Problem: : I was trying to provision a Windows 2012 server, all the configurations are ok but I get below errors while kickstart;
TFTP Prefix:
Trying to load: pexlinux.cfg/01-23-23-43-4f-g4-j7 ok
Loading initrdfile=http://prd-cs-lforeman1.prod.dete.com/unattended/script?token=92718d24-4b94-4889-b706-e6b622208530@peSetup.cmd,boot/windows-x86_64-win2012-YzCMEvLyjkDk/bcd,boot/windows-x86_64-win2012-YzCMEvLyjkDk/boot.sdi,boot/windows-x86_64-win2012-YzCMEvLyjkDk/boot.wim… failed!
Kernel load failure (insufficiaent memory?)
boot:

Expected outcome: The suppose to be deleted.

Foreman and Proxy versions: Foreman 3.0.1 and Katello 4.2

Foreman and Proxy plugin versions: : Foreman plugins 3.0

Other relevant data:
I see the syslinux ver. is syslinux-4.05-15.el7.x86_64 is that something wrong? Other than that I don’t see any error;

Hi @gkumaresan and welcome to the Foreman Community.

I cannot really reproduce your error; I have never provisioned Windows myself. Maybe the orcharhino documentation Deploying Hosts running Windows helps you.

Hi @gkumaresan,

I’m not a Windows provisioning expert, but the “insufficient memory?” error is suspect. Are you sure you had enough spare memory for the VM to boot?

It could very well be a red herring, but it’s worth checking.

@gkumaresan

Let us know if the memory increase helps. When I build Windows boxes with Foreman, I will use 8 GB of ram as the base and I have had them build correctly. Also are you using the kickstart templates we ship or have you modified them?

I tested building a server 2016 box and it worked fine.

This is something related to syslinux, the Foreman 3.0 and Katello 4.2 installed with Syslinux 4.05 which has this memory insufficient issue then I have replaced the /var/lib/tftboot/linux.c32 and other files int he same directory from Syslinux 5.01.

But now I have an issue with pesetup.cmd. Can anyone help me for the dhcpd.conf with ipxe boot?

This is what I have, Linux provisning is working good with this conf but still I have issue with Windows provisioning.

option architecture code 93 = unsigned integer 16 ;
if option architecture = 00:06 {
filename “grub2/shim.efi”;
} elsif option architecture = 00:07 {
filename “grub2/shim.efi”;
} elsif option architecture = 00:09 {
filename “grub2/shim.efi”;
} else {
filename “pxelinux.0”;
}

@cintrix84,

I just used the default templates but modified some. Could you please help me to get this worked?

I have attached the templates which are I used.

Please note that my LInux provisioning I already working fine. Not sure what am I doing wrong in the Windows.

Windows Default Finish:
<%#
kind: finish
name: Windows default finish
model: ProvisioningTemplate
oses:

• Windows Server 2008
• Windows Server 2008 R2
• Windows Server 2012
• Windows Server 2012 R2
• Windows Server 2019
• Windows Server 2019 R2
• Windows

Parameters are expected to be set in Foreman (globally or per group/host)

params:
#- windowsLicenseKey: ABCDE-ABCDE-ABCDE-ABCDE-ABCDE # Valid Windows license key
#- windowsLicenseOwner: Company, INC # Legal owner of the Windows license key
#- ntpServer: time.windows.com,other.time.server
#- domainAdminAccount: joinuser@domain.com # please do not use the domain administrator
#- domainAdminAccountPasswd: Password for the domain Admin account
#- computerOU: OU=Computers,CN=domain,CN=com # Place the computer account in specified Organizational Unit
#- computerDomain: domain.com # domain to join
#- machinePassword: used for unsecure domain join. needs precrated computer object (New-ADComputer)
#- foremanDebug: false

• windowsLicenseKey: ABCDE-ABCDE-ABCDE-ABCDE-ABCDE
• windowsLicenseOwner: medinfo # Legal owner of the Windows license key
• localAdminAccountDisabled: false
• ntpServer: 10.134.130.170,10.134.130.171
• domainAdminAccount: !vuadmin!@dev.dete.vubiquity.com # please do not use the domain administrator
• domainAdminAccountPasswd: Acc1234$$
• computerOU: DC=dev,DC=dete,DC=vubiquity,DC=com # Place the computer account in specified Organizational Unit
• computerDomain: dev.dete.vubiquity.com # domain to join
• machinePassword: used for unsecure domain join. needs precrated computer object (New-ADComputer)
• foremanDebug: false
  %>
  <%#

