on 2016-11-15
Last Modified: 2016-11-21
We are very, very new to SCCM which was just installed (version 5.00.8239.1000) on a Windows Server 2012 R2 fully patched machine.  Following a document, we're trying to get Windows 7 loaded onto a VMware newly defined VM but it's not working (please see attached).

Don't know if this is the issue but in the SMSPXE.log file, I see a message that states: no advertisements found.

From what little I know, the boot image, client update package and install task sequence have all been deployed to the Distribution Point and PXE enabled on it including unknown computers.  I suspect the problem lies in the server not seeing the PC in the collection but I imported that into a new bare metal collection.  

Any help would be greatly appreciated!!!!  (I've been through this document and searching the web for days.)
Question by:ejefferson213
  • 8
  • 3
  • 3
  • +1
LVL 26

Expert Comment

by:Dan McFadden
ID: 41889258
First, the attachment is missing.

Usually to do a OS Deployment with SCCM, you need to tell SCCM that a client exists.  That is done by "importing" a computer and entering the NIC's MAC address.  When the client computer does a PXE boot, it broadcasts for a DHCP server and hopefully gets an IP, then it looks in the options configured by the DHCP scope for a PXE boot location and tried to contact that device.  If the PXE Boot device is aware of the MAC address asking to do a deployment, it runs the PXE boot loader to start the Windows install.

Reference link:

LVL 36

Expert Comment

ID: 41891203
is the VM and the SCCM server on the same L2 LAN ?

if they are are not have you set a helper on your L3 router ?

Author Comment

ID: 41891481
Thanks for your assistance!!  

ArneLovius - yes, both are on the same LAN.

Dan - As you say, I imported the computer definition twice, once by MAC address the other by BIOS GUID (only after the MAC address import didn't seem to do any good).  I'll check out the document you referenced to see what it might add.  

Thanks to you both again, greatly appreciated!!!

Author Comment

ID: 41891540
I followed the article although our release is 2012.  I imported the information from a file containing both the MAC address and BIOS GUID.  The import function asked what collection the device should be placed in and I designated one that I had created to hold all bare metal computers.  The import says it was successful but it doesn't display in the collection.  What's up with that?

Author Comment

ID: 41891542
Here's the missing attachment.  Sorry!
LVL 26

Expert Comment

by:Dan McFadden
ID: 41891568
SCCM takes a few minutes for the collections to update.  Usually I wait 15-20 minutes after the import, before I start the OS Deployment via PXE.

If you want, you can sit & refresh the collection in SCCM until the new device shows up, then you can do a PXE boot.


Author Comment

ID: 41891691
Darn, I've refreshed it and waited over 30 minutes and still no sign of it in my newly created/designated container.  The device got imported into All Devices; I see it there.  Don't know why it didn't go into the container I designated.  I think if I deployed my install task against All Systems, it would probably start the PXE boot. However, the document I read was emphatic about creating a special container for bare metal PCs so that they alone would get and OS install initiated against them.   And that seems to make good sense.  

The collection/container I created (called Bare Metal Container) has a limiting rule which is presently set to All Unknown Computers.  Do I need to remove the PC from All Devices?  I just tried doing an Add Resources to my Bare Metal Container.  It allowed me to select the new PC I imported and then I clicked on Add.  The window disappeared but the container still doesn't contain my newly imported PC.  Something seems to be blocking additions to my new container.
Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

LVL 26

Assisted Solution

by:Dan McFadden
Dan McFadden earned 150 total points
ID: 41891708
Yes, it is a bad idea to throw a task sequence against the All Device group.

As a test, I would remove the limiting rule on the membership of your Bare Metal Container.

I do not use a limiting rule on my OSD groups.  I have various groups named based on the OS Deployment Task Sequence they have configured to them.  I use a naming convention like:

- OSD-Window7
- OSD-Window10
- OSD-Server2012
- OSD-Server2012R2
- OSD-Server2016
* "OSD" = OS Deployment

This way I can have a task sequence for each of the OS Images.  There are other ways of doing this, but its just about your preference.


Author Comment

ID: 41891804
First of all, thanks for your help!!

As a test, I created a new collection whose limiting membership and regular membership were both set to All Systems, vola, PXE boot started.  So the problem I'm having is definitely due to a membership issue.  I'm convinced if I could just get my PC to be recognized and loaded into the proper collection, I'd be home free.  I even went as far as creating a direct rule under Memberships (for the collection) and that didn't help.  I'll play some more with this and if you have any more idea, I'm all ears.  

Thanks again, you've been a big help!!
LVL 16

Expert Comment

by:Mike T
ID: 41892739

First, and this is *really, really important* if you are an SCCM (CM) beginner. Never use "All Systems". Ever. (Well one or two fixed collections only).
If this a lab, fine, but if you are doing this on a live system then please STOP! You don't want to deploy Windows 10 to all your servers, including the Site Server. That is *exactly* what "All Systems" targets.

