Network Imaging / IVS

• FileWave Network Imaging / IVS Overview
• FileWave Windows Imaging Requirements
• Getting started with the Imaging Virtual Server
• Setting up the IVS (Imaging Virtual Server)
• FileWave Hosted Servers and IVS Setup
• Expanding the IVS Disk Drive - VirtualBox
• Expanding the IVS Disk Drive - VMware
• Importing FileWave OVS (VirtualBox)
• Importing FileWave OVF (Vmware ESXI)
• Importing FileWave OVF (VMware Fusion)
• Importing FileWave OVF (VMware Workstation)
• Windows Sysprep Guide
• Including the FileWave client on an image
• Windows Network Imaging - PXE Booting
• Creating Windows Driver Filesets
• IVS Control Commands
• Imaging MAC addresses
• Using Smart Groups with Windows Imaging
• Troubleshooting Imaging
• Authentication Credentials Error
• How to re-enroll an IVS
• Image creation or deployment hangs on "calling subprocess.Popen"
• Imaging Issue After Upgrading FileWave and Using Self-Signed SSL Certificate
• RAM listing 0-15 Error
• Sysprep not able to validate Windows installation
• Windows Imaging in FileWave 15.5+: Secure NFS Tunneling and Fallback Options
• Modifying IVS Init.gz for testing purposes
• Troubleshooting BitLocker Activation Issues on Windows 11 Post-Imaging
• Imaging Windows from a USB Drive

FileWave Network Imaging / IVS Overview

Network Imaging

Network imaging is supported over ethernet using the FileWave Imaging Virtual Server (IVS). It uses the PXEboot system for Windows computers. 

For a complete guide on how to fully set up a FileWave Imaging Virtual Server (IVS): 

• Network Imaging Guide

For more information about commands you can run on the IVS check out this article:

• Imaging Control Commands (IVS)

The imaging process has been greatly improved since FileWave 9. A new client process (imaging-fwcld) runs on the IVS, reporting back to the FileWave Server and Admin. Images are now Filesets and these Filesets can be delivered to the IVS directly from the Server or through a Booster. The imaging configuration is completely integrated into FileWave Admin.

As FileWave Imaging is unicast you can image on multiple subnets by adding an IVS on any desired subnet you like, at no additional cost. Alternatively, you can also have more centralized imaging servers and just have IPhelpers to help point the traffic across subnets.

The last option is to change options 66 and 67 in DHCP but keep in mind if you do this you will only be able to image Windows and not macOS. You will also only be allowed to image the boot-mode you select for option 67.

• Option 66 - IP of the IVS
• Option 67 -
  • UEFI - grub-custom.efi
  • Legacy - pxelinux.0 

How does it work?

The process for sending out an image with FileWave follows the same flow as if you would send out any other Fileset in FileWave. Before anything else you need to be sure you have the device(s) you would like to pull an image from or push an image out to in FileWave. So either having the device already enrolled and checking in or as a placeholder in FileWave. Either way, the device has to be in FileWave with a Serial number for macOS or a MAC Address for Windows. Then the image Fileset is assigned to a device so that an association is made, you update the model, the IVS checks in to see new updates (just as a client would check in for new files), and then you PXE/Netboot.

When the devices are imaged FileWave names them automatically based on the name provided by the FileWave Client in FileWave. For Windows devices we also support driver injections so that you can have one base image sent out to different models with the drivers pushed out along side.

*Important Note: If there are no associations between a device and an image in FileWave, and propagated to the IVS, then when that device PXE/Netboot's it will see no image assigned to it and then boot straight into the OS.

Upgrading an IVS

Instructions on how to upgrade a FileWave Imaging Virtual Server can be found on the downloads page for the IVS: Imaging Server downloads page

Process to image a Windows machine

For a complete walk through on how to create/deploy Windows images with FileWave and how to create/send out drivers please follow these guides:

• Windows Network Imaging - PXE
• Creating Windows Driver Filesets

Things to consider when imaging Windows devices with FileWave:

• Know whether your devices are Legacy or UEFI and make separate images accordingly
• At this time we do not support secure boot
• Your image can be smaller than the target drive but not larger
• Make sure the FileWave Custom Client is installed on the machine before the image is captured: Custom MSI

FileWave Windows Imaging Requirements

Windows Imaging is a powerful solution to quickly deploy base images over the network. Before starting the process of refreshing your device fleet, it is important to understand how Imaging works to understand the requirements and the possible limitations.

Requirements

The PXE server part of FileWave Imaging is supported by a downloadable FileWave Imaging Appliance.  Please check the link for updated details and release notes. Also at this time you can only use Windows Imaging with an On-Premise FileWave server.

This appliance can be run in:

• vmWare Fusion® for Mac
• vmWare Player® or Workstation® for Windows
• vmWare ESXi®
• Virtualbox®
• Hyper-V®

It needs a minimum of 8 GB RAM and at least 100 GB of disk space, depending on the size of the Images you will be deploying (images are ~20 GB each). CPU requirements are minimal.

Imaging steps

1. Windows Imaging works for both Hosted as well as On-Premise customters, but for Hosted please read this note: FileWave Hosted Servers and IVS Setup.

2. The device to be imaged is configured to boot over the network using NetBoot with PXE and starts

3. The device to be imaged broadcasts requests over the network looking for a NetBoot/PXE server. To make this successful you must consider the IVS network ports used and consider that since DHCP, PXE, and BSDP (used by NetBoot) are UDP-based broadcast protocols, they typically do not traverse subnets. These protocols also do not typically work over wireless connections so you need to make sure that IVS and the clients are using wired connections. Most network administrators do not allow broadcast packets across subnets. If your IVS and the client computers to be re-imaged are located on the same subnet then you do not need to make any changes to your network configuration, as the clients will discover the IVS via broadcasts on the local subnet. If the devices to be re-imaged are on a different subnet, however, then you have to take one of the following steps to be able to network boot and re-image them.

   1. Put an IVS on every subnet that you may need to re-image devices on.
   2. Configure IP helpers on the routers for every subnet that you may need to re-image devices on.

   
   More details about Network Booting can be found here.

4. If there is an association in FileWave between the MAC address of the Windows device to be imaged and an Imaging Fileset, the FileWave Imaging Virtual Server (IVS) will respond to the request and initiate the PXE boot process.

5. The IVS will then transfer a customized, very lightweight Linux operating system on which the device will boot:
   

6. Once the device to be imaged is booted on Linux, the imaging process can start:
   
   The whole process is managed by a python script responsible for:

   1. Creating a VPN tunnel to the IVS server
   2. Mounting NFS share to IVS server via the VPN tunnel
   3. Communicating with IVS to get and report information
   4. Preparing local hard disk (partitions), writing disk image, and preparing Windows environment

Requirements

Our customized Linux boot image is built to be as lightweight as possible. it contains the minimum components required for the imaging process. Some modules are nevertheless very dependent on the hardware and the hardware vendor: network adapter drivers and disk controller drivers are examples.

To work, our Linux kernel/image needs to contain the drivers corresponding to the models you are imaging, which means that it is required that the hardware vendor has made them available to the Linux Community.

Without proper drivers, Imaging may not work correctly or even may not work at all.

Most of the drivers are added to the kernel (See: https://www.kernel.org) or separately, this is why we regularly update our customized Linux. But it may happen that some vendors will not provide Linux drivers, which will prevent the FileWave IVS from working. Using a USB Ethernet dongle may be a work-around for a missing integrated NIC driver (assuming the driver for the dongle is available). Unfortunately, missing drivers for the disk controller can't easily be worked around.

Recommendations

As FileWave Windows Imaging is dependent on Hardware Vendors, we recommend you test the imaging process on a single device before choosing a hardware model. Updating the kernel or adding additional drivers may be done upon request - assuming the components are available. Please contact our Support or Professional Services for more information.

