Note on archived topics.

This topic has been archived. Information and links in this thread may no longer be available or relevant.
If you have a question create a new topic by clicking here and select the appropriate board.
LasseD Honor Student
Honor Student
2 0 0
Message 1 of 11
20,111
Flag Post
HP Recommended

PXE, UEFI and Secure Boot

Is there som trick to get HP computers with UEFI BIOS to boot from PXE w/o turning off secure boot?

 

My environment is Windows 2012 server with SCCM. The WDS service is running, I can PXE boot other brands of laptops (dell, microsoft), so I know my setup is somewhat with in the ballpark. I can also boot the HP UEFI computers with a USB stick w/o turning off secure boot, but once the bootimage is on PXE, it fails.

 

I do not use DHCP options, nor IP helpers. The clients are on the same subnet as my DHCP server and my DP/WDS server.

 

We have both UEFI and BIOS computers in our environment. All manage to PXE boot except the HP UEFI computers. Unless I turn Secure Boot off - then it happily loads the image. Is there perhaps some secure keys the computers are missing?

 

Thank you in advance for any answer to this. We have ~3000 computers that are affected.

10 REPLIES
PlatformManager Tutor
Tutor
12 0 1
Message 2 of 11
19,586
Flag Post
HP Recommended

PXE, UEFI and Secure Boot

Hello

 

I have a very similar issue. UEFI and Secure Boot are enabled, MS SCCM 2012 R2, etc. Want to deploy Windows 10....

 

In my case several laptops models (HP Elitebook 820 G2; HP Elitebook 850 G2; HP EliteBook Folio 9470m; HP Zbook 17 G2) don't want to boot in WinPE. After Downloading WinPE into RAM and a restart a HP message appears: "No bootable image found, notebook will shutdown"

 

But WinPE was successfully downloaded into OS Boot Manager. I've checked it with Bcdedit. Interessting point is that if I login to the BIOS now and change the Secure Boot to "disable" the computer boot in WinPE immediately.

 

Other Models like HP EliteBook Folio 1040 G1; HP ProBook 650 G1 works fine with enbaled UEFI and Secure Boot !!!

 

All Laptops have latest BIOS version. I've tried BIOS Factory defaults and Security defaults. Nothing changed if UEFI and Secure Boot is enabled.

 

It seems there are different SecureBoot checks implemented at HP.

 

Has anyone a solution, similar experiences or an explanation ??

 

Thanks a lot in advance

 

0 Kudos
Intern
Intern
22 2 2
Message 3 of 11
17,771
Flag Post
HP Recommended

PXE, UEFI and Secure Boot

Have the same issue, any progress on this?

0 Kudos
PlatformManager Tutor
Tutor
12 0 1
Message 4 of 11
17,532
Flag Post
HP Recommended

PXE, UEFI and Secure Boot

After several months I found a workaround. In my case I identified that HP is looking for an efi file in the wrong path while Booting.

My solution: I've created a package including my bootx64.efi file founded in my SCCM environment and added the package to my task sequence after the step partionining the disk and before the step Reboot into WinPE. The command of the package is copying the efi file to s:\efi\boot folder. which in my case not exists.

Hope this helps for you too

 

0 Kudos
kuvinod Top Student
Top Student
5 0 0
Message 5 of 11
15,510
Flag Post
HP Recommended

PXE, UEFI and Secure Boot

Can you explan litle bit in detail please  ?

0 Kudos
PlatformManager Tutor
Tutor
12 0 1
Message 6 of 11
15,500
Flag Post
HP Recommended

PXE, UEFI and Secure Boot

Hi kuvinod,

sorry I don't have a detailed screenshot describtion yet.

 

Following were my solution:

I boot my computers with a WinPE (by using SCCM task-sequence). After Configuring BIOs and SecureBoot and the partitioning step I've copied the file bootx64.efi to s:\efi\boot folder. Next step is Restart the computer to WinPE again while SecureBoot is still enabled. 

 

Are you using SCCM too ?

 

Best regards

0 Kudos
kuvinod Top Student
Top Student
5 0 0
Message 7 of 11
15,494
Flag Post
HP Recommended

PXE, UEFI and Secure Boot

Yes, we use SCCM. But our problem is on the bare metal device. We get devices where by default Secure boot Enabled and Legacy boot disabled option in BIOS. In this case when we do a PXE boot, it does not even do anything.

 

Model - HP Elitedesk G2/3

0 Kudos
PlatformManager Tutor
Tutor
12 0 1
Message 8 of 11
15,477
Flag Post
HP Recommended

PXE, UEFI and Secure Boot

Understand. your issue is different to me but seems the issue that LassD had.

We have several G2/3 devices too where by default Secure boot Enabled too.

 

Did you extend your network about BIOS and UEFI Co-Existence ?

UEFI PXE Boot support requires minimum WinSrv20212

0 Kudos
kuvinod Top Student
Top Student
5 0 0
Message 9 of 11
15,460
Flag Post
HP Recommended

PXE, UEFI and Secure Boot

Yes. We have our WDS and SCCM DP with PXE enabled configured on Server 2012 R2.

 

I think the issue is with the HP devices where they do not have hybrid boot option as in the case of Lenovo or Dell.

0 Kudos
kuvinod Top Student
Top Student
5 0 0
Message 10 of 11
15,224
Flag Post
HP Recommended

PXE, UEFI and Secure Boot

Just in case if it helps anyone

 

Upgrading the BIOS to the latest version on HP Elitedesk 800 G2 DM 35W helped to resolve the issue. We can do the PXE boot now.

0 Kudos

Note on archived topics.

This topic has been archived. Information and links in this thread may no longer be available or relevant.
If you have a question create a new topic by clicking here and select the appropriate board.
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation