Skip to main content

1E 23.11 (SaaS)

Requirements

Software requirements that must be met in order for PXE Everywhere to be successfully installed and used.

Active Directory requirements
Installation account for PXE Everywhere Central

The account of the user that performs the PXE Everywhere Central installation must meet the following criteria, which can be temporary for installation only:

  • Must be a domain account (a local account cannot be used)

  • Must be assigned to the Full Administrator security role in Configuration Manager

  • Must have local admin rights (that is, the account is a direct or indirect member of the local Administrators group) on the server where you are installing PXE Everywhere Central

  • Must be assigned the sysadmin server role in the SQL Server instance which hosts the Configuration Manager database. This can be temporary during installation.

Installation account for PXE Everywhere Agent and PXE Everywhere Responder

Configuration Manager installs applications in the local system context, which is sufficient for the installation of the PXE Everywhere Agent and PXE Everywhere Responder.

If installed manually, the account used to install it must have local admin rights. That is, the account is a direct or indirect member of the local Administrators group) on the computer you are installing it on.

Microsoft ADK files

In addition to the binaries supplied by 1E, PXE Everywhere Agent requires a number of files that are distributed and licensed with the Microsoft Windows Automated Deployment Kit (ADK). The required files are listed in the table opposite, along with the location on the PXE Everywhere Agent that they need to be installed to.

As these files are licensed by Microsoft, 1E are unable to include them in the installation media. However, you can use theIntroducing Client Deployment Assistant to extract the required files from the ADK, create an installer transform and prepare an Application in Configuration Manager that will install the PXE Everywhere Agent with the appropriate settings and the additional Microsoft files.

The Windows Assessment and Deployment Kits (ADK) normally exist on the Configuration Manager CAS or Primary Site server, although they can be downloaded separately from the Microsoft website.

File

Destination Location (relative to TFTPROOT)

boot.sdi

\boot.sdi

abortpxe.com

\boot\x86\abortpxe.com

bootmgr.exe

\boot\x86\bootmgr.exe

pxeboot.com

\boot\x86\pxeboot.com

pxeboot.n12

\boot\x86\pxeboot.n12

bootmgfw.efi

\boot\x86\bootmgfw.efi

\boot\x64\bootmgfw.efi

wgl4_boot.ttf (optional)

\boot\fonts\wgl4_boot.ttf

Supported Platforms

A list of all the platforms supported by PXE Everywhere, and the software required to allow PXE Everywhere Central and Responders to be installed or to work.

Please refer to Common client requirements for details of PXE Everywhere Agent client module of the 1E Client.

Category

PXE Everywhere Central

PXE Everywhere Responder

Notes

Windows OS
  • Windows Server 2022

  • Windows Server 2019

  • Windows Server 2016

  • Windows Server 2022

  • Windows Server 2019

  • Windows Server 2016

  • Windows 10 CB 21H2

  • Windows 11 CB 21H2

  • Windows 10 CB 21H1

  • Windows 10 CB 20H2

  • Will only install on computers running one of these OS.

Note

Installing PXE Everywhere Central on domain controllers is not a supported configuration.

Note

A server OS is recommended for PXE Everywhere Responder.

Web servers
  • IIS 10

Not applicable.

For PXE Everywhere Central:

  1. You must have one of these Web server versions installed.

  2. The installer must be run on the system hosting the Web server as it deploys the PXELite website on it.

  3. Requires the following OS roles and features:

    • Web Server (Web-Server)

    • ASP.NET 4.5 or later (Web-Asp-Net45)

Runtime libraries
  • .NET Framework 4.8

  • Visual C++ 2013 Redistributable

  1. Youmusthave one of these .NET Framework versions installed to install PXE Everywhere Central

  2. PXE Everywhere Responder installer includes the redistributable package for Visual C++ 2013.

Boot Image OS
  • Windows Server 2022

  • Windows Server 2019

  • Windows Server 2016

  • Windows 10 CB 21H2

  • Windows 11 CB 21H2

  • Windows 10 CB 21H1

  • Windows 10 CB 20H2

Not applicable.