Information about unsecure domain join

Add-Computer (Microsoft.PowerShell.Management) - PowerShell | Microsoft Learn

%>
<%

safemode renderer does not support unary negation

puppet_enabled = host_puppet_server.present? || host_param_true?(‘force-puppet’)
salt_enabled = host_param(‘salt_master’) ? true : false
chef_enabled = @host.respond_to?(:chef_proxy) && @host.chef_proxy
%>

@echo off
<% unless host_param(‘localAdminAccountDisabled’) -%>
echo Activating administrator
net user administrator /active:yes
<% end -%>

<% if @host.pxe_build? %>
set ctr=0
set nettimeout=10

(echo Updating time)
(sc config w32time start= auto)
sc start w32time
::ipconfig /renew

<% if host_param(‘ntpServer’) %>
echo setting time server
w32tm /config /manualpeerlist:<%= host_param(‘ntpServer’) %> /syncfromflags:manual /update
<% end %>

echo sync time
w32tm /resync
w32tm /resync

<% if host_param(‘computerDomain’) -%>
<% if host_param(‘domainAdminAccount’).present? && host_param(‘domainAdminAccountPasswd’).present? -%>
echo performing secure domain join
powershell.exe -OutputFormat text -command Add-Computer -DomainName ‘<%= host_param(‘computerDomain’) -%>’ -Credential (New-Object -TypeName System.Management.Automation.PSCredential ‘<%= host_param(‘domainAdminAccount’) -%>’, (ConvertTo-SecureString -String ‘<%= host_param(‘domainAdminAccountPasswd’) -%>’ -AsPlainText -Force)) <% if host_param(‘computerOU’).present? -%>-OUPath ‘<%= host_param(‘computerOU’) -%>’<% end -%>
<% else %>
<% if host_param(‘machinePassword’).present? %>
echo performing unsecure domain join
powershell.exe -OutputFormat text -command Add-Computer -Domain ‘<%= host_param(‘computerDomain’) -%>’ -Options UnsecuredJoin,PasswordPass -Credential (New-Object -TypeName System.Management.Automation.PSCredential $null, (ConvertTo-SecureString -String ‘<%= host_param(‘machinePassword’) -%>’ -AsPlainText -Force))
<% end %>
<% end %>
<% end %>

<% if host_param(‘localAdminAccountDisabled’) %>
echo Disabling %tempAdminUser%
net user %tempAdminUser% %tempAdminUser% /active:no
<% end %>

<% if host_param(‘ansible_port’) == 5985 or host_param(‘ansible_winrm_scheme’) == ‘http’ %>
cmd /c winrm set winrm/config/service @{AllowUnencrypted=“true”}
<% end %>

<% if host_param(‘ansible_winrm_transport’) == ‘basic’ %>
cmd /c winrm set winrm/config/client/auth @{Basic=“true”}
cmd /c winrm set winrm/config/service/auth @{Basic=“true”}
<% end %>

<% if host_param(‘ansible_winrm_transport’) == ‘credssp’ %>
cmd /c winrm set winrm/config/client/auth @{CredSSP=“true”}
cmd /c winrm set winrm/config/service/auth @{CredSSP=“true”}
<% end %>

<% if host_param(‘ansible_winrm_transport’) == ‘certificate’ %>
cmd /c winrm set winrm/config/client/auth @{Certificate=“true”}
cmd /c winrm set winrm/config/service/auth @{Certificate=“true”}
<% end %>

<%= snippet ‘Windows network’ %>

<% if foreman_url(‘user_data’) %>
echo execute user data script
IF EXIST c:\deploy\user_data.ps1 powershell.exe -OutputFormat text -command c:\deploy\user_data.ps1
<% end -%>

<% if puppet_enabled %>
echo Installing puppet
start /w “” msiexec /qn /i C:\extras\puppet.msi PUPPET_AGENT_STARTUP_MODE=Manual PUPPET_MASTER_SERVER=<%= host_puppet_server -%> PUPPET_AGENT_ACCOUNT_DOMAIN=<%= @host.domain -%> PUPPET_AGENT_ACCOUNT_USER=administrator PUPPET_AGENT_ACCOUNT_PASSWORD=“<%= host_param(‘domainAdminAccountPasswd’) -%>”
echo set puppet to auto start
sc config puppet start= auto
sc query puppet
<% end%>

<% if host_param(‘foremanDebug’) != true %>

echo reboot in 15sec
start /b shutdown /r /t 15

echo Safely remove wimaging files
sdelete.exe -accepteula -p 2 -r c:\wimaging
sdelete.exe -accepteula -p 2 -r c:\minint
sdelete.exe -accepteula -p 2 c:\Windows\Panther\unattend.xml
sdelete.exe -accepteula -p 2 C:\Windows\Setup\Scripts\SetupComplete.cmd

echo Safely remove leftover directories
sdelete.exe -accepteula -p 2 -r c:\drivers
sdelete.exe -accepteula -p 2 -r c:\updates

echo Safely removing c:\deploy
cd /
sdelete.exe -accepteula -p 2 -r c:\deploy

<% end -%>
<% end -%>

Linux host_init_config default
<%#

kind: host_init_config

name: Linux host_init_config default

model: ProvisioningTemplate

oses:

