@cintrix84,
I just used the default templates but modified some. Could you please help me to get this worked?
I have attached the templates which are I used.
Please note that my LInux provisioning I already working fine. Not sure what am I doing wrong in the Windows.
Windows Default Finish:
<%#
kind: finish
name: Windows default finish
model: ProvisioningTemplate
oses:
- Windows Server 2008
- Windows Server 2008 R2
- Windows Server 2012
- Windows Server 2012 R2
- Windows Server 2019
- Windows Server 2019 R2
- Windows
Parameters are expected to be set in Foreman (globally or per group/host)
params:
#- windowsLicenseKey: ABCDE-ABCDE-ABCDE-ABCDE-ABCDE # Valid Windows license key
#- windowsLicenseOwner: Company, INC # Legal owner of the Windows license key
#- ntpServer: time.windows.com,other.time.server
#- domainAdminAccount: joinuser@domain.com # please do not use the domain administrator
#- domainAdminAccountPasswd: Password for the domain Admin account
#- computerOU: OU=Computers,CN=domain,CN=com # Place the computer account in specified Organizational Unit
#- computerDomain: domain.com # domain to join
#- machinePassword: used for unsecure domain join. needs precrated computer object (New-ADComputer)
#- foremanDebug: false
- windowsLicenseKey: ABCDE-ABCDE-ABCDE-ABCDE-ABCDE
- windowsLicenseOwner: medinfo # Legal owner of the Windows license key
- localAdminAccountDisabled: false
- ntpServer: 10.134.130.170,10.134.130.171
- domainAdminAccount: !vuadmin!@dev.dete.vubiquity.com # please do not use the domain administrator
- domainAdminAccountPasswd: Acc1234$$
- computerOU: DC=dev,DC=dete,DC=vubiquity,DC=com # Place the computer account in specified Organizational Unit
- computerDomain: dev.dete.vubiquity.com # domain to join
- machinePassword: used for unsecure domain join. needs precrated computer object (New-ADComputer)
- foremanDebug: false
%>
<%#
Information about unsecure domain join
%>
<%
safemode renderer does not support unary negation
puppet_enabled = host_puppet_server.present? || host_param_true?(‘force-puppet’)
salt_enabled = host_param(‘salt_master’) ? true : false
chef_enabled = @host.respond_to?(:chef_proxy) && @host.chef_proxy
%>
@echo off
<% unless host_param(‘localAdminAccountDisabled’) -%>
echo Activating administrator
net user administrator /active:yes
<% end -%>
<% if @host.pxe_build? %>
set ctr=0
set nettimeout=10
(echo Updating time)
(sc config w32time start= auto)
sc start w32time
::ipconfig /renew
<% if host_param(‘ntpServer’) %>
echo setting time server
w32tm /config /manualpeerlist:<%= host_param(‘ntpServer’) %> /syncfromflags:manual /update
<% end %>
echo sync time
w32tm /resync
w32tm /resync
<% if host_param(‘computerDomain’) -%>
<% if host_param(‘domainAdminAccount’).present? && host_param(‘domainAdminAccountPasswd’).present? -%>
echo performing secure domain join
powershell.exe -OutputFormat text -command Add-Computer -DomainName ‘<%= host_param(‘computerDomain’) -%>’ -Credential (New-Object -TypeName System.Management.Automation.PSCredential ‘<%= host_param(‘domainAdminAccount’) -%>’, (ConvertTo-SecureString -String ‘<%= host_param(‘domainAdminAccountPasswd’) -%>’ -AsPlainText -Force)) <% if host_param(‘computerOU’).present? -%>-OUPath ‘<%= host_param(‘computerOU’) -%>’<% end -%>
<% else %>
<% if host_param(‘machinePassword’).present? %>
