Project pxesrv 2.0 – Compile a pxe server and boot over the network Linux/Windows


Pxesrv 2.0 is my attempt to make it easier to compile your own pxe server on Linux
The tutorial expects your selinux to be runing in permissive-mode and firewalls are turned off
This tutorial is writen for CentOS6/7 and Ubuntu Linux. It will probably work on RedHat, fedora
Security holes, vulnerabilities and bugs in the software shall be reported to each individual project
In this tutorial we are going to use both Windows 7 and Linux to generate and build files for pxeboot
This Script is only tested with sourcearchives and softwareversions found in pxesrv.sh
I take no responsibility for this script, use at your own risk

Video: Click here to watch on YouTube

It is necessary to configure your computer with a static ip
In this tutorial I use: 192.168.0.254 from the network 192.168.0.0/24

1 Install dependencies and other software

Ubuntu

apt-get install wget samba libpcre3-dev zlib1g-dev libbz2-dev gcc make nano pkg-config unzip -y

CentOS

yum install pcre-devel bzip2-devel zlib-devel gcc make nano samba samba-client samba-common unzip wget -y

2 Download pxesrv using wget and prepare for installation
Copy and paste one line at a time

cd /tmp && wget http://leemann.se/fredrik/file_downloads/pxesrv_linux-server_2.0.zip
unzip /tmp/pxesrv_linux-server_2.0.zip -d /srv && chmod -R 777 /srv/pxesrv
rm -f /tmp/pxesrv_linux-server_2.0.zip && cd /srv

3 Configure and build pxesrv, Lighttpd + dnsmasq
Copy and paste one line at a time

/srv/pxesrv/tmp/pxesrv.sh make_s1
/srv/pxesrv/tmp/pxesrv.sh make_s2
/srv/pxesrv/tmp/pxesrv.sh finalize

4 Restart pxesrv and configure autostart

Ubuntu

update-rc.d init-pxesrv defaults && pxesrv restart

CentOS

chkconfig --add init-pxesrv && chkconfig init-pxesrv on && pxesrv restart

5 We are going to use Samba on Linux to create a shared folder
This folder will be used to install windows over the network

cat /srv/pxesrv/pxe/configs/samba_share.txt >> /etc/samba/smb.conf
To view smb.conf: cat /etc/samba/smb.conf

6 Restart samba to apply the new configuration and configure autostart

/etc/init.d/samba restart
or:
systemctl restart smb.service
systemctl restart nmb.service
systemctl enable smb.service
systemctl enable nmb.service
or:
service smb restart
service nmb restart
chkconfig smb on
chkconfig nmb on

Links:
Install Samba in CentOS 7
Install Samba in CentOS 6
Install Samba in Ubuntu

7 Configure a new SMB password for pxesrv
Password for network share

smbpasswd -a pxesrv

More usefull commands:
List samba-users: sudo pdbedit -L -v
Delete samba-user: sudo smbpasswd -x pxesrv

8 Download some images to prepare your pxe-server
Copy and paste one line at a time

Download pxe-images for CentOS 6 32Bit:
cd /srv/pxesrv/pxe/pxe-boot/http/centos6_32
wget http://ftp.ember.se/centos/6.9/os/i386/images/pxeboot/initrd.img
wget http://ftp.ember.se/centos/6.9/os/i386/images/pxeboot/vmlinuz
Download pxe-images for CentOS 6 64Bit:
cd /srv/pxesrv/pxe/pxe-boot/http/centos6_64
wget http://ftp.ember.se/centos/6.9/os/x86_64/images/pxeboot/initrd.img
wget http://ftp.ember.se/centos/6.9/os/x86_64/images/pxeboot/vmlinuz
Download pxe-images for Darik’s Boot and Nuke (DBAN) 32Bit
cd /srv/pxesrv/pxe/pxe-boot/http/tools/dban-i586
wget -O dban_i586.iso https://netcologne.dl.sourceforge.net/project/dban/dban/dban-2.3.0/dban-2.3.0_i586.iso
Download pxe-images for GParted Live 32Bit:
cd /srv/pxesrv/pxe/pxe-boot/http/tools/gparted-i686
wget -O gparted-i686.zip https://kent.dl.sourceforge.net/project/gparted/gparted-live-stable/0.29.0-1/gparted-live-0.29.0-1-i686.zip
unzip gparted-i686.zip
Download pxe-images for GParted Live 64Bit
cd /srv/pxesrv/pxe/pxe-boot/http/tools/gparted-amd64
wget -O gparted-amd64.zip https://kent.dl.sourceforge.net/project/gparted/gparted-live-stable/0.29.0-1/gparted-live-0.29.0-1-amd64.zip
unzip gparted-amd64.zip

