So you've just received a brand-new secondhand one of these things off Ebay, what do we need to do to it before use? <> = BIOS/UEFI settings = == Getting in there == * Mash F12 during POST to get the one-time boot target menu, you can access the BIOS/UEFI from there * If you get stuck in Windows because the keyboard wasn't detected fast enough, you can get to the desktop and then: * Hit the Windows key, type "UEFI", then select Change Advanced Start-up Options * Restart Now with the Advanced Startup button * Then from ''that'' boot menu go to Troubleshoot, Advanced Options, UEFI Firmware Settings, Restart == Update the BIOS to the latest version == * Use this guide: https://www.dell.com/support/kbdoc/en-au/000131486/update-the-dell-bios-in-a-linux-or-ubuntu-environment#updatebios2015 * Despite the usual Dell docs saying you need to make a DOS boot disk and run the flash updater app from there, it turns out that the BIOS Flash Update target (also on the one-time boot menu) can read the `9020MA19.exe` file from a FAT32 filesystem on a USB stick just fine * Not sure if this only works in UEFI mode or not, but I kinda don't care because we ''want'' to be in UEFI mode * This applies to systems made from 2015 or later * The latest BIOS update for the Optiplex 9020M (as of 2023-04-10) is version A19, released 2019-07-19 == Grab the MAC address == Get the LOM MAC Address from Settings, General, System Info You'll need this later when configuring PXE booting. == Change BIOS/UEFI settings == The first thing you want to do is set it to full UEFI mode, no legacy here. Then all these settings: * General * Boot Sequence * Select UEFI boot list * Advanced Boot Options * Disable Legacy OPROMs * UEFI Boot Path Security * Set to Never * Date/Time * Set clock to approx correct for UTC time * System Configuration * Integrated NIC * Enable UEFI Network Stack * Enabled w/ PXE * SATA Operation * AHCI * SMART Reporting * Disabled, we don't need it * Audio * Disable all audio, we don't need it * Security * TPM Security * Check everything except Clear * Activated * CPU XD support * Enabled * Secure Boot * Secure Boot Enable * Disabled * Performance * Multi-core support: All * Speedstep: Enabled * C-states: Enabled * Limit CPUID: Disabled * Turboboost: Enabled * Power Management * AC Recovery: Power On * Deep Sleep Control: Disabled * USB Wake Support: Enable USB wake from Standby * Wake on LAN/WLAN: LAN with PXE Boot * Block Sleep: Enable blocking of sleep * POST Behaviour * Keyboard Errors: Disable error detection * Virtualisation support * Enable VT * Enable VT-d * Enable Trusted Execution Reboot and go back in again. * Boot only from IPv4 with NIC (PXE boot) = Prepare for PXE booting = 1. Choose an IP address, the DHCP server will be used to configure the server when it comes up 1. Choose a name, and go assign the name to address mapping in the DNS zone 1. Record the allocation in the spreadsheet: https://docs.google.com/spreadsheets/d/1bUR4y21wuCVRCpQcBbP85wGAWELrVjo2_tNJ7la495A/edit#gid=0 1. Configure the DHCP server with the static address reservation * In Mikrotik Winbox it's in IP -> DHCP Server -> Leases. You can open an existing static lease and Copy it. Make sure to edit the: * IP * Name * MAC address * Comment * In Mikrotik CLI it'd be something like this {{{ [furinkan@helian] /ip/dhcp-server/lease> add address=192.168.1.256 mac-address=02-99-88-77-66-55 server="dhcp general" comment=persica42 }}} * If using dnsmasq in Pihole we add a custom config file like `/etc/dnsmasq.d/02-pihole-dhcp-persica-cluster.conf` {{{ dhcp-host=02:99:88:77:66:55,set:persica,192.168.1.256,persica42,5m # one dhcp-host line per host dhcp-boot=tag:persica,grub/grubx64.efi,illustrious.thighhighs.top,192.168.1.12 }}} Note that things are a bit different here, we specify boot options per-host rather than at a subnet level like on Mikrotik * Run `pihole restartdns` after making changes You should now be able to PXE boot the box. It'll get an address from DHCP, then hit the next-server for PXE executable which is `grubx64.efi` Grub will download its menu from the TFTP server via baked-in path, which defines the kernel and initrd to download and execute. That's typically a Linux kernel, with cmdline options to start a kickstarted install. Kickstart will download its `kickstart.cfg` then the magic happens. Now go put the right bits in the right places, you'll need a kernel and initrd at a minimum, then for auto installs you need a kickstart config (or Debian equivalent): [[PxeBooting#Putting_the_right_bits_in_the_right_places]]