• AlmaLinux

• CentOS

• Fedora

• Rocky

• Debian

• Ubuntu

-%>

<% built_https = foreman_url(‘built’).start_with?(‘https’) -%>

#!/bin/bash

set -e

echo “# Running [<%= @host.name %>] host initial configuration”

<% if built_https -%>

SSL_CA_CERT=$(mktemp)

cat << EOF > $SSL_CA_CERT

<%= foreman_server_ca_cert %>

EOF

<% end -%>

foreman_curl() {

curl --silent --show-error <%= ‘–cacert $SSL_CA_CERT’ if built_https %> -o /dev/null --noproxy * “$@”

}

exit_and_cancel_build() {

echo ‘Host [<%= @host.name %>] initial configuration failed’

foreman_curl --request POST ‘<%= foreman_url(‘failed’) %>’ \

–data ‘Host initial configuration failed, please see the registration log for more details.’

exit 1

}

set +e

trap ‘exit_and_cancel_build’ ERR

<% if host_puppet_server.present? -%>

<%= snippet ‘puppetlabs_repo’ %>

<%= snippet ‘puppet_setup’ %>

<% end -%>

<% if host_param_true?(‘host_registration_remote_execution’) -%>

<%= snippet ‘remote_execution_ssh_keys’ %>

<% end -%>

<%= install_packages(host_param(‘host_packages’)) -%>

<% if host_param_true?(‘host_registration_insights’) -%>

<%= snippet ‘insights’ %>

<% end -%>

<% if plugin_present?(‘katello’) && @host.operatingsystem.family == ‘Redhat’ -%>

echo “Refreshing subscription data”

subscription-manager refresh

<% end -%>

<%= update_packages if host_param_true?(‘host_update_packages’) -%>

<%= snippet_if_exists(‘host_init_config_post’) -%>

Call home to exit build mode

trap - ERR

foreman_curl ‘<%= foreman_url(‘built’) %>’

if [[ $? == 0 ]] ; then

echo “Host [<%= @host.name %>] successfully configured.”

else

echo “Host [<%= @host.name %>] successfully configured, but failed to set built status.”

fi

exit 0

Windows default iPXE

<%#

kind: iPXE

name: Windows default iPXE

model: ProvisioningTemplate

oses:

• Win2019

• Windows

%>#!ipxe

echo Trying to ping Gateway: ${netX/gateway}

ping --count 1 ${netX/gateway} || echo Ping to Gateway failed or ping command not available.

echo Trying to ping DNS: ${netX/dns}

ping --count 1 ${netX/dns} || echo Ping to DNS failed or ping command not available.

set boot-url tftp://${next-server}/

kernel ${boot-url}<%= @host.operatingsystem.bootfile(medium_provider,:kernel) %>

initrd <%= foreman_url(‘script’) %> peSetup.cmd

initrd ${boot-url}<%= @host.operatingsystem.bootfile(medium_provider,:bcd) %> BCD

initrd ${boot-url}<%= @host.operatingsystem.bootfile(medium_provider,:bootsdi) %> boot.sdi

initrd ${boot-url}<%= @host.operatingsystem.bootfile(medium_provider,:bootwim) %> boot.wim

boot

Windows default PXELinux
<%#
kind: PXELinux
name: Windows default PXELinux
model: ProvisioningTemplate
oses:

• Win2019
• Windows
  %>
  DEFAULT menu
  LABEL menu
  COM32 linux.c32 <%= @host.operatingsystem.bootfile(medium_provider,:kernel) %>
  APPEND initrdfile=<%= foreman_url(‘script’) %>@peSetup.cmd,<%= @host.operatingsystem.bootfile(medium_provider,:bcd) %>,<%= @host.operatingsystem.bootfile(medium_provider,:bootsdi) %>,<%= @host.operatingsystem.bootfile(medium_provider,:bootwim) %>

Windwos peSetup.cmd
<%#
kind: script
name: Windows peSetup.cmd
model: ProvisioningTemplate
oses:

• Win2019
• Windows

Parameters are expected to be set in Foreman (globally or per group/host)

params:
#- wimImageName: Windows 8.1 Pro # name of wim image to apply

• wimImageName: Windows Server 2019 SERVERDATACENTER
  %>
  <%#

You can create amd assing a “user_data” ProvisioningTemplate as powershell to execute some custom code