OK - what to do

1) Create OS collections that target every OS you have in the business. Set WMI filters for W7, W2012 etc.
2) These, and ONLY these need to use All Systems.
3) Create any new collection using ONE of those as the Limiting Collection. e.g. if you want floor 2 machines to get AutoCAD create a collection and set it to use "Windows 7 Clients" as the Limiting collection.

Now for OSD, doing Bare Metal.

What you've done so far with PXE was actually fine. It was working fine. The bit that was missing was any deployment targeted at your VM.
So, create a new collection and set the limiting to "All unknown Computer". This is a built-in read-only collection.
Deploy your OSD task-sequence to that, and that's it. Update the collection, wait, hit fresh, wait and then you will see 2 machines: unknown 32-bit and 64-bit.
You also need to tick "Enable unknown computer support" on the PXE tab of the DP.

Now any machine that is NOT already in the database will PXE boot, and then get a deployment. Again, for new CM admins, beware. You don't want anyone just to hit F12 and get a fresh copy of Windows by clicking your task-sequence. Set a password on the PXE tab.
If it's the lab, fine.

If the machine *is* known to CM, just delete the object. Wait. Then try again.
If you want to rebuild the same machine, you need the VM's MAC address which you can get by booting and then pause on the PXE screen - just press (Pause/Break). Give the machine a name and then add it to a collection as a direct member (with no limiting collection). I find that easier when building the one or two test machines over and over. That way I know there will be no accidents. I only have those machines and nothing else getting formatted...

Hope that's clear. There's lots to learn.


Author Comment

ID: 41893275
Mike T - thanks for that great explanation.  But where I get hung up on is when creating the new collection, filling in the Membership rules.  The choices for the Rules are: Direct Rule, Query Rule, Include Collections, Exclude Collections.  I'm dealing with PCs that won't be known (thus unknown), but since I'm using Active Directory for discovery, they won't be there either.  So what do I do since a membership rule is required?  I thought that I should import the new computers by MAC address into a collection and refer to it. ?????

Author Comment

ID: 41893321
Mike T - BTW, (if I read you right), you talk about creating a collection without a limiting collection.  From what I see, there's no way to do that; it's a required field.  ????  ('m using SCCM 2012 R2)
LVL 16

Accepted Solution

Mike T earned 350 total points
ID: 41893803

Don't worry - the version does not change anything. Collections have been pretty much the same since CM2007.

OK - I'll take these one by one:
Direct Rule - there are no rules or filters, just actual machine names
Query Rule - this is the complex one where you use Windows Query Language (WQL) which is similar to SQL to write custom filters. Something like Select * where win32_ComputerSystem Like "Dell Optiplex 7020"
that's a rough example. Google can show you better ones. This is also an MVP who has written a whole list of standard ones you can download and import to create lots for you.

 Include Collections, Exclude Collections: These are my favourites (I know!) This is where you can have a Query rule for say "All Windows 7 x32 machines" and have another that filters "machines with disk smaller than 30GB" and combine them easily. Just ADD the "30GB disk" as an exclude. It's brilliant to have "all DCs" "All Servers" and then you just Add Exclude "All DCs" to all future server collections and be sure you will never accidentally mess up your domain!

For unknown machines, MS have made it easy. They provide two machine objects "x86 unknown" and "x64 unknown", also there's a read-only collection that has both in.

When you get a new PC out of the box, it is unknown. This is the point you build it from PXE.
Once it joins the domain it becomes known to AD, CM will indeed discover it, and the object will add to the database. The solution is simple. Delete the machine from AD, then delete it from CM. Now it's unknown again.

If you want to build a VM that's not in AD, then use a collection with Limiting = Unknown Computers.
If you don't want to keep deleting the machine, create a collection, set the Limiting collection to All Systems (you can't avoid it here because it has no OS, or a client) and ONLY ever set Direct membership. This does require the machine is in CM.

The whole thing of importing MAC addresses is a special case. You ONLY need that if you want to do what they call "pre-staging". This is when you get a list of machines, they are not in AD, but your boss wants them built and you *can't* use Unknown Computers because security refuse to let you!!
In this case you would get a CSV from someone nice, who has created a file with MAC address, Computername for all machines.
Click Devices (root), Import from file and all the machines will then appear in the console under Devices.

The key thing is you cannot deploy anything to a machine until it appears in the console (and is known to the database below).

Please ignore my statement "not setting a limiting collection". (I meant it is just ignored effectively when you use Direct members). You always need to set a Limiting collection, so I always set it to anything but All Systems.

I hope that's cleared up the confusion.

Author Closing Comment

ID: 41896112
Thank you both so much for clearing this up.  Really appreciate your time and effort!!!!
LVL 16

Expert Comment

by:Mike T
ID: 41896228
You're welcome. Enjoy the journey :).

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Every now and then, Microsoft does something that totally impresses me. It doesn't happen often, but in this case I must say I am thoroughly impressed with Windows Server Backup. One of the long time issues with Windows Backup has been the ability t…
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now