Getting started with the Imaging Virtual Server

Setting up the IVS (Imaging Virtual Server)

Guide for Networking Imaging with FileWave

The following steps will assist you in the setup and implementation of your Imaging Virtual Server (IVS)
If you already have your Imaging sever up and running please look at these guides for how to image Windows devices.
*Please note: This document assumes you have already set up your FileWave Management Server.

Prepare and download all needed parts

Before starting be sure you have:

• Downloaded the latest Imaging Virtual Server (IVS) linked here

• A running FileWave server with clients enrolled (or with placeholders)

• FileWave Admin installed on your workstation

• Valid MAC Address for each Windows machine

• Virtual Environment (e.g. ESXI, Virtualbox, VMware Fusion)

• No Firewall between your VLANS or access to the Inter-VLAN Firewall to open Ports specified below

IVS v5 capabilities:

• UEFI compatibility

• Multiple partitions per image

• GBT and MBR disks can be imaged

• Image a blank disk

• Windows 7, 8, 8.1, 10 (including non-UEFI, UEFI with CSM and native UEFI machines)

• Multiple netboot servers allowed on the network

• Option boot to select FileWave netboot server

• Check if the Windows partition is in hibernated or fast restart state before creating master image

• Imaging logs are now copied to IVS in order to ease imaging issues troubleshooting

Network Considerations

Subnets

The FileWave Imaging appliance has to be configured as an “ip-helper” on your switches so it can receive and answer BOOTP requests from your clients.

The FileWave network imaging solution is unicast so there will need to be some preparation on your end if you intend to image across multiple subnets. The two options will be:

1. Install a separate FileWave Imaging Virtual Server (IVS) on each subnet you plan to image from and connect them all to the FileWave server by following the "Connecting IVS to FileWave Server" section in this document.

2. Setup "Helper IPs" on your layer 3 devices (e.g. routers, routing switches) that will point the broadcast requests for PXE and Netbooting to your single FileWave IVS. Once this has been completed you will need to make a change on the IVS. To do this either open the console for this server in your virtual environment or ssh into the server with Putty (Windows) or terminal (macOS):

   1. Open terminal (If on Windows you can use Putty linked here and use the credentials root/filewave (FileWave 15.4.2 and below) or fwadmin/filewave (FileWave 15.5.0 and beyond) then skip to step 3 below)

   2. Type in the following command

       

      # replace IVS-IP-Address with your IP address
      $ ssh root@IVS-IP-Address 

      when prompted for a password use: filewave

       

   3. # enter in imaging-control subnet add to add your subnet addresses
      $ imaging-control subnet add

   4. This will prompt for a valid IP address from the subnet and subnet mask
      Note: use command imaging-control subnet remove to remove a subnet

 

Firewall

The IVS needs to be able to connect to your FileWave Server on the following Ports

• 20017

• 20443

• 20445

Any client(s) subnets where imaging should work must be able to reach the following Ports on the IVS:

• 67 (DHCP), 69 (TFTP), 80 (HTTP), and 20444 (HTTPS)

• Ports 111 (TCP,UDP) and 20490 (TCP,UDP) are used for VPN to NFS access

Prior to FileWave 15.5.0 port 2049 TCP/UDP was used for a client to reach the NFS mount, but with 15.5.0 a VPN connection is made on 20490 TCP/UDP and then allows access to the mount.

Any machine running FileWave Central needs to be able to connect to your IVS on the following Ports:

• 20010 (Client Monitor), 20444 (Remote Configuration, Shared Keys)

The FileWave Server must be able to reach the IVS on port 20444 for On-Premise customers.

Note that if you are a FileWave Hosted customer then you need to review this article: FileWave Hosted Servers and IVS Setup

Starting the Imaging Appliance for the first time:

1. Download the latest Imaging Virtual Server (IVS) linked here

2. Import the Imaging Virtual Appliance (IVS) into your virtual environment or use a player to start up the machine. Note: If you need help on this please use the help guide linked here

3. If v.15.5+ Please see: Setting the Password on First Login to FileWave Appliances (15.5+)

4. When the server starts up it will display the IP address, be sure to make a note of this. Should the machine get stuck during boot, showing a white bar at the bottom please send a CTRL-ATL-DEL to the machine. The second boot should be much quicker.

5. You should log into the machine (either console or SSH) and change the default password from what is currently filewave to your own.

   1. Open terminal (If on Windows you can use Putty linked here and use the credentials root/filewave then skip to step 3 below)

   2. Type in the following command

       

      # replace IVS-IP-Address with your IP address
      $ ssh root@IVS-IP-Address

      when prompted for a password use: filewave

       

   3. Then type the command below to enter your new password

       

      $ passwd

   4. Enter new password
      

Next, change the IP of the IVS to a static IP.

1. Locate Network Interface:

First, identify the network interface you wish to configure. You can list all network interfaces using:

networkctl list

2. Edit the /etc/network/interfaces file: Using 'nano', edit the interfaces file to set the network configurations.

nano /etc/network/interfaces

Your default interfaces file should look something like this (your interface name may be different):

# The loopback network interface
auto lo eth0
iface lo inet loopback


# The primary network interface
iface eth0 inet dhcp

Change the file to look like this, using your network preferences (note 'dhcp' has been changed to 'static' in line 6)

# The loopback network interface
auto lo eth0
iface lo inet loopback


# The primary network interface
iface eth0 inet static
address 192.168.10.33
netmask 255.255.255.0
gateway 192.168.10.255
dns-nameservers 192.168.10.254 192.168.10.255

3. Verify Resolv.conf, hosts and hostname files: Verify that these files in /etc/ are configured correctly for your network and server.
/etc/resolv.conf: This file should list your DNS servers

/etc/hosts: This file should point your FQDN to localhost (127.0.0.1) - Below is an example of what the file looks like on ivs1.filewave.net for example. Notice the 2 entries for loopback. Although IPv6 should be disabled, it is good to include the IPv6 loopback in case it is ever enabled. 

127.0.0.1       localhost
::1             localhost ip6-localhost ip6-loopback
ff02::1         ip6-allnodes
ff02::2         ip6-allrouters
127.0.0.1       ivs1.filewave.net
::1             ivs1.filewave.net

/etc/hostname: Specifies the hostname for your server. This is filewave by default.

4. Disable IPv6: Edit the sysctl.conf file by adding the following lines to the end of the file:

nano /etc/sysctl.conf

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.tun0.disable_ipv6 = 1

5. Restart/Check Network Status:

systemctl restart networking.service

systemctl status networking.service

6. Verify IP:

ip a

Connecting IVS to the the FileWave Server:

1. Open and connect your FileWave Admin to your FileWave server

2. Open the preferences and go to the "Imaging" tab

3. Hit the "+" at the bottom left of the blank pane

   

4. Enter the IP address of the IVS into "Preference for Imaging"

5. Make sure the box marked "generate new key" is now checked and click "OK"

   

6. When the Imaging Monitor opens specify your FileWave Server Address and Port 20015. Confirm by clicking "Ok" to finish configuration of your IVS.
   

   

7. Restart the Imaging Virtual Server (IVS)

8. Open the preferences and go to the "Imaging" tab again

9. Select the server in the pane and click the status button below. Status lights should be all green with the exception of "NBI for macOS Imaging:" (If there are more red lights and clicking the refresh button doesn't help, please contact support)

   

Congratulations, you have successfully set up and configured your FileWave Imaging server! You are now ready to image Windows devices.

Related Content

• FileWave Hosted Servers and IVS Setup

FileWave Hosted Servers and IVS Setup

Using IVS imaging for Windows for Hosted customers is supported but is different than an on-prem implementation. A Hosted customer is one where FileWave runs your FileWave Server in our cloud services. Notes below explain how to use IVS with a Hosted Server, but for you, as a customer, know that all the steps listed in this article that are on the FileWave Server must be completed with the assistance of Customer Technical Support because you won't have direct access to your FileWave Server. The article is here to explain what is needed and why it is needed.

