pxe-server

ge-aerospace/pxe-server

Fork 0

Commit Graph

Author	SHA1	Message	Date
cproudlock	ce604adcda	Renumber PXE LAN from 10.9.100.0/24 to 172.16.9.0/24 Single-site bay-stuck issue at WJ: GE Intune Report IP script filters Get-NetIPAddress on StartsWith("10.") and posts everything matching to the GE Tines webhook. Bays at WJ get the PXE LAN 10.9.100.x IP captured and reported -> GE backend tags bays as on a non-corp 10.x subnet -> dynamic group eligibility for SFLD policy never matches. Other GE sites work because their PXE LANs aren't on 10.x at all. Renumber PXE LAN to RFC1918 172.16.9.0/24 so the GE filter naturally skips wired PXE addresses without any disable-NIC dance. Server-side already in flight (netplan dual-bound, dnsmasq scope + boot URL repointed, blancco preferences + grub.cfg + iPXE GetPxeScript all sed'd to 172.16.9.1). This commit is the playbook / scripts / docs side: 109 hits across 35 files sed'd in one shot. After this lands + boot.wim is rebuilt + bays renumber off DHCP, the 10.9.100.1 binding will be dropped from netplan as the final cleanup step. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-14 16:30:32 -04:00
cproudlock	320b241942	winpe-status-push: brace var names before colon (parser bug) PowerShell parses $var: as scope-namespaced syntax (e.g. $env:NAME, $global:foo). The line Log "server=$PxeServer:$Port pctype=$PCType" errored at line 26 col 13 - parser interpreted $PxeServer: as a scope prefix and bailed. Fix: use ${PxeServer}:${Port} so the colon is literal. The $uri line below already had the right form. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-13 14:45:37 -04:00
cproudlock	a57ed5fd96	winpe: externalize WinPE-phase status push to scripts/winpe-status-push.ps1 The inline one-liner in startnet.cmd called Get-NetAdapter, which is not available in WinPE's stripped PowerShell (no NetTCPIP module). Errors silently swallowed by the surrounding try/catch - POST never fired, dashboard never showed bays during the WIM-apply phase. Externalize to a standalone .ps1 on the enrollment share: * Uses wmic (always present in WinPE 10+) for both serial AND mac instead of Get-CimInstance / Get-NetAdapter. * Logs every step to X:\Windows\Temp\winpe-status-push.log so a future "POST didn't fire" debug is one file read away. * startnet.cmd now just runs powershell -File Y:\scripts\winpe-status- push.ps1. Future edits to the push logic do NOT require a boot.wim rebuild; just edit the .ps1 on the share. Mirror the existing pattern for run-enrollment.ps1 / wait-for-internet.ps1 / migrate-to-wifi.ps1 (all already at /srv/samba/enrollment/scripts/). Add the new file to the playbook's enrollment-scripts copy loop. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-13 14:05:50 -04:00

Author

SHA1

Message

Date

cproudlock

ce604adcda

Renumber PXE LAN from 10.9.100.0/24 to 172.16.9.0/24

Single-site bay-stuck issue at WJ: GE Intune Report IP script filters
Get-NetIPAddress on StartsWith("10.") and posts everything matching
to the GE Tines webhook. Bays at WJ get the PXE LAN 10.9.100.x IP
captured and reported -> GE backend tags bays as on a non-corp 10.x
subnet -> dynamic group eligibility for SFLD policy never matches.
Other GE sites work because their PXE LANs aren't on 10.x at all.

Renumber PXE LAN to RFC1918 172.16.9.0/24 so the GE filter naturally
skips wired PXE addresses without any disable-NIC dance.

Server-side already in flight (netplan dual-bound, dnsmasq scope +
boot URL repointed, blancco preferences + grub.cfg + iPXE GetPxeScript
all sed'd to 172.16.9.1). This commit is the playbook / scripts /
docs side: 109 hits across 35 files sed'd in one shot.

After this lands + boot.wim is rebuilt + bays renumber off DHCP,
the 10.9.100.1 binding will be dropped from netplan as the final
cleanup step.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-14 16:30:32 -04:00

cproudlock

320b241942

winpe-status-push: brace var names before colon (parser bug)

PowerShell parses $var: as scope-namespaced syntax (e.g. $env:NAME,
$global:foo). The line

    Log "server=$PxeServer:$Port  pctype=$PCType"

errored at line 26 col 13 - parser interpreted $PxeServer: as a scope
prefix and bailed. Fix: use ${PxeServer}:${Port} so the colon is
literal. The $uri line below already had the right form.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-13 14:45:37 -04:00

cproudlock

a57ed5fd96

winpe: externalize WinPE-phase status push to scripts/winpe-status-push.ps1

The inline one-liner in startnet.cmd called Get-NetAdapter, which is
not available in WinPE's stripped PowerShell (no NetTCPIP module).
Errors silently swallowed by the surrounding try/catch - POST never
fired, dashboard never showed bays during the WIM-apply phase.

Externalize to a standalone .ps1 on the enrollment share:

  * Uses wmic (always present in WinPE 10+) for both serial AND mac
    instead of Get-CimInstance / Get-NetAdapter.
  * Logs every step to X:\Windows\Temp\winpe-status-push.log so a
    future "POST didn't fire" debug is one file read away.
  * startnet.cmd now just runs powershell -File Y:\scripts\winpe-status-
    push.ps1. Future edits to the push logic do NOT require a boot.wim
    rebuild; just edit the .ps1 on the share.

Mirror the existing pattern for run-enrollment.ps1 / wait-for-internet.ps1
/ migrate-to-wifi.ps1 (all already at /srv/samba/enrollment/scripts/).
Add the new file to the playbook's enrollment-scripts copy loop.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-13 14:05:50 -04:00

3 Commits