  • UpdateBootImage.exe is supported only on these client OS. The Admin Tools feature of the PXE Everywhere Central installer installs a tool named UpdateBootImage.exe that uses the native Configuration Manager API used to generate boot media.

Configuration Manager
  • SCCM CB 2203

  • SCCM CB 2111

  • SCCM CB 2107

  • SCCM CB 2103

  • SCCM CB 2010

Not applicable.

  • You can install PXE Everywhere Central on a Configuration Manager site server, or on any other server that has IIS installed and has good connectivity to the Configuration Manager database, ideally equivalent to the connection that the site server has to its database.

Windows Server roles and features

The following roles, role services and features must be installed/enabled as a minimum on the PXE Everywhere Central server.

The Name column is the reference used in PowerShell commands; and for .NET Framework 4.X features the PowerShell name includes 45 instead of the actual version.

Role or Feature

Display Name

Name

Notes

Web Server

Web Server (IIS)

Web-Server

Web Server Common HTTP Features

Default Document

Web-Default-Doc

Included in Web-Server

Directory Browsing

Web-Dir-Browsing

Included in Web-Server

HTTP Errors

Web-Http-Errors

Included in Web-Server

Static Content

Web-Static-Content

Included in Web-Server

Web Server Health and Diagnostics

HTTP Logging

Web-Http-Logging

Included in Web-Server

Web Server Performance

Static Content Compression

Web-Stat-Compression

Included in Web-Server

Web Server Security

Request Filtering

Web-Filtering

Included in Web-Server

Web Server Application Development

.NET Extensibility 4.X

Web-Net-Ext45

Included in Web-Asp-Net45

ASP.NET 4.X

Web-Asp-Net45

ISAPI Extensions

Web-ISAPI-Ext

Included in Web-Asp-Net45

ISAPI Filters

Web-ISAPI-Filter

Included in Web-Asp-Net45

Web Server Management Tools

IIS Management Console

Web-Mgmt-Console

Recommended

.NET Framework 4.X Features

.NET Framework 4.X

Net-Framework-45-Core

ASP.NET 4.X

Net-Framework-45-ASPNET

Included in Web-Asp-Net45

Firewall Ports

Although a computer with PXE Everywhere Agent installed can also be a PXE client, it cannot be both at the same time.

Component

Ports

Protocol

Direction

Usage

Configurable

Central

80

HTTP

Inbound

PXE Everywhere Agent communicating with the PXE Everywhere Central web application.

Browser connections to the PXE Everywhere Central website to verify installation.

Yes, post-installation on the Central server, and during installation of Agents by configuring the URL.

If HTTPS is required, please contact 1E for advice.

Central

135 and 445 (initially)

WMI-DCOMTCP

Outbound

PXE Everywhere Central installer requires access to the Configuration Manager Site server, and to the server hosting the SMS Provider role. If there is only one SMS Provider, it is often on the Site server. In each case, TCP 135 and 445 are used to initiate communications and negotiate a dynamic RPC port. The dynamic range depends on the Windows OS version.

No.

Central

1433

(See usage for protocol) TCP

Outbound

PXE Everywhere Central to access to the SQL database role for the selected Configuration Manager Site.

Depends on the Configuration Manager SQL Server instance. The Central installer determines the connection string by querying the Site's SMS Provider.

ConfigMgr Site Server (and SMS Provider)

135 and 445 (initially)

WMI (DCOM) TCP

Inbound

PXE Everywhere Central installer requires access to the Configuration Manager Site server, and each of the servers hosting the SMS Provider role. If there is only one SMS Provider, it is often on the Site server. In each case, TCP 135 and 445 are used to initiate communications and negotiate a dynamic RPC port. The dynamic range depends on the Windows OS version.

No.

ConfigMgr Site SQL database

1433

(See usage for protocol) TCP

Inbound

PXE Everywhere Central to access to the SQL database role for the selected Configuration Manager Site.