Setup Differences

When you set up an IVS, the first part of the configuration will work as normal, because your admin is actually doing the communication to the IVS. You set it up, choose OK to save, relaunch preferences, and then choose the “Enroll Imaging Server” button. After this is done, and you relaunch preferences, you’ll notice that you have an “Admin credentials mismatch error”. This error is NOT meaningful. To check admin credentials, the FW server will attempt to talk to the IVS directly on port 20444, and this will not work ever for a Hosted customer.

However, if you look in the actual django interface on the IVS, you should see it has the proper shared key, etc. Here is an example:

Extra First-Time Setup

We know that image capture will NOT work for a Hosted customer without these additional steps. The IVS simply can’t upload the image that is generated, so you’ll see it go immediately from “capture done” to “upload done” within one second if you don’t fix the admin settings entry you see above.

In the last step of the initial IVS setup, the FW server tells the IVS what credentials it should use for logging in to upload an image. But, in cloudV2, the FW server can NOT talk to the IVS directly, so it can’t do that last bit and the admin settings part in the local DB ends up empty. Never fear though, we can work around this problem.

To do so, we need to:

1. Find out the user that was created for imaging

2. Reset the password for that account to something we know

3. Enter the information from the above in the IVS Django admin

Step 1, Find out the user (FileWave Support)

For this step,  we need access to the server in a shell. FileWave Support will have to do this since a hosted customer can not access the server. Once logged in, we'll start an interactive python shell as:

sudo /usr/local/filewave/python/bin/python /usr/local/filewave/django/manage.pyc shell

And once we are in the shell, we’ll look up all usernames, but the one we are looking for will start with imagingadmin

from fwauth.models import User
User.objects.all().values_list("username")

This will give us a result like this:

Out[2]: <QuerySet [('tony.keller',), ('fwadmin',), ('noaccess',), ('filewave_imaging_uploader_admin-3fcb9f455d5e062b',), ('alexdsl',), ('derekd',), ('brian.millbrook',), ('PS',), ('emma.ainsworth',), ('james.carter',), ('nicole.jemison',), ('fw',), ('shana.good',), ('filewave_imaging_uploader_admin-e850f155825fadd5',), ('alexkdsl',), ('robert.daniel',), ('sean.holden',), ('joshua.heinz',), ('andrew.kloosterhuis',), ('andreas.rein',), '...(remaining elements truncated)...']>

Once you've received this information from Support, you can continue to the next step on the IVS.

Step 2, Reset the Password

It is easy to see that filewave_imaging_uploader_admin-e850f155825fadd5 is the user we need. But now, we need to set a password. And we’ll do that like this:

u=User.objects.get(username="filewave_imaging_uploader_admin-e850f155825fadd5")

That assigns u as a variable, and obviously you’ll use the right username from the first step, not the example one. Once we have that, we can set the password, and then save u:

u.set_password("let_me_image")
u.save()

The new password is now set, but we can confirm we did it right. You’ll see below how we can test a bad password, and a good one:

In [6]: u.check_password("dont_let_me_image")
Out[6]: False

In [7]: u.check_password("let_me_image")
Out[7]: True

Step 3, Configure IVS Django Admin

Well, now we know the account and the password, we just need to set it on the IVS. To do so, login to the IVS admin at https://ivsaddress:20444, then click SIGN IN. Creds are fwadmin, filewave. Note that it likely won’t be a proper SSL cert on the server, so you’ll have to choose to bypass security in your browser to get to the web interface.

Once logged in, go to Admin, Preferences as shown at the top of the article. Then, click on admin_settings, and you’ll get a screen like this (except yours won’t have a value in it):

All you need to do now is paste in the following text, replacing your specific username and your password:

{"pwd": "let_me_image", "user": "filewave_imaging_uploader_admin-e850f155825fadd5"}

Once you SAVE this field, your IVS is ready for operation.

Capture

Because IVS upload has no ability to retry the upload of an image built in, and transferring over the WAN is more sensitive than a local transfer, an image upload could get interrupted. Note that the image will have been captured to the IVS, it just had trouble uploading to the FW server. But you can use the FileWave Admin's command line to force the upload replacing the image name, a FileWave Admin username, password, and server address:

/usr/local/bin/FileWaveAdmin --importImage /imaging/images/windows/FS_-1 -u myfwusername -p mypassword -H support.filewave.net -P 20016

Restore

Restoring images is fairly normal because once an image is assigned to any device, it is downloaded to the IVS appliance itself. The download does retry on failure because it is like any other Fileset. And, since image application to the actual “to be imaged” device happens locally to the network, the fact that the FileWave Server is Hosted is not in play here.

Expanding the IVS Disk Drive - VirtualBox

Imaging Appliance - VirtualBox Resize HD

This guide will help you extend the Imaging Virtual Servers (IVS) hard drive space on Imaging for VirtualBox.

For VirtualBox

The following steps will help you resize the virtual hard drive for the FileWave Imaging Appliance running on Oracle VirtualBox.

1. Power off the virtual machine. 
2. Open a command command prompt or terminal and extend the vmdk using the following commands ( replace source.vmdk with the path to your vbox vmdk, and "NUMBER OF MEGABYTES" according to the FULL size that you want the hard drive to be ) :

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" clonehd "source.vmdk" "cloned.vdi" --format vdi
"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyhd "cloned.vdi" --resize (NUMBER OF MEGABYTES)
"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" clonehd "cloned.vdi" "resized.vmdk" --format vmdk

3. Rename the original vmdk file to "vagrant-centos-6.4-x86_64-disk1.OLD" and rename resized.vmdk to the original "vagrant-centos-6.4-x86_64-disk1"

4. In FileWave Imaging we created a imaging-control command for extending the virtual hard drive size. Power on the IVS and login. 

5. Run the below imaging-control command to increase the hard drive. 

imaging-control increase harddrive

6. You will be asked "Have you extended the hard drive in the VM settings?". Answer "y". 

7. You will then select "ENTER", and it will restart your IVS with the increased Hard Drive. 

8. After this you are done. 

Expanding the IVS Disk Drive - VMware

Imaging Appliance - VMware Resize HD

This guide will help you extend the Imaging Virtual Servers (IVS) hard drive space on Imaging for VMware.

For VMware

The following steps will help you resize the virtual hard drive for the FileWave Imaging Appliance running on VMware.

1. Power off the virtual machine. 
2. Edit the virtual machine settings and extend the virtual disk size. The below screen shots show the view for extending the available space on VMWare. 
 

3. In FileWave Imaging we created a imaging-control command for extending the virtual hard drive size. Power on the IVS and login. 

4. Run the below imaging-control command to increase the hard drive. 

imaging-control increase harddrive

5. You will be asked "Have you extended the hard drive in the VM settings?". Answer "y". 

6. You will then select "ENTER", and it will restart your IVS with the increased Hard Drive. 

7. After this you are done.

Importing FileWave OVS (VirtualBox)

Step-by-step guide

1.  First, you'll need to download and unzip the virtual appliance from FileWave Downloads

2. Open Oracle VirtualBox. Click “File” and “Import Appliance".

3. Browse your machine for the unzipped OVA/OVF from FileWave and click “Open”.

4. Click "Continue/Next"

5. Then you will select "Import/Finish" to begin the import process.

6. Once imported successfully, select "Settings" to change the Storage settings.

7. Select "Storage" and move the .vdi file from SCSI to SATA.

8. Click "Start" to verify that the appliance starts successfully.

6. That's it! The rest of the configuration will take place within FileWave Admin.

Importing FileWave OVF (Vmware ESXI)

Step-by-Step Guide

1. Open your vSphere Client software and connect to ESXI. Click “File” and “Deploy OVF Template".

2. Browse your machine for the unzipped OVA/OVF from FileWave and click “Next”.

3. The OVF Details will be presented to you. Click “Next”.

4. Give your Server a Name and select the Datacenter and Location where you would like to store it.

5. Select which ESXI server will host the OVF.

6. Select the datastore where you would like to store your OVF.

7. Choose the desired format for the virtual disks.

8. Map the OVF/Server to the desired VM Network.

9. Click "Finish" to begin importing the OVF.

Note: You may receive a message that the import failed because OVF specification conformance. Clicking "Retry" will resolve that and continue the import.