echo performing unsecure domain join
powershell.exe -OutputFormat text -command Add-Computer -Domain ‘<%= host_param(‘computerDomain’) -%>’ -Options UnsecuredJoin,PasswordPass -Credential (New-Object -TypeName System.Management.Automation.PSCredential $null, (ConvertTo-SecureString -String ‘<%= host_param(‘machinePassword’) -%>’ -AsPlainText -Force))
<% end %>
<% end %>
<% end %>
<% if host_param(‘localAdminAccountDisabled’) %>
echo Disabling %tempAdminUser%
net user %tempAdminUser% %tempAdminUser% /active:no
<% end %>
<% if host_param(‘ansible_port’) == 5985 or host_param(‘ansible_winrm_scheme’) == ‘http’ %>
cmd /c winrm set winrm/config/service @{AllowUnencrypted=“true”}
<% end %>
<% if host_param(‘ansible_winrm_transport’) == ‘basic’ %>
cmd /c winrm set winrm/config/client/auth @{Basic=“true”}
cmd /c winrm set winrm/config/service/auth @{Basic=“true”}
<% end %>
<% if host_param(‘ansible_winrm_transport’) == ‘credssp’ %>
cmd /c winrm set winrm/config/client/auth @{CredSSP=“true”}
cmd /c winrm set winrm/config/service/auth @{CredSSP=“true”}
<% end %>
<% if host_param(‘ansible_winrm_transport’) == ‘certificate’ %>
cmd /c winrm set winrm/config/client/auth @{Certificate=“true”}
cmd /c winrm set winrm/config/service/auth @{Certificate=“true”}
<% end %>
<%= snippet ‘Windows network’ %>
<% if foreman_url(‘user_data’) %>
echo execute user data script
IF EXIST c:\deploy\user_data.ps1 powershell.exe -OutputFormat text -command c:\deploy\user_data.ps1
<% end -%>
<% if puppet_enabled %>
echo Installing puppet
start /w “” msiexec /qn /i C:\extras\puppet.msi PUPPET_AGENT_STARTUP_MODE=Manual PUPPET_MASTER_SERVER=<%= host_puppet_server -%> PUPPET_AGENT_ACCOUNT_DOMAIN=<%= @host.domain -%> PUPPET_AGENT_ACCOUNT_USER=administrator PUPPET_AGENT_ACCOUNT_PASSWORD=“<%= host_param(‘domainAdminAccountPasswd’) -%>”
echo set puppet to auto start
sc config puppet start= auto
sc query puppet
<% end%>
<% if host_param(‘foremanDebug’) != true %>
echo reboot in 15sec
start /b shutdown /r /t 15
echo Safely remove wimaging files
sdelete.exe -accepteula -p 2 -r c:\wimaging
sdelete.exe -accepteula -p 2 -r c:\minint
sdelete.exe -accepteula -p 2 c:\Windows\Panther\unattend.xml
sdelete.exe -accepteula -p 2 C:\Windows\Setup\Scripts\SetupComplete.cmd
echo Safely remove leftover directories
sdelete.exe -accepteula -p 2 -r c:\drivers
sdelete.exe -accepteula -p 2 -r c:\updates
echo Safely removing c:\deploy
cd /
sdelete.exe -accepteula -p 2 -r c:\deploy
<% end -%>
<% end -%>
Linux host_init_config default
<%#
kind: host_init_config
name: Linux host_init_config default
model: ProvisioningTemplate
oses:
-
AlmaLinux
-
CentOS
-
Fedora
-
Rocky
-
Debian
-
Ubuntu
-%>
<% built_https = foreman_url(‘built’).start_with?(‘https’) -%>
#!/bin/bash
set -e
echo “# Running [<%= @host.name %>] host initial configuration”
<% if built_https -%>
SSL_CA_CERT=$(mktemp)
cat << EOF > $SSL_CA_CERT
<%= foreman_server_ca_cert %>
EOF
<% end -%>
foreman_curl() {
curl --silent --show-error <%= ‘–cacert $SSL_CA_CERT’ if built_https %> -o /dev/null --noproxy * “$@”
}
exit_and_cancel_build() {
echo ‘Host [<%= @host.name %>] initial configuration failed’
foreman_curl --request POST ‘<%= foreman_url(‘failed’) %>’ \
–data ‘Host initial configuration failed, please see the registration log for more details.’