Depends on the Configuration Manager SQL Server instance.

Agent

(1E.Client.exe)

80

HTTP TCP

Outbound

PXE Everywhere Agent communicating with the PXE Everywhere Central web application.

Yes, post-installation on the Central server, and during installation of Agents by configuring the URL.

If HTTPS is required, please contact 1E for advice.

Agent

(1E.Client.exe)

2012

UDP

Inbound & outbound

Election process inter-communication between PXE Everywhere Agents on a subnet.

Yes, during installation of PXE Everywhere Agents using the MODULE.PXEEVERYWHERE.COMMSPORT installer property.

Agent

(1E.Client.exe)

67 or 2067

BOOTP UDP

Inbound

Port 67 is the standard PXE discover port. PXE clients use this port to broadcast PXE discovers on the local subnet. PXE Everywhere Agents listen on this port for PXE discovers that are broadcast on the local subnet.

If PXE Everywhere is configured to support DHCP Snooping, Agents use a custom port (default 2067) to listen for PXE requests, instead of standard port 67.

Only the DHCP Snooping ports are configurable, and must be the same on all Agents and Responders.

Agent

(1E.Client.exe)

68 or 2068

BOOTP UDP

Outbound

Port 68 is the standard PXE offer port. PXE Everywhere Agent uses this port to respond with offers to PXE discovers on the local subnet.

If PXE Everywhere is configured to support DHCP Snooping, Agents use a custom port (default 2068) instead of the standard port 68.

Only the DHCP Snooping ports are configurable, and must be the same on all Agents and Responders.

Agent

(1E.Client.exe)

69

TFTP UDP

Inbound

Port 69 is the standard PXE TFTP port. The PXE client downloads the boot image from the elected PXE Everywhere Agent using TFTP. This port is also used if PXE Everywhere is configured to support DHCP Snooping.

No.

Agent

(1E.Client.exe)

4011

UDP

Inbound

Port 4011 is the standard PXE port used by PXE clients to communicate with a PXE Server after the initial discover / offer, to unicast a request for the location of the TFTP boot image file.

This port is not used if PXE Everywhere is configured to support DHCP Snooping.

No.

Responder

(PXEEverywhereResponder.exe)

67

BOOTP UDP

Inbound

Port 67 is the standard PXE discover port. A Responder is only required when DHCP Snooping is enabled, and listens for PXE requests from PXE clients on this port. See note below about DHCP Snooping and DHCP Relays.

No.

Responder

(PXEEverywhereResponder.exe)

68

BOOTP UDP

Outbound

Port 68 is the standard PXE offer port. A Responder is only required when DHCP Snooping is enabled, and responds to PXE clients with offers unicast on this port. See note below about DHCP Snooping and DHCP Relays..

No.

PXE client

67

BOOTP UDP

Outbound

Port 67 is the standard PXE discover port. PXE clients use this port to broadcast PXE discovers on the local subnet.

If DHCP Snooping is being used these discovers are forwarded to a Responder. See note below about DHCP Snooping and DHCP Relays. .

No.

PXE client

68

BOOTP UDP

Inbound

Port 68 is the standard PXE offer port. PXE Everywhere Agent broadcasts on this port with an offer in response to PXE discovers on the local subnet.

If DHCP Snooping is being used, then Responders respond with offers on this port. See note below about DHCP Snooping and DHCP Relays..

No.

PXE client

69

BOOTP UDP

Outbound

Port 69 is the standard PXE TFTP port. A PXE client uses TFTP to download the boot image from the elected PXE Everywhere Agent on the local subnet. This port is also used if PXE Everywhere is configured to support DHCP Snooping.

No.

PXE client

4011

UDP

Outbound

Port 4011 is the standard PXE port used by PXE clients to unicast a request to the PXE Everywhere Agent for the location of the TFTP boot image file, after the initial discover/offer.