10. Once the OVF has imported successfully, turn it on and open a console window to ensure that it starts successfully.

11. That's it! The rest of the configuration will take place within FileWave Admin.

Importing FileWave OVF (VMware Fusion)

Step-by-step guide

1.  First, you'll need to download and unzip the virtual appliance from filewave.com

2.  Then, open VMware Fusion. Click “File” and “Import".

3. Now, browse your machine for the unzipped OVA/OVF from FileWave and click “Open”.

4. Name the OVF/Server and select where you would like to save it. Click "Save".

5. The appliance should start for you automatically, but if it doesn't, just click the "Start" button.

6. Once the VM is running, then the import is done!  Most of the configuration of your server will be done from within the FileWave Admin console itself, but you can set a static IP and reset the root password from within the embedded Webmin interface in your browser (this is the web server running on port 10000 that you see referenced below).

Importing FileWave OVF (VMware Workstation)

Step-by-Step Guide

1. Open VMware Workstation. Click "Open a Virtual Machine".

2. Browse your machine for the unzipped OVA/OVF from FileWave and click “Open”.

3. Name the Virtual Machine and select a storage location. Click “Import”.

Note: You may receive a message that the import failed because OVF specification conformance. Clicking "Retry" will resolve that and continue the import.

4. Once the OVF has imported successfully, turn it on to ensure that it starts successfully.

5. That's it! The rest of the configuration will take place within FileWave Admin.

Windows Sysprep Guide

---

This Guide will prepare your Windows devices ready to be captured and deployed with FileWave Network IVS.

Computer Imaging is an important part of Life Cycle Management. Creating and deploying Windows images requires running the System Preparation (Sysprep) tool. Sysprep removes system-specific data from Windows ensuring a successful restoration of the image, and creates a "generalized" Windows installation that will then be ready for configuration at next bootup.

If your organization requires an answer file below is a step-by-step guide on creating an answer file for Sysprep to completely automate the Windows setup.

Creating a Sysprep unattended answer file

Tested on Windows 7, 8.1, 10 and 11

At this point you can either

• Use the Filewave Answer File Generator
• Use a 3rd party creation tool
• Manually create the answer file
• Skip this and have no answer file or an empty answer file (not recommended)

It is highly recommended generated answer files are used with matching Windows releases, e.g 1909 answer file with Windows 10 1909, etc.  If preparing a newer Windows 10 release, e.g. 2004, generate a new matching 2004 answer file.

Answer File Generator

Tested on Windows 10 1909 and 2004

• Answer File Generator Link: https://www.windowsafg.com/
• And alternative AFG tool: https://schneegans.de/windows/unattend-generator/ 

3rd Party Tool

The following are example links to online tools that will generate the XML:

• Win 7 - http://windowsafg.com/win7x86_x64.html
• Win 8 - http://windowsafg.com/win8x86_x64.html
• Win 8.1 - http://windowsafg.com/win8.1x86_x64.html
• Win 10/11 MBR - http://windowsafg.com/win10x86_x64.html
• Win 10/11 UEFI - https://www.windowsafg.com/win10x86_x64_uefi.html Customers have reported unsuccessful image deployment of Windows 10 2004 from this tool

Manually

Installing the Windows Automated Installation Kit for Windows

First we'll need to install the Windows Automated Installation Kit (Win AIK) on your technician machine. Follow the on screen prompts for your Windows AIK version.

• Win 7 - http://www.microsoft.com/en-us/download/details.aspx?id=5753
• Win 8 - https://www.microsoft.com/en-us/download/details.aspx?id=30652
• Win 8.1 - https://www.microsoft.com/en-us/download/details.aspx?id=39982
• Win 10/11 - https://developer.microsoft.com/en-us/windows/hardware/windows-assessment-deployment-kit

Check Disk

Run the Check Disk command before your Sysprep the image. This will ensure the disk is cleared of any errors. The below commands are run in Command Prompt run as administrator.  

chkdsk /R 
shutdown -r -t 0

Use a administrator command prompt to run the commands and reboot

System Prepare with Sysprep

Once Check Disk (chkdsk) has completed and the machine is back in Windows, run the command below (if you have no unattend XML file you may use the second command) with Command Prompt as administrator to Sysprep your machine:

C:\Windows\System32\Sysprep\sysprep.exe /generalize /oobe /shutdown /unattend:PATH TO SYSPREP ANSWER FILE XML
or
C:\Windows\System32\Sysprep\sysprep.exe /generalize /oobe /shutdown

Sysyprep will prepare the machine to be copied and shutdown. You are now ready to upload your Master Image to the FileWave Imaging Appliance.

To continue this workflow and capture this as a Master Image see: Windows Network Imaging - PXE Booting

Including the FileWave client on an image

What

The generated Windows base image should be left as clean as possible, with any chosen installations handled afterwards to prevent having to recreate the image more often than absolutely required. However, the base image should include the FileWave Client, to ensure imaged devices check-in immediately after the imaging process.

Installing the FileWave Client should take place just before Sysprep is commenced.

When/Why

The FileWave Client should be installed, prior to generating the image, using the personalized Custom MSI. The Custom MSI installer can be found here: Custom FileWave Client for Windows.

However, this source device should not be allowed to check into the FileWave Server, to ensure that the client does not have any unique configuration passed onto each imaged device or that any database entries are created for this device.

Consider using a VM and taking a snapshot before making any prior configuration changes to the base image. If a mistake is made, it will then be easy to rollback and redo that stage.

If after the FileWave Client is installed the source device is allowed to check-in, then the client service will still need to be stopped. Afterwards, the generated client record should be removed (run a Model Update after removal) and either the FileWave client should be uninstalled and re-installed, generated FileWave Client files should be removed/edited or roll the VM back, if created, to redo this step.

Files required for removal/edited may be found on the following KB: FileWave File Locations

How

• Prepare the device as per the prior instructions

• Disable the network for this device

• Open the Windows Services (in preparation to stop the FileWave Client)

• Instal the Custom MSI

• Stop the FileWave Client service

• Re-enable the network

The device is now ready to generate the base image with ‘Sysprep’. Next is to capture the image, be sure follow the Windows Network Imaging.

Windows Network Imaging - PXE Booting

Windows Imaging (PXE):

The following are the steps you will need, from start to finish, to create a Windows image from FileWave and send it out to your devices. 
This guide assuming the following:

• FileWave Imaging Server is set up
• Devices are on the same subnet (unless the proper steps were taken to image across subnets)
• Windows devices are in the FileWave Admin with valid Mac addresses either as an active client or a placeholder where the name isn't longer than 15 characters

IMPORTANT:
Windows does not permit computer names that exceed 15 characters (Naming conventions in Active Directory for computers, domains, sites, and OUs)

PLEASE NOTE for UEFI imaging:
If you are wanting to create/deploy an image from/to a native UEFI machine you will need to create a new master from a native UEFI machine using the latest IVS.
The DHCP server has to be the same as the THTP server. If not the following error message will be thrown in the boot sequence: PXE-E99: Unexpected network error. Because this is caused by the PXE UEFI firmware, PXE legacy mode should still work normally.