+ You can also download Hiren’s Boot CD and add it to the pxe-menu
https://knowit-now.com/download-hirens-boot-cd-15-2-iso

Example to put in your pxe-menu
LABEL + Hirens Boot CD 15.2
linux syslinux-4.07/memdisk/memdisk
append iso initrd=http://192.168.0.254/tools/hirens/v15.2.iso

9 Mount the Samba-share on Windows
Open CMD and type below or map it in ”your computer”
C:\Windows\System32>net use P: \\{ip}\pxe /user:pxesrv {smbpasswd} /persistent:yes
EX:
C:\Windows\System32>net use P: \\192.168.0.254\pxe /user:pxesrv pxesrv /persistent:yes

10 Download Windows Automated Installation Kit (AIK) and install it on Windows 7
https://www.microsoft.com/en-US/download/details.aspx?id=5753

Download and install Virtual CloneDrive to install Windows AIK
Link: https://www.elby.ch/en/products/vcd.html

10.1 Alternative for Windows 8 or 10 (Windows ADK)
https://docs.microsoft.com/en-us/windows-hardware/get-started/adk-install

11 Generate winpe and upload your files to Linux
Download my scriptfiles to generate winpe_x86, winpe_x64 (Windows 7)
If you are using Windwos 8 or 10 you need to read the scripts to se what they do

Download here (Scripts to generate winpe and install drivers):
http://www.leemann.se/fredrik/file_downloads/pxesrv_windows-winpe.zip

12.1 Unzip the file pxesrv_windows-winpe.zip to your C: Drive
12.2 Open – C:\winpe\startnet\winpe_startnet_x64.txt and configure the file to fit your network
12.3 Open – C:\winpe\startnet\winpe_startnet_x86.txt and configure the file to fit your network
12.4 Please run: C:\winpe\winpe_x64.cmd to generate winpe_x64.iso (Run as administrator if needed)
12.5 Please run: C:\winpe\winpe_x86.cmd to generate winpe_x86.iso (Run as administrator if needed)

During installation the script will pause whit this message ”Install device drivers if needed”

12.6 If you need to install drivers for winpe you may do that now either manually or automatically
12.7 Use: winpe\drivers\install_32.bat or winpe\drivers\install_64.bat to install automatically

Drivers for Winpe usually consist of 3 files ( *.cat , *.sys , *.inf ) or more
Copy those files to: winpe\drivers\32 or winpe\drivers\64 depending on architecture
You may also copy the folder containing the .inf to one of the folders since there can be more than 3 files required

12.8 Press enter to continue the script and generate the files for winpe_x64.iso and winpe_x86.iso
Upload them to the newly attached folder at: P:\pxe-boot\http\winpe

13 Copy and upload the content from your windows installation media to the appropriate folder in P:\pxe-boot\share\windows

EX: For Windows 7 64Bit you shall upload the files to P:\pxe-boot\share\windows\win7_64
EX: For Windows 7 32Bit you shall upload the files to P:\pxe-boot\share\windows\win7_32

For Windows 7 you may rename the file P:\pxe-boot\share\windows\win7_64\sources\ei.cfg to e.g ei.cfg.bak
This litle trick will enable a menu during installation were you can choose desired edition of Windows 7, pro/home/ultimate
The editions included on your media will vary and depends on if your using home or professional to copy files from

To automate the installation in Windows you may build an answear file, those types of files are called unattend.xml or autounattend.xml
I have tested this type of installation on Windows 7. You shall upload the file to the sources-directory in the Windows 7 64/32Bit root folder

Links for more reading and to generate/build answear files
YouTube:
Professor Messer: Creating a Windows 7 Reference Image – Microsoft 70-680: 2.2
Technet:
Window IT Pro Center Building an Answer File
Windows Server Sample Unattend Files
Windows AFG:
Windows Answer File Generator

If you haven’t already you will need to configure the services running on Linux
Navigate to this folder: P:\configs and configure dnsmasq.conf to your liking!!

14 Reset permissions on pxesrv in Linux and restart the services to apply new configurations

pxesrv perm && pxesrv restart

Dnsmasq handles DHCP and TFTP, whenever there is a lease those will get logged to the file P:\dnsmasq_dhcp-leases.txt
You can change the path in the scriptfile, please read here: http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html

You can disable services as needed, take a look in the main configuration: P:\configs\dnsmasq.conf

When a client tries to boot over the network gpxe will kick in and present the user with a menu
You may configure this in P:\pxe-boot\tftp\pxelinux.cfg\default

Lighttpd provides HTTP over port 70, this is used to load images and ISO-files

You can expand the functionallity of this server, for instance you shall be able to install NFS and boot, install Live desktop distubutions using PXE
I have also read that if you uppgrade from gpxe to ipxe you can enhance the experience when booting computers that are using UEFI
By using iPXE you shall also be able to use wimboot to load Windows (.wim) directly from HTTP.