exit 1
}
set +e
trap ‘exit_and_cancel_build’ ERR
<% if host_puppet_server.present? -%>
<%= snippet ‘puppetlabs_repo’ %>
<%= snippet ‘puppet_setup’ %>
<% end -%>
<% if host_param_true?(‘host_registration_remote_execution’) -%>
<%= snippet ‘remote_execution_ssh_keys’ %>
<% end -%>
<%= install_packages(host_param(‘host_packages’)) -%>
<% if host_param_true?(‘host_registration_insights’) -%>
<%= snippet ‘insights’ %>
<% end -%>
<% if plugin_present?(‘katello’) && @host.operatingsystem.family == ‘Redhat’ -%>
echo “Refreshing subscription data”
subscription-manager refresh
<% end -%>
<%= update_packages if host_param_true?(‘host_update_packages’) -%>
<%= snippet_if_exists(‘host_init_config_post’) -%>
Call home to exit build mode
trap - ERR
foreman_curl ‘<%= foreman_url(‘built’) %>’
if [[ $? == 0 ]] ; then
echo “Host [<%= @host.name %>] successfully configured.”
else
echo “Host [<%= @host.name %>] successfully configured, but failed to set built status.”
fi
exit 0
Windows default iPXE
<%#
kind: iPXE
name: Windows default iPXE
model: ProvisioningTemplate
oses:
%>#!ipxe
echo Trying to ping Gateway: ${netX/gateway}
ping --count 1 ${netX/gateway} || echo Ping to Gateway failed or ping command not available.
echo Trying to ping DNS: ${netX/dns}
ping --count 1 ${netX/dns} || echo Ping to DNS failed or ping command not available.
set boot-url tftp://${next-server}/
kernel ${boot-url}<%= @host.operatingsystem.bootfile(medium_provider,:kernel) %>
initrd <%= foreman_url(‘script’) %> peSetup.cmd
initrd ${boot-url}<%= @host.operatingsystem.bootfile(medium_provider,:bcd) %> BCD
initrd ${boot-url}<%= @host.operatingsystem.bootfile(medium_provider,:bootsdi) %> boot.sdi
initrd ${boot-url}<%= @host.operatingsystem.bootfile(medium_provider,:bootwim) %> boot.wim
boot
Windows default PXELinux
<%#
kind: PXELinux
name: Windows default PXELinux
model: ProvisioningTemplate
oses:
- Win2019
- Windows
%>
DEFAULT menu
LABEL menu
COM32 linux.c32 <%= @host.operatingsystem.bootfile(medium_provider,:kernel) %>
APPEND initrdfile=<%= foreman_url(‘script’) %>@peSetup.cmd,<%= @host.operatingsystem.bootfile(medium_provider,:bcd) %>,<%= @host.operatingsystem.bootfile(medium_provider,:bootsdi) %>,<%= @host.operatingsystem.bootfile(medium_provider,:bootwim) %>
Windwos peSetup.cmd
<%#
kind: script
name: Windows peSetup.cmd
model: ProvisioningTemplate
oses:
Parameters are expected to be set in Foreman (globally or per group/host)
params:
#- wimImageName: Windows 8.1 Pro # name of wim image to apply
- wimImageName: Windows Server 2019 SERVERDATACENTER
%>
<%#
You can create amd assing a “user_data” ProvisioningTemplate as powershell to execute some custom code
%>
<%
proxy_uri = host_param(‘http-proxy’) ? “http://#{host_param(‘http-proxy’)}:#{host_param(‘http-proxy-port’) || 3128}” : nil
proxy_string = proxy_uri ? “-e http_proxy=#{proxy_uri}” : ‘’
%>
@setlocal enableextensions enabledelayedexpansion
@echo off
set WGET=wget64.exe
<%= @host.diskLayout %>
echo Started downloading main WIM
%WGET% <%= proxy_string %> “<%= medium_uri %>/sources/images.ini” -O X:\images.ini
if %ERRORLEVEL% == 0 goto :lookup_image
echo WARNING: Couldn’t download the images.ini, falling back to legacy mode!