Prepare and Download all needed parts

Before starting be sure you have:

1. FileWave Management Server and Admin
2. FileWave Imaging server setup: Network Imaging Guide
3. FileWave Custom Client MSI download from here
4. Supported Windows devices
   

Procedures

Creation and Importation of an Image:

To create an image we will need to capture it off a pre-configured device. 
Note: You will need to have the Windows device you are capturing the image from in FileWave prior to the capture. This can be done with either enrolling the Windows device in FileWave with the Client or using a Placeholder.
NOTE: You will only be able to deploy your image to devices with a hard drive that is larger than or equal to the drive the image was captured on. So best practice would be to capture your image off the smallest hard drive possible so that you may deploy the image to any larger drive. A VM would be perfect for this task.

1. Install a clean version of Windows

2. Make any desired changes you want to the OS, including installing the FileWave Custom Client MSI

3. Follow the guide below to create an answer file, run chkdsk, and sysprep.
   If you have an existing answer file then skip to the chkdsk and sysprep steps in the article 
   Note: The Sysprep guide is valid for other versions other than Windows 7
   Sysprep is REQUIRED
   Windows 10 & Windows 7 Sysprep - Automated Install Settings

4. Once the computer has shutdown after Sysprep, you will need to make an association in FileWave

5. Launch the FileWave Admin and navigate to the the Imaging section

6. Once there use the drop down menu to select Windows
   This then filters the devices and images seen below for Windows

   

7. Now find your device on the left pane and the object called Master Image on the right pane. Click, drag, and drop Master Image to your device on the left.
   This will then launch a dialog box stating that the association has been made.

8. Make sure the association shows "True" under the Enabled column. If not, right-click the association and select "Enable Associations"

9. Update the Model
   
   

   
   

10. Open the FileWave Preferences, go to the Imaging tab, select your imaging server, and then click Monitor
    You will need to make sure it is on the same model number as your FileWave server by waiting 2 mins or clicking the verify button

11. Once the IVS is on the same model as your FileWave server you can now PXE boot your target machine for image capture.
    The device will then find an IP address from DHCP, see the FileWave server, and go through the booting process.
    
    

12. You will then be prompted Enter a name for the image to be uploaded.
    
    

13. Once you have named the image it will go through the capture process for all of the partitions.
    After the IVS has captured the image it will automatically upload to your FileWave server. The image will appear in the Filesets and the Imaging section.
    
    

You have now successfully created an image to be deployed to your Windows machines.

Associating and deploying the Image:

To deploy an image you already have in FileWave is a very easy process and is similar to the steps above for creating an image.

1. Launch the FileWave Admin and navigate to the Imaging section

2. Once there use the drop down menu to select Windows
   This then filters the devices and images for Windows

3. Now find your device, or group of devices, on the left pane and your image on the right pane. Click, drag, and drop your image to the device, or group of devices, on the left.
   This will then launch a dialog box stating that the association has been made.
   NOTE: If you have a Driver fileset in FileWave you will follow the same steps in step 3 above to assign those drivers after you assign the image. Creating Windows Driver Filesets
   NOTE: If you have association to another image (including the master image) you will need to delete that first prior to making a new image association.

4. Make sure the association shows "True" under the Enabled column. If not, right-click the association and select "Enable Associations"

5. Update the Model
   
   

   
   

6. Open the FileWave Preferences, go to the Imaging tab, select your Imaging server, and then click Monitor
   You will need to make sure it is on the same model number as your FileWave server by waiting 2 mins or click the verify button.
   Note: If there are no other associations to this image then the image has to be transferred to your IVS before you PXE boot your devices.
   
   

   
   

7. When the imaging server is on the same model as your FileWave server (and the image has been copied over) you are now ready to PXE boot your devices.

8. Connect your Windows device to ethernet, power on the device, and hold down the F12 key. Or go into the boot menu and select to boot from the NIC
   Note: Boot keys can change between hardware, you may need to check the devices manual for the correct key to push.

9. Your device(s) will then find an IP address from DHCP, see the FileWave Imaging server, and go through the booting process

10. From here the image will be deployed to the machine, named accordingly to the FileWave client object, driver files will be copied over in preparation for first boot, and the machine will restart to launch into the OS.
    Note: After the image process has completed the imaging association in FileWave will be disabled. You can see this by looking at the association's column Enabled is set to false.
    
    

Congratulations, you have successfully associated and deployed a Windows image through the network!

Creating Windows Driver Filesets

Description

This recipe is to walk you through the simple process of finding Windows OS drivers and uploading them into FileWave. Windows drivers are used in our Network Imaging process.

You can only assign a driver Fileset after an image association has been made.

To learn more about FileWave network imaging with Windows and the full process of creating, assigning, and deploying an image see: Network Imaging Guide

Ingredients

• FW Admin
• Internet Connection
• An unarchiving tool (like 7-zip)

Directions

1. Find your driver packs from the manufacture. You will need to fine the .CAB or .INI files. In the screenshot below I simply google searched "Dell Latitude E6410 driver pack" and the second result find me the back below where I downloaded the .CAB file
   
   
   
   

2. Once you have located and downloaded your driver pack it is time to extract it. Right click on the .CAB file and have 7-zip extract the file
   
   
   

3. After the drivers are extracted you can now upload the whole drivers folder into FileWave.

4. Log into FileWave Admin, go to the Filesets section, select the New Image Fileset option at the top. You will be prompted with the Create New Fileset window with three option, select Windows Drivers.
   
   
   
   

5. Now simply find the extracted folder from the .CAB file and bring it into FileWave. The Windows driver fileset will be visible in the Fileset and the Imaging section. It will remain red until it has completed the import into FileWave.

6. When the fileset has turned black you can now associated the drivers in the Imaging section. These drivers will be sent out to your device(s) during the network imaging process.

7. Once in the Imaging section find your device, or group of devices, on the left pane. Find your drivers on the right pane. Simply click, drag, and drop the drivers on top of your device, or group of devices.

   The drivers will be deployed along with an image that you have already assigned the device(s)
   
   

   

IVS Control Commands

These commands allow modification of the settings on the FileWave IVS (Imaging Virtual Server). These imaging-control commands require root authorization.

List of Imaging-Control commands

imaging-control networksetup static

imaging-control networksetup dhcp

imaging-control subnet add

imaging-control subnet remove

imaging-control increase harddrive

imaging-control list macimages

imaging-control list windowsimages

imaging-control disable macimaging

imaging-control disable windowsimaging

imaging-control enable macimaging

imaging-control enable windowsimaging

Configuring the IVS network interface

The FileWave IVS network is configured to use dhcp by default. This command has 2 options:

imaging-control networksetup static

This command will prompt for static ip information and configure the network interface to it

imaging-control networksetup dhcp

This command will switch the IVS networking interface back to dhcp

Configuring subnets on the IVS

The FileWave IVS will default to listening only on the subnet that it’s ip address is from.  This command can be used to add subnets for the IVS to listen to or remove subnets:

imaging-control subnet add

This command will prompt for a valid ip address from the subnet and the subnet mask

imaging-control subnet remove

This command will display the subnets that the IVS is currently listening to and allow removal

Increasing the IVS hard drive

imaging-control increase harddrive

This command will allow the virtual disk on the IVS to be increased.  The default size is 250gb.  This command will require that the IVS is first shutdown and the hard drive is expanded in the vm settings.

 

 

Viewing list of images on IVS

These commands will list Mac and Windows images being hosted on the IVS currently

imaging-control list macimages

imaging-control list windowsimages

Configuring the IVS for Mac or Windows

The default settings on the IVS allow for Mac and Windows imaging.  These commands will allow you to disable/enable Mac or Windows imaging on the IVS.

imaging-control disable macimaging

This command disables Mac imaging on the IVS.

imaging-control disable windowsimaging

This command disables Windows imaging on the IVS.

imaging-control enable macimaging

This command enables Mac imaging on the IVS. (default setting)

imaging-control enable windowsimaging

This command enables Windows imaging on the IVS. (default setting)

Imaging MAC addresses

What

The MAC address of Windows devices for imaging purposes can be specified manually by the user from FileWave Admin. Unfortunately, this field will then be overwritten by the actual MAC address(es) reported by the client in inventory. This is an annoying problem when the MAC address specified by hand is the one of a USB-ethernet adapter that is not always connected to the device. A more robust solution would be to store separately the MAC address specified by the admin so that it never gets overwritten by what the client reports to inventory.