Links:
http://ipxe.org
http://ipxe.org/wimboot
http://www.troubleshooters.com/linux/nfs_install.htm
http://www.wonkity.com/~wblock/docs/html/pxe.html
https://blog.mister-muffin.de/2011/09/12/multiboot-live-systems-via-pxe

More actions in this script

Start the server
pxesrv start

Stop the server
pxesrv stop

Restart the server
pxesrv restart

View server status
pxesrv status

View dnsmasq DHCP leases
pxesrv leases

Change permissions, owner and group on pxesrv
pxesrv perm

Compile and install service Dnsmasq
pxesrv make_s1

Compile and install service Lighttpd
pxesrv make_s2

Finalize installation of pxesrv
pxesrv finalize

Uninstall services but keeps Boot-files
pxesrv remove_all

Run this to delete users and home-directory
userdel -fr pxesrv

Configurations and variables

Variables in pxesrv/tmp/pxesrv.sh

Warning!
This hasn’t been tested and shall be considered experimental
You will have to change those before you compile and install

root_user=root
root_group=root
User and Group used when changing perrmisions on files and folders

root_folder=/srv/pxesrv
The path were pxesrv will be installed

service_user=pxesrv
service_group=pxesrv
User and Group used when changing perrmisions on files and folders for the service

s1_src=http://www.thekelleys.org.uk/dnsmasq/dnsmasq-2.77.tar.gz
s2_src=https://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.45.tar.gz
wget https://www.kernel.org/pub/linux/utils/boot/syslinux/4.xx/syslinux-4.07.tar.gz
Variables to hold links that will be used in the script to download sourcefiles
Pxesrv is tested with the versions on those links but you are free to experiment

Configurationfiles for pxesrv

SMB Share: P:\configs\dnsmasq.conf
Local: /srv/pxesrv/pxe/configs/dnsmasq.conf
Main configurationfile for Dnsmasq

SMB Share: P:\configs\lighttpd.conf
Local: /srv/pxesrv/pxe/configs/lighttpd.conf
Main configurationfile for Lighttpd

SMB Share: P:\pxe-boot\tftp\pxelinux.cfg\default
Local: /srv/pxesrv/pxe/tftp/pxelinux.cfg/default
Main configuration for syslinux and menu

Executables and script

Scriptfile is linked to /usr/local/sbin and will be accessible through the whole system

/usr/local/sbin/pxesrv:
– Links to the main scriptfile pxesrv.sh

/etc/init.d/init-pxesrv:
– Initscript to enable autostart of pxesrv

DONATE
Donation are not required but very much appreciated.
Click the below link to donate with PayPal (PayPal.Me)
Link: https://www.paypal.me/freddan88

GitHub
Link: https://github.com/freddan88/pxesrv-linux

 

Alternative for Windows using dhcpsrv

To host your own pxe on windows you can download dhcpsrv from dhcpserver.de and combine it with files from your share in P:\pxe-boot

Video: Click here to watch on YouTube

It is necessary to configure your computer with a static ip
In this tutorial I use: 10.0.0.1 from the network 10.0.0.0/8

This Tutorial will also expect that you have pxesrv for Linux installed
If you don´t have pxesrv installed you can still install and follow along
You will need to download those files and install them manually:

CentOS6 32BIT (initrd.img and vmlinuz):
http://ftp.ember.se/centos/6.9/os/i386/images/pxeboot
CentOS6 64Bit (initrd.img and vmlinuz):
http://ftp.ember.se/centos/6.9/os/x86_64/images/pxeboot
GParted Live 32Bit:
https://kent.dl.sourceforge.net/project/gparted/gparted-live-stable/0.29.0-1/gparted-live-0.29.0-1-i686.zip
GParted Live 64Bit:
https://kent.dl.sourceforge.net/project/gparted/gparted-live-stable/0.29.0-1/gparted-live-0.29.0-1-amd64.zip
Darik’s Boot and Nuke (DBAN)
https://netcologne.dl.sourceforge.net/project/dban/dban/dban-2.3.0/dban-2.3.0_i586.iso
Hiren’s Boot CD: https://knowit-now.com/download-hirens-boot-cd-15-2-iso
Syslinux: https://www.kernel.org/pub/linux/utils/boot/syslinux/4.xx/syslinux-4.07.tar.gz
Directories: http://www.leemann.se/fredrik/file_downloads/pxesrv_windows-folders.zip
Paths and files (Rename your files if necessary)
http\centos6_32 (initrd.img + vmlinuz) CentOS6 32Bit
http\centos6_64 (initrd.img + vmlinuz) CentOS6 64Bit
http\tools\gparted-i686 (exteract .zip from GParted Live 32Bit)
http\tools\gparted-amd64 (exteract .zip from GParted Live 64Bit)
http\tools\hirens\v15.2.iso (Hiren’s.BootCD.15.2.iso)
http\tools\dban-i586\dban_i586.iso
share\windows* (Populate with installation-files)
tftp\syslinux-4.07 (from syslinux-4.07.tar.gz)
tftp\gpxerlinux.0 (from tftp\syslinux-4.07\gpxe\gpxerlinux.0)