%WGET% <%= proxy_string %> “<%= medium_uri %>/sources/install.wim” -O C:\install.wim
goto :install
:lookup_image
set file=X:\images.ini
set key=<%= host_param(‘wimImageName’) %>
for /f “usebackq delims=” %%a in (“!file!”) do (
set ln=%%a
for /f “tokens=1,2 delims==” %%b in (“!ln!”) do (
set currkey=%%b
set currval=%%c
if “x!key!”==“x!currkey!” (
%WGET% <%= proxy_string %> “<%= medium_uri %>/sources/!currval!” -O C:\install.wim
)
)
)
)
:install
echo Writing install image to partition while downloading additional files
(
start /min cmd /C “echo Write the install image to the partition
dism.exe /apply-image /imagefile:C:\install.wim /Name:”<%= host_param(‘wimImageName’) %>" /ApplyDir:C:
echo removing install.wim
del /q /s C:\install.wim"
start /min cmd /C “echo Downloading the drivers
md c:\drivers
%WGET% <%= proxy_string %> -P c:\drivers -r -np -nH --cut-dirs=3 -R index.html -q --level=0 <%= medium_uri %>/drivers/”
start /min cmd /C “echo Downloading additional updates
md c:\updates
%WGET% <%= proxy_string %> -P c:\updates\ -r -np -nH --cut-dirs=3 -R index.html -q --level=0 <%= medium_uri %>/updates/”
start /min cmd /C “echo Downloading finsh script and activating SetupComplete.cmd
md c:\deploy
%WGET% --no-verbose <%= foreman_url(“finish”) -%> -O C:\deploy\foreman-finish.bat”
) | pause
echo Creating a temp staging folder for DISM
md c:\MININT\Scratch
echo Creating the Panther directory if needed
set PantherDirectory=C:\Windows\Panther
IF not exist %PantherDirectory% (mkdir %PantherDirectory%)
echo Finalizing installation…
echo Downloading custom theme
%WGET% -P C:\Windows\Web\ -r -np -nH --cut-dirs=3 -R index.html -q --level=0 <%= medium_uri %>/theme/
echo Stage the Unattend.xml file for dism to apply
echo Downloading unattend.xml
%WGET% --no-verbose <%= foreman_url(“provision”) -%> -O c:\Windows\Panther\unattend.xml
echo Apply Unattend.xml
dism.exe /Image:C:\ /Apply-Unattend:C:\Windows\Panther\unattend.xml /ScratchDir:C:\MININT\Scratch/
echo copy tools
copy x:\windows\system32\wget64.exe C:\deploy
copy x:\windows\system32\wget64.exe C:\Windows\wget.exe
copy x:\windows\system32\sdelete.exe C:\Windows
IF not exist C:\Windows\Setup\Scripts (md C:\Windows\Setup\Scripts)
echo call C:\deploy\foreman-finish.bat ^> c:\foreman.log 2^>^&1 > C:\Windows\Setup\Scripts\SetupComplete.cmd
<% if foreman_url(‘user_data’) %>
echo Downloading user data script
%WGET% <%= foreman_url(‘user_data’) %> -O c:\deploy\user_data.ps1
<% end -%>
echo Apply Drivers
dism.exe /Image:C:\ /Add-Driver /Driver:C:\drivers\ /Recurse /ForceUnsigned
echo Apply Updates
for /f %%u in (‘dir /s/b C:\updates*.msu’) do dism.exe /Image:C:\ /Add-Package /PackagePath:%%u /ScratchDir:C:\MININT\Scratch/
echo Setting the boot sector
bootsect.exe /nt60 C:
C:\Windows\System32\bcdboot C:\Windows /l en-US
echo Tell foreman build has finished
%WGET% <%= foreman_url(‘built’) %>
exit 0