%>
<%
proxy_uri = host_param(‘http-proxy’) ? “http://#{host_param(‘http-proxy’)}:#{host_param(‘http-proxy-port’) || 3128}” : nil
proxy_string = proxy_uri ? “-e http_proxy=#{proxy_uri}” : ‘’
%>
@setlocal enableextensions enabledelayedexpansion
@echo off
set WGET=wget64.exe

<%= @host.diskLayout %>

echo Started downloading main WIM

%WGET% <%= proxy_string %> “<%= medium_uri %>/sources/images.ini” -O X:\images.ini
if %ERRORLEVEL% == 0 goto :lookup_image

echo WARNING: Couldn’t download the images.ini, falling back to legacy mode!
%WGET% <%= proxy_string %> “<%= medium_uri %>/sources/install.wim” -O C:\install.wim
goto :install

:lookup_image
set file=X:\images.ini
set key=<%= host_param(‘wimImageName’) %>
for /f “usebackq delims=” %%a in (“!file!”) do (
set ln=%%a
for /f “tokens=1,2 delims==” %%b in (“!ln!”) do (
set currkey=%%b
set currval=%%c
if “x!key!”==“x!currkey!” (
%WGET% <%= proxy_string %> “<%= medium_uri %>/sources/!currval!” -O C:\install.wim
)
)
)
)

:install
echo Writing install image to partition while downloading additional files

(
start /min cmd /C “echo Write the install image to the partition
dism.exe /apply-image /imagefile:C:\install.wim /Name:”<%= host_param(‘wimImageName’) %>" /ApplyDir:C:
echo removing install.wim
del /q /s C:\install.wim"
start /min cmd /C “echo Downloading the drivers
md c:\drivers
%WGET% <%= proxy_string %> -P c:\drivers -r -np -nH --cut-dirs=3 -R index.html -q --level=0 <%= medium_uri %>/drivers/”
start /min cmd /C “echo Downloading additional updates
md c:\updates
%WGET% <%= proxy_string %> -P c:\updates\ -r -np -nH --cut-dirs=3 -R index.html -q --level=0 <%= medium_uri %>/updates/”
start /min cmd /C “echo Downloading finsh script and activating SetupComplete.cmd
md c:\deploy
%WGET% --no-verbose <%= foreman_url(“finish”) -%> -O C:\deploy\foreman-finish.bat”
) | pause

echo Creating a temp staging folder for DISM
md c:\MININT\Scratch

echo Creating the Panther directory if needed
set PantherDirectory=C:\Windows\Panther
IF not exist %PantherDirectory% (mkdir %PantherDirectory%)

echo Finalizing installation…

echo Downloading custom theme
%WGET% -P C:\Windows\Web\ -r -np -nH --cut-dirs=3 -R index.html -q --level=0 <%= medium_uri %>/theme/

echo Stage the Unattend.xml file for dism to apply
echo Downloading unattend.xml
%WGET% --no-verbose <%= foreman_url(“provision”) -%> -O c:\Windows\Panther\unattend.xml
echo Apply Unattend.xml
dism.exe /Image:C:\ /Apply-Unattend:C:\Windows\Panther\unattend.xml /ScratchDir:C:\MININT\Scratch/

echo copy tools
copy x:\windows\system32\wget64.exe C:\deploy
copy x:\windows\system32\wget64.exe C:\Windows\wget.exe
copy x:\windows\system32\sdelete.exe C:\Windows
IF not exist C:\Windows\Setup\Scripts (md C:\Windows\Setup\Scripts)
echo call C:\deploy\foreman-finish.bat ^> c:\foreman.log 2^>^&1 > C:\Windows\Setup\Scripts\SetupComplete.cmd

<% if foreman_url(‘user_data’) %>
echo Downloading user data script
%WGET% <%= foreman_url(‘user_data’) %> -O c:\deploy\user_data.ps1
<% end -%>

echo Apply Drivers
dism.exe /Image:C:\ /Add-Driver /Driver:C:\drivers\ /Recurse /ForceUnsigned

echo Apply Updates
for /f %%u in (‘dir /s/b C:\updates*.msu’) do dism.exe /Image:C:\ /Add-Package /PackagePath:%%u /ScratchDir:C:\MININT\Scratch/

echo Setting the boot sector
bootsect.exe /nt60 C:
C:\Windows\System32\bcdboot C:\Windows /l en-US

echo Tell foreman build has finished
%WGET% <%= foreman_url(‘built’) %>

exit 0

Hi @gkumaresan

Thanks for all the info, I will take your settings and try to get it to work here on my box and report back.