Note on archived topics.
09-01-2014 12:01 PM
Is there som trick to get HP computers with UEFI BIOS to boot from PXE w/o turning off secure boot?
My environment is Windows 2012 server with SCCM. The WDS service is running, I can PXE boot other brands of laptops (dell, microsoft), so I know my setup is somewhat with in the ballpark. I can also boot the HP UEFI computers with a USB stick w/o turning off secure boot, but once the bootimage is on PXE, it fails.
I do not use DHCP options, nor IP helpers. The clients are on the same subnet as my DHCP server and my DP/WDS server.
We have both UEFI and BIOS computers in our environment. All manage to PXE boot except the HP UEFI computers. Unless I turn Secure Boot off - then it happily loads the image. Is there perhaps some secure keys the computers are missing?
Thank you in advance for any answer to this. We have ~3000 computers that are affected.
01-27-2016 01:28 AM
I have a very similar issue. UEFI and Secure Boot are enabled, MS SCCM 2012 R2, etc. Want to deploy Windows 10....
In my case several laptops models (HP Elitebook 820 G2; HP Elitebook 850 G2; HP EliteBook Folio 9470m; HP Zbook 17 G2) don't want to boot in WinPE. After Downloading WinPE into RAM and a restart a HP message appears: "No bootable image found, notebook will shutdown"
But WinPE was successfully downloaded into OS Boot Manager. I've checked it with Bcdedit. Interessting point is that if I login to the BIOS now and change the Secure Boot to "disable" the computer boot in WinPE immediately.
Other Models like HP EliteBook Folio 1040 G1; HP ProBook 650 G1 works fine with enbaled UEFI and Secure Boot !!!
All Laptops have latest BIOS version. I've tried BIOS Factory defaults and Security defaults. Nothing changed if UEFI and Secure Boot is enabled.
It seems there are different SecureBoot checks implemented at HP.
Has anyone a solution, similar experiences or an explanation ??
Thanks a lot in advance
11-23-2016 09:04 AM
After several months I found a workaround. In my case I identified that HP is looking for an efi file in the wrong path while Booting.
My solution: I've created a package including my bootx64.efi file founded in my SCCM environment and added the package to my task sequence after the step partionining the disk and before the step Reboot into WinPE. The command of the package is copying the efi file to s:\efi\boot folder. which in my case not exists.
Hope this helps for you too
04-14-2017 10:07 AM
sorry I don't have a detailed screenshot describtion yet.
Following were my solution:
I boot my computers with a WinPE (by using SCCM task-sequence). After Configuring BIOs and SecureBoot and the partitioning step I've copied the file bootx64.efi to s:\efi\boot folder. Next step is Restart the computer to WinPE again while SecureBoot is still enabled.
Are you using SCCM too ?
04-14-2017 10:51 AM
Yes, we use SCCM. But our problem is on the bare metal device. We get devices where by default Secure boot Enabled and Legacy boot disabled option in BIOS. In this case when we do a PXE boot, it does not even do anything.
Model - HP Elitedesk G2/3
04-14-2017 11:47 PM
Understand. your issue is different to me but seems the issue that LassD had.
We have several G2/3 devices too where by default Secure boot Enabled too.
Did you extend your network about BIOS and UEFI Co-Existence ?
UEFI PXE Boot support requires minimum WinSrv20212