This port is not used if PXE Everywhere is configured to support DHCP Snooping.

No.

PXE client

2067

BOOTP UDP

Outbound

If PXE Everywhere is configured to support DHCP Snooping, a custom port is used (default 2067) to perform a PXE request after the PXE client has downloaded a boot loader from a Responder.

Only used if DHCP Snooping is being used, and PXE Everywhere has been configured to use this port.

Yes. DhcpPort is configured during installation of Agents.

AltPxeServerPort is manually configured on Responders.

PXE client

2068

BOOTP UDP

Inbound

If PXE Everywhere is configured to support DHCP Snooping, a custom port is used (default 2068) to respond to a PXE request after the PXE client has downloaded a boot loader from a Responder.

Only used if DHCP Snooping is being used, and PXE Everywhere has been configured to use this port.

Yes. AltPxeClientPort is manually configured on Responders.

Note

PXE client ports do not need to be configured on the OS firewall because it is the network interface which is doing the communicating. However you may need to configure intervening network firewalls for communication beyond the local subnet.

PXE Everywhere Responders communicate only with PXE clients; they do not communicate with PXE Central, PXE Everywhere Agents, other Responders, or Configuration Manager.

Note

If DHCP Snooping is enabled on networks, then DHCP Relays (IP helpers) must be configured to forward PXE requests (discovers) from client VLANs to specific Responders on port 67 and return the responses (offers) on port 68.

If DHCP Snooping is not enabled, then all PXE-boot traffic is on the local subnet, except for communication between the elected PXE Everywhere Agent and the PXE Everywhere Central server, and DHCP Relays are not required to forward PXE requests.

Note

Ports used by PXE clients to communicate with DHCP servers are not included in the above table. Communication with DHCP servers occurs before a PXE client PXE-boots, and typically use their own DHCP Relays (IP helpers).

Ports used by PXE clients to communicate with ConfigMgr Site systems are not included in the above table. Communication with ConfigMgr occurs only after a PXE client has downloaded the WinPE boot image (referenced in the deployed task sequence) from a local PXE Everywhere Agent, and booted into WinPE to start the Task Sequence.

Ports used by ConfigMgr Administrator workstations to communicate with ConfigMgr Site systems are not included in the above table. ConfigMgr Console extensions for PXE Everywhere Admin Tools use the same ports as ConfigMgr Console.

Antivirus exceptions

PXE Everywhere functionality may be impaired by antivirus programs. Although we generally advise that no malware exclusions are used, it is justifiable in certain cases to isolate specific locations and files used by specific software. The following is a list of exclusions that could be added for PXE Everywhere Local, but before you implement them, make sure they are compatible with existing exclusions.

All PXE Everywhere component installations:

  • %SystemDrive%\ProgramData\1E\PXEEverywhere\*.log & *.lo_

Additional exclusions required on PXE Everywhere Agents:

  • %SystemDrive%\Program Files\1E\Client\Extensibility\PXEEverywhere\CreateBcD.exe

  • %SystemDrive%\ProgramData\1E\PXEEverywhere\TftpRoot\boot.sdi

  • %SystemDrive%\ProgramData\1E\PXEEverywhere\TftpRoot\Boot\Fonts\wgl4_boot.ttf

  • %SystemDrive%\ProgramData\1E\PXEEverywhere\TftpRoot\Boot\x86\abortpxe.com

  • %SystemDrive%\ProgramData\1E\PXEEverywhere\TftpRoot\Boot\x86\Bootmgr.exe

  • %SystemDrive%\ProgramData\1E\PXEEverywhere\TftpRoot\Boot\x86\pxeboot.com

  • %SystemDrive%\ProgramData\1E\PXEEverywhere\TftpRoot\Boot\x86\pxeboot.exe

  • %SystemDrive%\ProgramData\1E\PXEEverywhere\TftpRoot\Images\*\*.bcd

  • %SystemDrive%\ProgramData\1E\PXEEverywhere\TftpRoot\Images\*\*.wim