Skip to main content

1E 23.11 (SaaS)

Supported Platforms

A list of all the platforms supported by PXE Everywhere, and the software required to allow PXE Everywhere Central and Responders to be installed or to work.

Please refer to Common client requirements for details of PXE Everywhere Agent client module of the 1E Client.

Category

PXE Everywhere Central

PXE Everywhere Responder

Notes

Windows OS
  • Windows Server 2022

  • Windows Server 2019

  • Windows Server 2016

  • Windows Server 2022

  • Windows Server 2019

  • Windows Server 2016

  • Windows 10 CB 21H2

  • Windows 11 CB 21H2

  • Windows 10 CB 21H1

  • Windows 10 CB 20H2

  • Will only install on computers running one of these OS.

Note

Installing PXE Everywhere Central on domain controllers is not a supported configuration.

Note

A server OS is recommended for PXE Everywhere Responder.

Web servers
  • IIS 10

Not applicable.

For PXE Everywhere Central:

  • You must have one of these Web server versions installed.

  • The installer must be run on the system hosting the Web server as it deploys the PXELite website on it.

  • Requires the following OS roles and features:

    • Web Server (Web-Server)

    • ASP.NET 4.5 or later (Web-Asp-Net45)

Runtime libraries
  • .NET Framework 4.8

  • Visual C++ 2013 Redistributable

  • Youmusthave one of these .NET Framework versions installed to install PXE Everywhere Central

  • PXE Everywhere Responder installer includes the redistributable package for Visual C++ 2013.

Boot Image OS
  • Windows Server 2022

  • Windows Server 2019

  • Windows Server 2016

  • Windows 10 CB 21H2

  • Windows 11 CB 21H2

  • Windows 10 CB 21H1

  • Windows 10 CB 20H2

Not applicable.

  • UpdateBootImage.exe is supported only on these client OS. The Admin Tools feature of the PXE Everywhere Central installer installs  UpdateBootImage.exe  , which uses the native Configuration Manager API used to generate boot media.

Configuration Manager
  • MECM CB 2303

  • MECM CB 2203

  • MECM CB 2111

  • MECM CB 2107

  • MECM CB 2103

  • MECM CB 2010

Not applicable.

  • You can install PXE Everywhere Central on a Configuration Manager site server, or on any other server with IIS installed and good connectivity to the Configuration Manager database, ideally equivalent to the connection the site server has to its database.

Constraints of Legacy OS

In this documentation, the following are referred to as legacy OS. Below are described some known issues for these OS.

1E does not provide support for 1E products on the following OS unless the OS is explicitly listed as being supported for a specific 1E product or product feature. This is because Microsoft has ended mainstream support for these OS or they are not significantly used by business organizations.

  • Windows XP *

  • Windows Vista

  • Windows 7

  • Windows 8.0

  • Windows 8.1

  • Windows Server 2003 *

  • Windows Server 2008

  • Windows Server 2008 R2

  • Windows Server 2012

  • Windows Server 2012 R2

Note

1E Client 23.11 and later will not install on Windows XP and Windows Server 2003. Please contact 1E if you intend to continue using any of the other legacy OS. If you experience an issue, then please try replicating the issue on a supported OS.

For Microsoft product lifecycle details, please refer to https://support.microsoft.com/en-us/lifecycle/search.

Certificate limitations - expired root certificates

Ensure that your Root CA Certificates are up-to-date on clients and servers. The Automatic Root Certificates Update feature is enabled by default, but its configuration may have been changed or restricted by Group Policy Turn off Automatic Root Certificates Update.

If this GPO is enabled, then you will see DisableRootAutoUpdate = 1 (dword) in HKLM\Software\Policies\Microsoft\SystemCertificates\AuthRoot.

Certificate limitations - signing certificates missing

On Windows computers, the installation MSI files, and binary executable and DLL files of 1E software are digitally signed. The 1E code signing certificate uses a timestamping certificate as its countersignature. 1E occasionally changes its code signing certificate, and uses it for new releases and patches for older versions, as shown in the table(s) below.

Root Certificate Authorities are implicitly trusted to validate certificates, and their certificates must be correctly installed to do this. Your computers should already have the necessary root CA certificates installed, however this may have been prevented by your organization's security policies, or inability to connect to the Internet, or they are legacy OS. In general this is not an issue because by default Windows allows software to be installed and run without validation, although you may see a warning or experience a delay. However, you must have relevant CA certificates installed if you are using 1E Client (which self-validates its own files), or your organization has applied more secure polices (for example UAC, AppLocker or SmartScreen).

Typical reasons for issues with signing certificate are:

  • If your organization has disabled Automatic Root Certificates Update then you must ensure the relevant root CA certificates are correctly installed on each computer

  • If computers do not have access to the Internet then you must ensure the relevant root and issuing CA certificates are correctly installed on each computer, numbered in the table(s) below.

The signature algorithm of the 1E code signing certificate is SHA256RSA. In most cases, the file digest algorithm of an authenticode signature is SHA256, and the countersignature is a RFC3161 compliant timestamp. The exception is on legacy OS (Windows XP, Vista, Server 2003 and Server 2008) which require the file digest algorithm of an authenticode signature to be SHA1, and a legacy countersignature.