1 Download and extract dhcpsrv*.zip to your C: drive
Link: http://www.dhcpserver.de/cms/history-of-release-notes

Dhcpsrv is a great program that can act as a server for both dhcp, tftp and http
You can donate to download the latest version or download older versions for free, we are going to use version 2.5.2 in this tutorial
According to the website this program will be compatible with Windows versions from 98 to 10, i´m using Windows 7 in this guide

2 Copy P:\pxe-boot\http, tftp, share and example to C:\dhcpsrv\wwwroot

dhcpsrv comes with a ”Status Monitoring Page”
Because we are going to change the default path for HTTP this will stop working
To work around this problem you can copy all files in wwwroot to C:\dhcpsrv\wwwroot\http

Right click on the folder C:\dhcpsrv\wwwroot\share and select properties -> Sharing (tabb)
Select Advanced Sharing and share the folder, make sure to select sufficient sharing permissions

3 Run the file ”dhcpwiz.exe” found in C:\dhcpsrv

Click next on the first page and select network adapter that will host dhcpsrv
On the page for supported Protocols you shall select HTTP, TFTP and you may as well select write permission for tftp

4 The page ”Configuring DHCP for Interface” will let you change the IP-Pool, dhcp options and advanced settings
Do as I have done and keep in mind that your ’Next Server’ and Gateway-address will vary depending on your network

5 On the last page you shall make sure that ”Overwrite existing file” is selected and then press on Write INI file
The main configuration or INI-file shall be written to: C:\dhcpsrv\dhcpsrv.ini

6 Open the configuration ‘INI file’ edit or add below, save and quit the file afterwards

[TFTP-SETTINGS]
EnableTFTP=1
ROOT=C:\dhcpsrv\wwwroot\tftp
WritePermission=1
[HTTP-SETTINGS]
EnableHTTP=1
ROOT=C:\dhcpsrv\wwwroot\http

7 Edit C:\dhcpsrv\wwwroot\tftp\pxelinux.cfg\default to fit your network

8 Configure C:\dhcpsrv\wwwroot\share\autoexec_winpe_x64 and x86 with the right path to your share
This is one of my files:

@echo off
echo.
echo P:\autoexec_winpe_x64.cmd
echo _________________________
echo.
REM Install Windows 7
::P:\windows\win7_64\setup.exe
REM Install Windows 8
::P:\windows\win8_64\setup.exe
REM Install Windows 10
P:\windows\win10_64\setup.exe

9 Edit the files in C:\winpe\startnet\* to mount your share
The important line to configure is this:

net use P: \\10.0.0.1\share /user:share password
Replace 10.0.0.1 with your IP
Replace /user:share with your username e.g (/user:fredrik)
Replace password with your password

10 Generate Windows PE again and move the iso-files to C:\dhcpsrv\wwwroot\http\winpe
Download here (Scripts to generate winpe and install drivers):
http://www.leemann.se/fredrik/file_downloads/pxesrv_windows-winpe.zip

(Read more about Windows PE and scripts above in step 11 ”Generate winpe”)

Edit your firewall-profile to allow dhcpsrv and enable file and  printer sharing

Use Windows firewall with Advanced Security to configure the firewall
– Use start or run (WIN+R) and type ”wf.msc” to start it

Use Network and Sharing Center, advanced Sharing link to enable file and printer sharing
– You can use this command in run (WIN+R) control.exe /name Microsoft.NetworkAndSharingCenter

11 Start dhcpsrv using C:\dhcpsrv\dhcpsrv.exe to start the server

Connect clients directly to your computer or via a switch and enjoy diskless booting over your network
If you want to install Windows you will have to create a share that will host your operating systems files

Links:
https://docs.microsoft.com/windows-firewall-with-advanced-security
https://www.isumsoft.com/network-and-sharing-center-in-windows

DONATE
Donation are not required but very much appreciated.
Click the below link to donate with PayPal (PayPal.Me)
Link: https://www.paypal.me/freddan88

GitHub
Link: https://github.com/freddan88/pxesrv-linux