When/Why

On Windows-based systems, vendors have created the concept of a pass-through MAC address that is used with USB Ethernet dongles so that the MAC address of the dongle itself isn't used, but rather the pass-through MAC address of the device is used with the dongle. This overcomes the issue of the same MAC address showing up for many devices as the dongle is used on different devices, but creates a new challenge because that address isn't stored in FileWave inventory because it's not normally active.

How

With FileWave 14.6.x a new editable column "Imaging MAC Address" is available on Clients View and other views, where clients are visible (Imaging View, Associations View, etc.). This column shows a manually specified MAC address that is not changed by device inventory reports. Whenever the user specifies the MAC address of a Windows client in FileWave Admin, the value is stored in a new separate field. This can happen in the following use cases:

1. When a placeholder is created
2. When a placeholder is imported from a text file

When "Imaging MAC Address" is specified for an added client, the column "Serial/MAC" is unchanged. The new field cannot be the reason for enrollment conflict, as imaging is Windows only and serial/mac conflicts are macOS only.

The IVS recognizes all MAC addresses from Windows clients, including the ones reported to inventory and the manually specified one if any.

You can also mass-import Imaging Mac Addresses using the import tool within the FileWave Web Admin Console.

Using Smart Groups with Windows Imaging

What

With versions of FileWave earlier than 14, smart groups would not show in the imaging view of the FileWave admin.  With v14(+), smart groups are now available for image association.

When/Why

Why do smart groups improve the ability to image?  Before the advent of custom fields, the lack of smart groups in imaging didn't matter too much, but with custom fields FileWave can quite easily determine the make and model of a particular device or if the device is UEFI or MBR.  And this matters for smart groups, because then that allows us too much more easily assign the proper image and driver packs.

Consider the following simple (imaginary) environment:

• 1000 Windows devices, all needing re-imaged this summer
• 3 Make/model combinations (Lenovo P50, Dell 5550, HP 1210)
• The Lenovo is UEFI, the others are all MBR
• Two base Windows images: one for UEFI, one MBR

If we had to mass image the above, we only had two options previously: create image associations one by one, or associate to a group.  But, to associate easily to groups, the logical thing would be to create smart groups by device type rather than having to organize the devices manually.  Thus, the inability to use smart groups for imaging began to be a severe restriction for easy imaging association.  This restriction is no more.

How

Associating images & driver packs to a smart group is the same as any other imaging association, as shown below:

Smart groups will only show in the Imaging view if there are Windows devices in them.  Also note that the association is not really to the group, but rather just to the devices in that group at that exact moment. (This is the same way assigning images to a manual group has always worked.)

Troubleshooting Imaging

Authentication Credentials Error

What

When deploying a Windows image and the IVS errors with a message:

“IVS request for URL: https:<your.IVS.IP.address:20044/imagingwindows/boot/get_image_info/ failed with code: 403 Authentication credentials were not provided.”

This will prevent the deployment of Windows images. FileWave will need to re-establish the secure connection between your IVS and server services.

When/Why

This error comes up when the IVS loses its shared key, which causes the IVS to fail and connect with your FileWave services. The connection between FileWave’s IVS and server does have encryption and can be established again. To fix you may follow the steps below. In some cases, you will want to check and verify the shared key. Remember the last 4 of the shared key and once you have re-generated, be sure the last 4 have changed.

How

1. Navigate to FileWave Central (native admin)

2. Open the Imaging tab

3. Highlight and double-click on your IVS

4. Check the box to “Generate new key on Save”

5. Press OK to save

6. Click on the Monitor button still with the Imaging tab preferences

7. Click on Verify to have the IVS check-in

After performing these steps, please try again to deploy your image. Be sure the image association is set to True before PXE booting the machine.

How to re-enroll an IVS

What

You may need to remove and re-enroll the IVS to troubleshoot. Instead of straightforward deleting and enrolling the IVS again, you will need to remove the client and admin IVS configurations, before removing. Once these configurations have been deleted you then may remove the IVS from FileWave Admin Central.

When/Why

When the IVS loses connection or stops imaging, troubleshooting may require to remove and re-enroll the IVS.

How

1. Remove IVS Client configuration
   1. log into your IVS by ssh into the server and execute the commands below:
      
      

      $ sudo killall fwcld
      $ rm -rf /etc/xdg/FileWave/Client.conf

      
      
2. Remove IVS Admin configuration
   1. Open a web browser and navigate to your IVS admin address, i.e. https://<IVS.IP.address>:20444
      
      
      
      
   2. Click 'Sign in' and enter the username and password
      
      

      username: fwadmin
      password: filewave

      
      
   3. Once logged in, click Admin at the top, Preferences > Check the box to the left of Preference to check all boxes > Click the drop-down to the right of Action and select "Delete selected Preferences".
      
      
      
      
   4. Click on 'Go' and confirm by clicking 'Yes' to remove. After completed the steps, you should see 0 Preferences.
      
      
      
      
3. Remove IVS from FileWave Admin Central
   1. Open FileWave Admin Central and navigate to Preferences > Imaging tab > click your IVS to highlight it > Click the minus sign to the bottom left and then hit OK to close preferences. Re-open Preferences > Imaging tab and make sure your IVS hasn't reappeared.
4. Restart the IVS. SSH into your IVS and run the command to reboot:
   
   

   $ sudo shutdown -r now

   
   
5. Once the IVS has restarted, you may begin the enrollment process normally; Setting up the IVS (Imaging Virtual Server)

Related Content

• Setting up the IVS (Imaging Virtual Server)

Image creation or deployment hangs on "calling subprocess.Popen"

Problem

When trying to create a Master image, or deploy a freshly captured image on a Windows device, the entire process will stall at the message "Calling subprocess.Popen with: parted -m /dev/sda print".

Solution

The cause of this issue is a bad partition on the machine that results in an imaging creation or deployment stall. In order to resolve this issue, you will need to modify a file on the Imaging Virtual Server (IVS) and use a prompt on the device you are wanting to capture the image from / deploy to. 

The following steps will allow you to clear the error from the device.

1. Make a note of the partition that seems to be stuck. From the screen shot it is "/dev/sda". Your drive may have a different name.

2. Once you know the drive name, go ahead and turn off the machine that is stuck capturing the image.

3. Connect to your IVS and run the below command.
   
   

   touch /etc/fw_master_debug

4. PXE boot the machine giving the error again.

5. The machine will go to a prompt where you are able to type the below command. For the example, "/dev/sda", but yours may be different.
   
   

   sgdisk --zap /dev/sda

6. Shutdown the machine you are capturing the image from / deploying to.

7. Run the below command on your IVS to delete the file you created.
   
   

    rm -rf /etc/fw_master_debug

8. PXE boot the machine again to capture the image and it will no longer hang at the step.

Imaging Issue After Upgrading FileWave and Using Self-Signed SSL Certificate

What

You are experiencing difficulties imaging machines after upgrading your FileWave Server, IVS, and Clients while using a Self-Signed SSL Certificate.

When/Why

This step is necessary when using a Self-Signed SSL Certificate. Ensure to include this additional step in your IVS upgrade process if you are not using a Root Trusted SSL Certificate.

How

1. Access the IVS via SSH or locally:
   • Connect to the IVS via SSH or access it locally.
2. Edit the dnsmasq.lua file:
   • Use your preferred command-line editor (e.g., vi) to edit the dnsmasq.lua file.
   • vi /imaging/scripts/bin/dnsmasq.lua
3. Navigate to line 128:
   • Use the arrow keys or appropriate commands to navigate to line 128.
     
