1.4 Preboot Services Functionality

Review the following sections to understand Preboot Services functionality:

1.4.1 Preboot Bundles

ZENworks 11 SP3 uses Preboot bundles to apply Preboot Services work to devices. For example, Preboot bundles can contain tasks, such as restoring an image, that are performed at the time a device boots.

In order for a device to utilize a Preboot bundle, the bundle must be assigned to the device, its group, or its folder.

NOTE:.zmg files are not replicated to any of the Primary or Secondary or Satellite Servers.

The available Preboot bundles are:

  • Empty Bundle

  • AutoYast Bundle

  • DellDTK Configuration

  • Imaging Script Bundle

  • Third-Party Script Bundle

  • Kickstart Bundle

  • Multicast Image Set Bundle

  • Third-Party Image Bundle

  • ZENworks Image Bundle

Empty Bundle

This bundle contains no initial tasks. You can quickly create this bundle without performing all of tasks in the Create New Bundle Wizard. Later, you can edit its details to add assignments, actions, and so forth. For example, you could create an empty bundle, then in the bundle’s properties add the Linked Application Bundle action as its only action.

AutoYaST Bundle

This bundle contains the location and access protocol of an AutoYaST configuration file and network installation directory for SUSE Linux. This bundle allows you to launch an automated installation of SUSE Linux using Preboot Services.

For more information, see Section 3.5, Configuring the AutoYaST Bundle.

DellDTK Configuration

This bundle contains the location of files and scripts for configuring Dell servers. This bundle allows you to use Preboot Services to configure the BIOS, BMC, RAID, and DRAC for settings and to create a new Dell Utility partition. You can also identify another Preboot bundle to be run immediately after these configurations have completed.

For more information, see Section 3.7.2, Configuring the DellDTK Configuration Bundle.

Imaging Script Bundle

Allows you to write a custom Linux script that is executed on PXE-enabled devices. This provides detailed control over ZENworks imaging operations, as well as most Linux-based preboot tasks.

For more information, see Section 3.4, Configuring Imaging Script Bundles for ZENworks Imaging.

Third-Party Script Bundle

Allows you to write custom third-party scripts that are executed in the WinPE distro on PXE enabled devices.

For more information, see Configuring Third-Party Script Bundles in Section C.0, Third-Party Imaging.

Kickstart Bundle

This bundle contains the location and access protocol of a KickStart configuration file for Red Hat Linux. This bundle allows you to launch an automated installation of Red Hat Linux using Preboot Services.

For more information, see Section 3.6, Configuring the Kickstart Bundle.

Multicast Image Set Bundle

Specifies an image that can be sent using the multicast protocol. This bundle allows you to send an existing image to a large number of devices in a single operation. It is ideal for labs, classrooms, and staging areas.

For more information, see Section 1.6.6, Multicasting Device Images and Section 3.3, Multicasting Images for ZENworks Imaging.

Benefits

You can image multiple devices with the least amount of overhead. Devices to be imaged can have a variety of operating systems installed on them, or even no operating system installed.

Using the multicast capabilities of your network, you minimize network traffic by sending the image file across the network once for all devices to be imaged, rather than individually per device.

Limitations

Using the same image on multiple devices means they all have the same network identities. However, you can install the ZENworks Configuration Management Imaging Agent (novell-ziswin) on these devices prior to performing the multicast, because this agent saves each device’s network identity settings and restores them after the multicast image is applied.

Third-Party Image Bundle

Allows you to specify the third-party images to be restored on a device. ZENworks supports:.

  • Microsoft ImageX that uses the WIM image file format and WinPE as the distro.

    Microsoft ImageX that uses the WIM image file format and WinPE as the distro. The distro is available as WAIK (Windows Automated Installation Kit) that can be downloaded from Microsoft Download Center Web site or through Microsoft’s Business Desktop Deployment (BDD).

  • Symantec Ghost that uses the GHO image file format and WinPE as the distro

The ZENworks Third-Party Imaging supports only PXE as the boot mechanism.

For more information, see Section 3.1.1, Using ZENworks Control Center for Imaging.