4. Switch to insert mode:
   • Press 'i' to switch to insert mode in vi.
5. Add the following line:
   • req.tls = false
6. Save and exit vi:
   • Press the Esc key to exit insert mode.
   • Type ':wq' and press Enter to save and exit vi.
7. Verify functionality:
   • You should now be able to image machines successfully.

Related Content

• Self-signed SSL Certificates
• Network Imaging / IVS

RAM listing 0-15 Error

What

Machines using the latest M.2 drives may run into an error listing RAM failures when deploying an image.

When/Why

New machines with M.2 drives may have been set up with a pre-configuration of RAID within the machine’s BIOS. You will want to log into your machine’s BIOS and change the RAM configuration from RAID to AHCI.

How

Depending on the manufacturer/brand of BIOS, be sure to review the options and verify the method of logging into the BIOS. Once logged in, perform the following steps:

1. Search the BIOS for the settings/options labeled “SATA”

2. Change the SATA settings/options from RAID to AHCI

3. Confirm the changes and save

4. Exit BIOS and restart the machine

5. Prepare PXE boot to image deployment

After these “SATA” settings/options have been changed and saved, please try again to deploy your image. Be sure the image association is set to True before PXE booting the machine.

Third Party Vendors

Each Brand/Manufacturer has their own options to enter BIOS. Below are a few examples to search for:

• HP BIOS

• Dell BIOS

• ASUS BIOS

• Lenovo BIOS

Sysprep not able to validate Windows installation

Sysprep is mandatory for FileWave Windows disk imaging. Possible consequences of not sysprepping are outlined by Microsoft here. It accomplishes the following goals to prepare your reference system for capturing the master image.

1. Removes computer-specific info from a Windows installation by doing the following items below - You may find that some Windows functionality no longer works correctly when computer specific info is duplicated between multiple PCs.
   • Generates a new computer SID
   • Sets a new computer name
   • Clears out event logs
   • Runs mini setup to deal with hardware differences
2. Performs a full Windows shutdown when the "/shutdown" switch is specified, which is required on Windows 8 and 10 - Starting with Windows 8, Microsoft added a fast startup feature that helps your PC start up faster after shutdown, even faster than hibernate. Windows does this by saving an image of the Windows kernel and loaded drivers to C:\hiberfil.sys upon shutdown so when you start your PC again, Windows simply loads the C:\hiberfil.sys file into memory to load Windows instead of starting from scratch. When it does this, Windows leaves the main partition hosting Windows in a state that prevents FileWave from properly capturing it. When you sysprep with the "/shutdown" parameter, it performs a full shutdown without generating a hiberfil.sys file and leaves the partition hosting Windows in a state that allows FileWave to capture it.

Sysprep can occasionally fail with a validation error due to a provisioned Microsoft Store Appx app being updated automatically by Windows 10.

Sysprep has an additional provider in Windows 8 and 10 to clean Microsoft Store Appx packages and generalize the image. This provider will fail if an all-user package is updated for one of the users on this reference computer, which Windows will do automatically if it is connected to the internet long enough. To minimize the the chances of this happening on the reference system, keep it disconnected from the internet as much as possible.

The error message you'll see in %WINDIR%\System32\Sysprep\Panther\setupact.log, and more importantly in setuperr.log, when sysprep fails under these circumstances is that "an app was installed for a user, but not provisioned for all users".

<Date> <Time>, Error SYSPRP Package <PackageFullName> was installed for a user, but not provisioned for all users. This package will not function properly in the sysprep image.
<Date> <Time>, Error SYSPRP Failed to remove apps for the current user: 0x80073cf2.
<Date> <Time>, Error SYSPRP Exit code of RemoveAllApps thread was 0x3cf2.
<Date> <Time>, Error [0x0f0082] SYSPRP ActionPlatform::LaunchModule: Failure occurred while executing 'SysprepGeneralize' from C:\Windows\System32\AppxSysprep.dll; dwRet = 0x3cf2
<Date> <Time>, Error SYSPRP ActionPlatform::ExecuteAction: Error in executing action; dwRet = 0x3cf2
<Date> <Time>, Error SYSPRP ActionPlatform::ExecuteActionList: Error in execute actions; dwRet = 0x3cf2
<Date> <Time>, Error SYSPRP SysprepSession::Execute: Error in executing actions from C:\Windows\System32\Sysprep\ActionFiles\Generalize.xml; dwRet = 0x3cf2
<Date> <Time>, Error SYSPRP RunPlatformActions:Failed while executing SysprepSession actions; dwRet = 0x3cf2
<Date> <Time>, Error [0x0f0070] SYSPRP RunExternalDlls:An error occurred while running registry sysprep DLLs, halting sysprep execution. dwRet = 0x3cf2
<Date> <Time>, Error [0x0f00a8] SYSPRP WinMain:Hit failure while processing sysprep generalize internal providers; hr = 0x80073cf2

Follow the steps below to remove the offending apps causing sysprep to fail before sysprepping again.

1. Check %WINDIR%\System32\Sysprep\Panther\setuperr.log for errors like the ones above and note the "<PackageFullName>" of the app, e.g. "9E2F88E3.Twitter_5.4.1.0_x86_wgeqdkkx372wm".

2. Launch a PowerShell session with admin privileges and run the following command to remove the Microsoft Store Appx app in question, where "<PackageName>" is "Twitter" in this example.
   
   

   Remove-AppxPackage *<PackageName>*

3. If sysprep continues to fail because of the same app, it means the app is installed for another user on the system. Log into this other user account and repeat step 2 to remove the app for that user.

4. Sysprep again.

5. Repeat steps 1-4 until sysprep is successful.

Windows Imaging in FileWave 15.5+: Secure NFS Tunneling and Fallback Options

What

In FileWave version 15.5.0, significant changes have been made to the Windows Imaging process using the Imaging Virtual Server (IVS). Previously, when imaging or capturing a Windows system, the device would mount NFS (Network File System) volumes directly over TCP/UDP port 2049. Starting with FileWave 15.5, the imaging process has been enhanced for security and reliability by establishing a VPN tunnel over TCP/UDP port 20490. Over this secure VPN tunnel, the system accesses the NFS mounts, providing a more secure and efficient imaging environment.

However, if issues arise with the new VPN tunneling method, there is a fallback mechanism that allows you to revert to the previous method of direct NFS mounting over port 2049. This ensures that imaging tasks can continue without interruption, even if the VPN tunnel encounters problems in certain network environments.

When/Why

When to Use

• Default Behavior: By default, FileWave 15.5 uses a VPN tunnel on port 20490 for all Windows imaging tasks.
• Fallback Scenario: If you experience issues with imaging or capturing images due to VPN tunneling problems, you may need to revert to the direct NFS mounting method.

Why This Change Matters

• Enhanced Security: Using a VPN tunnel adds an extra layer of security by encapsulating NFS traffic within a secure tunnel, protecting data during the imaging process.
• Improved Compatibility: The VPN tunnel can help navigate network restrictions or firewall rules that might block direct NFS traffic over port 2049.
• Operational Flexibility: Providing a fallback option ensures that imaging can continue smoothly, even if the new method encounters issues in certain network configurations.

How

Switching to the Fallback Mechanism: Direct NFS Mounting over Port 2049

If you encounter issues with the default VPN tunneling method during Windows imaging, you can switch back to the previous method of direct NFS mounting. Follow these steps on the Debian IVS server:

Create the Fallback Flag File

Open a terminal on the IVS server and create a flag file to signal that secure tunneling should be disabled:

sudo touch /etc/fw_insecure_nfs_mount

This file tells the system to use direct NFS mounting instead of the VPN tunnel.

Update UFW Firewall Rules

Allow traffic on port 2049, which is used by NFS:

sudo ufw allow 2049/tcp
sudo ufw allow 2049/udp

This updates the firewall to permit NFS communication over port 2049.

Restart Network Services

To apply the changes, restart all network-related services. The simplest method is to reboot the IVS server:

sudo reboot

Note: Rebooting ensures all services are restarted properly and the new settings take effect.