ZENworks Image Bundle

Lists one or more ZENworks images that can be restored on a computer. This bundle allows you to quickly define simple image restoration operations.

For more information, see Section 3.1.1, Using ZENworks Control Center for Imaging.

Scope

You can restore the image of hard disks, specific add-on images, and file sets of a device.

Boot Manager Limitation

If the device you want to image has an unsupported boot manager running, such as System Commander, you must disable or remove it before attempting to image those devices. This is because boot managers create their own information in the MBR and overwrite the ZENworks boot system, preventing ZENworks imaging from being performed.

Base Images

A base image contains descriptions of all partitions and files on a hard drive. When it is restored, all existing partitions are deleted, new partitions are created from the descriptions in the base image, and all files are restored from the image.

Base images are created by taking an image of a device. You can use an option in ZENworks Control Center or you can use imaging commands at the imaging maintenance mode prompt to create a base image.

In ZENworks 11 SP3, image files are automatically saved to the following location, which cannot be changed:

Windows: %ZENWORKS_HOME\work\content-repo\images

where %ZENWORKS_HOME% is the complete path of the ZENworks installation directory.

Linux: /var/opt/novell/zenworks/content-repo/images

If you need more disk space for large imaging files than is available in your current content repository location, you can change this location to a different partition. For more information, see Content Repository in the ZENworks 11 SP3 Primary Server and Satellite Reference.

Add-On Images

These images are a collection of files added non-destructively to existing partitions. The existing partitions and files are left intact, except for any files that the add-on image might update.

Add-on images allow you to customize a device after a base image is restored. This allows you to use a base image for multiple purposes.

You can create add-on images by using the Image Explorer utility.

1.4.2 Novell Preboot Services Menu

Where PXE is enabled on a device, the Novell Preboot Services Menu can be displayed during the boot process. The following menu choices are displayed on the menu:

  • Start ZENworks Imaging: Executes the effective Preboot Services preboot bundle.

  • WinPE Maintenance Mode: Loads WinPE and starts the ZENworks Third-Party Imaging utility. You can use the utility to perform the third-party imaging operations.

  • Start ZENworks Imaging Maintenance: Displays the imaging maintenance mode prompt, where you can execute imaging commands.

  • Disable ZENworks Partition: Prevents an existing ZENworks partition from being used during booting to execute the assigned Preboot bundles.

  • Enable ZENworks Partition: Allows an existing ZENworks partition to be used during booting to execute the effective Preboot bundle.

  • Exit: Resumes normal booting of the device.

  • Start DELL DTK: Starts the Dell OpenManage Deployment Toolkit (DTK) v2.1 in the automated mode where assigned work is automatically performed.

  • Start DELL DTK (Maintenance Mode): Starts the DTK in the maintenance mode, where you can use the DTK bash prompt to configure the scripts and files used by the Dell Configuration bundle.

You can use ZENworks Control Center to configure whether this menu should be displayed on a PXE-enabled device by selecting one of the following options:

  • Always Show Imaging Menu

  • Never Show Imaging Menu

  • Show Imaging Menu if CTRL+ALT Is Pressed

NOTE:On a device that has UEFI firmware and an USB keyboard attached to the device, you cannot use the CTRL+ALT function key to launch the PXE menu. You will get a pop-up prompting you to press <Enter> key and launch the PXE menu with a time-out of three seconds. This option is also applicable to 64-bit devices.

For the procedures in configuring the menu’s display, see Section 2.5.1, Configuring Novell Preboot Services Menu Options.

1.4.3 Non-Registered Device Settings

Devices that are new to the Management Zone and have received their first image need certain IP configuration information to successfully access the network and network services. You can use Preboot Services to automatically name your non-registered devices, using such criteria as prefixes, BIOS information (like asset tags or serial numbers), DNS suffixes, and you can set up DHCP or IP addresses.

For example, the device needs a unique IP address and the address of at least one DNS name server. In many networks, this information is distributed through the DHCP services, but it can also be configured through the default Preboot Services configuration settings in ZENworks Control Center.