Reverting Back to Secure VPN Tunneling

Once any issues with VPN tunneling are resolved, you can switch back to the default secure method:

Remove the Fallback Flag File

Delete the flag file to re-enable secure tunneling:

sudo rm /etc/fw_insecure_nfs_mount

Remove UFW Firewall Rules for Port 2049

Close the ports that were opened for direct NFS access:

sudo ufw delete allow 2049/tcp
sudo ufw delete allow 2049/udp

This ensures that NFS traffic cannot bypass the VPN tunnel, maintaining a secure configuration.

Restart the IVS Server

Reboot the IVS server to apply the changes:

sudo reboot

This will restore the VPN tunneling over port 20490 for imaging tasks.

Important Considerations

• Security Implications: Reverting to direct NFS mounting over port 2049 is less secure than using the VPN tunnel. Use this fallback option only when necessary and ensure that your network is secure.
• Firewall Configuration: Make sure that your network’s firewalls allow traffic over the necessary ports:
• Port 20490 for VPN tunneling (default method).
• Port 2049 for NFS if using the fallback method.
• Testing: After making changes, perform a test imaging task to confirm that everything is functioning as expected.
• Documentation: Keep a record of any changes made to the IVS server configuration for future reference and troubleshooting.

Related Content

• Setting up the IVS (Imaging Virtual Server)

Modifying IVS Init.gz for testing purposes

What

With the IVS, target devices uses init.gz as the boot image over the network. For troubleshooting purposes, you may want/need to make a change to this image (for instance to change a driver file or to make some workaround). 

When/Why

This is not an activity most FileWave administrators will do but is being documented for cases where it is needed. Usually you will do this with support to test something.

How

Related Content

• Network Imaging / IVS

Troubleshooting BitLocker Activation Issues on Windows 11 Post-Imaging

Overview

This article outlines a known issue encountered with Windows 11 deployments where BitLocker encryption fails to initialize properly after imaging. The failure presents as a specific Boot Configuration Data (BCD) error and prevents the successful activation of BitLocker. A resolution is included in this article, along with an explanation of the root cause and steps to remediate the issue.

Issue Description

After deploying a Windows 11 image to devices, attempts to enable BitLocker fail with the following error:

"The path specified in the Boot Configuration Data (BCD) for a BitLocker Drive Encryption integrity-protected application is incorrect. Please verify and correct your BCD settings and try again."

This problem was observed across multiple devices imaged with a FileWave-managed deployment, suggesting a systemic issue with the imaging or BCD configuration process.

Initial Troubleshooting Attempts

Unattend File Adjustments

One of the first suspected causes was the Windows unattend.xml file used during deployment. Specifically, we considered that the partitioning and wiping directives in the answer file conflicted with FileWave’s imaging and partitioning steps.

To test this theory:

• Removed the entire partitioning section from the unattend file.

• Re-imaged devices using the updated unattend configuration.

Result: This change did not resolve the BitLocker error.

Manual BCD Edits

We experimented with manual edits to the BCD store using bcdedit, in an attempt to update or repair paths that might be misconfigured post-image. However, these attempts did not lead to a consistent fix.

Resolution

A working solution was identified via a community-sourced thread on Reddit (source).

The issue appears to be related to incorrect device and osdevice settings within the BCD store. BitLocker can initialize successfully by explicitly setting these values to point to the system partition.

Required Commands

Execute the following commands in an elevated Command Prompt:

bcdedit -set {current} osdevice partition=C:
bcdedit -set {current} device partition=C:
bcdedit -set {memdiag} device partition=\Device\HarddiskVolume1

Optional: Batch File Version

You may also save the above commands to a .bat file for repeated use. Below is the complete content of the file:

@echo off
bcdedit -set {current} osdevice partition=C:
bcdedit -set {current} device partition=C:
bcdedit -set {memdiag} device partition=\Device\HarddiskVolume1
echo Edit complete.
pause

Post-Fix Behavior

After running the commands (or executing the batch script) and rebooting the device:

• BitLocker can be successfully enabled.

• The internal script for enabling BitLocker and sending the recovery key to Active Directory functions as expected.

This fix has been validated across multiple test devices and resolves the issue consistently. Below is a PowerShell script that may be deployed.

##
##.SYNOPSIS Fixes BCD configuration to resolve BitLocker activation issues on Windows 11.
##
##.DESCRIPTION
##  This script sets the correct BCD partition values for osdevice, device, and memdiag using bcdedit.
## Intended for deployment through FileWave as a Fileset or custom script.
##

# Requires elevation
if (-not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole(`
    [Security.Principal.WindowsBuiltInRole] "Administrator")) {
    Write-Host "This script must be run as Administrator."
    exit 1
}

# Define target values
$osDevice = "partition=C:"
$device = "partition=C:"
$memdiagDevice = "\Device\HarddiskVolume1"

try {
    Write-Host "Applying BCD changes..."

    # Set the current OS device and boot device
    bcdedit /set {current} osdevice $osDevice
    bcdedit /set {current} device $device
    bcdedit /set {memdiag} device $memdiagDevice

    Write-Host "BCD changes applied successfully."

    # Optional: Trigger reboot after applying fix
    # Restart-Computer -Force

} catch {
    Write-Error "An error occurred while editing BCD: $_"
    exit 2
}

exit 0

Optional verification/detection script:

$bcdOutput = bcdedit /enum {current}
if ($bcdOutput -match "osdevice.*partition=C:" -and $bcdOutput -match "device.*partition=C:") {
    Write-Host "BCD is already configured correctly."
    exit 0
} else {
    Write-Host "BCD configuration needs to be fixed."
    exit 1
}

Conclusion

The root cause appears to be incorrect or incomplete BCD configuration following image deployment. This is a result of how the imaging process or unattend file interacts with the BCD setup on Windows 11 systems.

If BitLocker activation issues are encountered, we recommend incorporating the BCD fix as a post-deployment step. This can be integrated into your provisioning workflow until a more permanent fix is identified at the image or unattended setup level.

---

References

• Reddit thread with the original solution: https://www.reddit.com/r/sysadmin/comments/1hh4d4s/comment/m6di6vq/?rdt=42301

Imaging Windows from a USB Drive

What

Occasionally you might run into an issue with PXE boot for imaging, or just generally need to test the imaging process.  The USB bootable image provided here is meant to be a workaround, or a tool of convenience, for imaging devices using the FileWave IVS.

Please note that FileWave 15.5.0 changed the process to mount a share and this article will need to be adjusted. If you depend on this process of imaging from USB please know that some updates are needed to how the USB config will need to be due to a VPN connection being used to secure the NFS mounts as of 15.5.0.

When/Why

There are several situations where this utility may be useful.  A few examples follow:

• You are not sure broadcast forwarding is setup correctly (network troubleshooting)
• Your need to image a device at a location which does not have an IVS locally
• For deeper access to debugging imaging problems
• You can't PXE boot on a physical connection (i.e. a non-PXE supporting dongle)
• You need to image over a w-fi connection

How

Using this utility is in two parts:

1. Building the USB drive
   1. We recommend using Rufus to write this image file to your USB drive.  (Note that this is a destructive process for your USB drive)
2. Imaging the device. Once you have the drive built, you will attach it to the device to be imaged, and:
   1. Boot up to BIOS as you would for PXE based imaging
   2. Choose to boot off of the bootable USB drive you attached (each BIOS will be different regarding how to do this)
   3. Once booted, the Linux kernel will ask you for the address of your IVS...you can enter the IP or the FQDN if you have one set.
   4. All things being equal, the device will now read all settings dynamically from the IVS and begin imaging your device
      1. Note that there is minimal error trapping with this particular setup
      2. All other requirements like an image being assigned to the mac address, the association being enabled, etc. still hold

Related Content

• FileWave Network Imaging / IVS Overview