After a device has registered with ZENworks, its configuration is set and the non-registered device settings in the Management Zone no longer apply to it, because the ZENworks server now knows its identity. Whether it becomes a member of the zone or continues to be a non-registered device depends on whether the image applied to the device contains the ZENworks Configuration Management Imaging Agent, novell-ziswin for Windows devices and novell-zislnx for Linux devices.

The settings that can be adjusted for a Management Zone are:

  • DNS suffix: Provides a suffix for all of your devices’ names. For example, provo.novell.com.

  • Workgroup: The Windows workgroup that you want the device to be a member of.

  • Name Servers: Controls which DNS servers a device uses. You can specify multiple DNS name servers.

  • Device Name: Configured device names can include a prefix, the BIOS asset tag, the BIOS serial number, or none of these.

  • IP configuration: For the IP configuration, you can specify to use DHCP or a specific IP address. If you select to use IP addresses, you can provide a range of addresses in a list, or you can specify certain IP addresses. As devices are registered, they assume one of the available addresses. For IP addresses, you can also specify a subnet mask and a default gateway.

NOTE:

  • When a device is not registered to a Management Zone, hardware rules for the device does not apply.

  • When a device is registered to a Management Zone, the Imaging tasks configured for the device are applicable.

  • When a device is registered to a different Management Zone, neither the hardware rules for the device nor the Imaging tasks are applicable.

For the procedures in configuring defaults for non-registered devices, see Section 2.5.2, Configuring Non-Registered Device Settings.

1.4.4 Device Imaging Work Assignment

You can determine what imaging work is to be performed on a device when it boots, based on a set of hardware rules. This configuration section lets you specify a particular bundle for each set of hardware rules. The Custom Hardware Types section allows you to provide specific data for a Hardware Type hardware rule option.

Rules and custom types configured here are applied globally to all non-managed devices. You can also apply them to managed devices in the Management Zone by assigning those devices to the bundle that is selected for the rule. Only those devices that exactly match the rule and its custom types have the assigned bundle applied to them when they boot.

For the procedures in configuring work assignment rules, see Section 2.5.3, Configuring Device Imaging Work Assignments.

Hardware Rules

You can set up hardware-based rules for your Preboot bundles. Work assignment rules are used to apply bundles to devices with specific hardware, or to match a broad set of hardware requirements.

For example, you can create a rule that applies a bundle to any device with a specific MAC address or BIOS serial number. Rules like this can only match to a single device. On the other hand, you can create a rule that applies to any device with at least 512 MB of RAM and 150 GB of hard drive space.

A work rule is comprised of filters that are used to determine whether a device complies with the rule. The rules use logic to determine whether a device meets the requirements for applying the Preboot bundle. The AND and OR logical operators are used for creating complex filters for the rule.

When a device is seeking work to be done, it scans the rules until it finds a rule where all of the rule’s filters match the device, then executes the bundle assigned to the rule.

Filter information that you can provide:

  • Device component: Any of the following:

    • BIOS Asset Tag
    • BIOS Serial Number
    • BIOS Version
    • CPU Chipset
    • Hard Drive Controller
    • Hard Drive Size
    • Hardware Type
    • IP Address
    • MAC Address
    • Network Adapter
    • Product Name
    • RAM
    • Sound Card
    • System Manufacturer
    • Video Adapter
  • Relationship: This defines the relationship for a filter between the Device component field and the value you specify for it.

    Possibilities for the Hard drive size and RAM fields:

    • < (less than)
    • > (greater than)
    • = (equal to)
    • >= (greater than or equal to)
    • <= (less than or equal to)
    • <> (not equal to)

    Possibilities for all other device components:

    • Contains
    • Equal To
    • Starts With
    • Ends With
  • Component Value: This corresponds to the match you want for the component. For example, you select RAM (in MB) for the filter and enter 512 for its value. Then, the relationship you select determines whether it’s less than, less than or equal to, equal to, not equal to, greater than or equal to, or just greater than 512 MB.

You can have multiple filters and sets of filters in a single rule, using the AND and OR operators, and you can have multiple rules associated with the same Preboot bundle. This allows you to specify exactly which can receive a particular Preboot bundle.

Custom Hardware Types

Custom hardware types enable you to include any devices matching your custom type to have the bundle assigned to the hardware rule applied to them when the devices boot. For example, you can create a rule that applies the bundle to any device that is a laptop by entering the applicable string as a custom hardware type, selecting Hardware Type in the Rule Construction dialog box, then selecting your custom type.

The Hardware Type option does not display in the Rule Construction dialog box until at least one custom type has been configured.

Allowing Overwrites

Select the Allow Preboot Services to Overwrite Existing Files when Uploading check box if you want existing .zmg files to be overwritten by a newer version when the image is taken.

1.4.5 Server Referral List

When a PXE device boots, it makes a broadcast request on the network for PXE services. The ZENworks Proxy DHCP server (novell-proxydhcp) responds to this request with information that includes the IP address of an Imaging Server where the device can send requests for assigned imaging work.

Because PXE devices can exist in an environment with both newer and older ZENworks systems running concurrently, the device can fail to determine its assigned imaging work if it cannot find the Imaging Server for its own ZENworks version.

In ZENworks 11 SP3, devices can exist in multiple Management Zones. It is essential that the PXE device contact PXE services assigned to its home zone so that it can correctly determine if there is any imaging work assigned to it. When there is only a single Management Zone, this is easy to do because all Proxy DHCP servers provide addresses to services that belong to the same zone. Any device can request imaging work from any Imaging Server in the same zone and get the same response.

The PXE device’s initial request for PXE services is sent as a broadcast to the network, and all Proxy DHCP servers respond with information pertaining to their respective zones (in ZENworks Configuration Management and ZENworks Linux Management) or Proxy DHCP servers in their trees (in traditional ZENworks versions using Windows or NetWare Imaging Servers). Because it is impossible to determine which Proxy DHCP server responds first (if multiple Proxy DHCP servers respond), or which server’s response is used by the device, it is impossible to ensure that each PXE device will contact servers in its home zone or tree.

For a ZENworks environment that has PXE services, the Server Referral List configuration section provides a method for getting PXE devices to connect with their proper Imaging Servers. Server referral lists are only used by PXE devices, and in ZENworks Configuration Management only one Management Zone needs to have an active Proxy DHCP server and server referral list. Because you can only have one referral list active in a network segment, if you have ZENworks Linux Management running with a referral list configured, you’ll need to disable the Proxy DHCP service for Linux Management. This allows the Configuration Management referral list to be used by all PXE devices.

A server referral list allows you to ensure that all devices contact their home zone or tree for device imaging work assignments. The list should contain the IP address of an Imaging Server in each known Management Zone or older ZENworks system’s tree. When a device requests device imaging work from a server, the server first determines if the device belongs to the same zone or tree as the server. If it does not, that server refers the request to each server in its server referral list until it finds the device’s home zone or tree. The device is then instructed to send all future requests to the correct novell-proxydhcp.

For the procedures in configuring referral lists, see Section 2.5.4, Configuring the Server Referral List.

1.4.6 Intel Active Management Technology (AMT)

The Intel AMT functionality allows you to accurately identify devices, even if they have had physical drive replacements. This provides ZENworks Preboot Services with persistent device identification by providing ZENworks with nonvolatile memory for storing the unique device identity.

With AMT and Preboot Services, if a device has a new, unformatted hard drive, ZENworks can instantly and accurately identify the device and apply the appropriate Preboot bundle. If a device’s hard drive is inactive or its drive is replaced, ZENworks can automatically identify the device in a preboot environment and provide the appropriate ZENworks-created image during a system rebuild.

AMT with ZENworks also provides easier hardware upgrading capability. For example, to upgrade applications, some of your device hardware might not meet the minimum requirements. With AMT and Preboot Services, as soon as the hard drives are replaced and before any agents or operating systems are installed, you can continue to assign Preboot bundles using the device’s ZENworks identity without having to re-register the device.

If you are using Intel AMT, support for it should be enabled in the novell-zmgprebootpolicy.conf file.

For more information on Intel AMT, see the Intel Web site.