iPXE Anywhere 2PXE Server
3.6
3.6
  • Start Here - 2PXE Server 3.6
  • Introduction
    • 2PXE Overview
    • Technical Overview
    • Release Notes
  • Proof of Concept
    • Objectives & Prerequisites
    • Install and Configure 2PXE
    • Testing and Validation
    • 2PXE POC Quick Checklist
  • Planning
    • Planning Your Implementation
    • Permissions
    • Firewall Considerations
    • Antivirus Exclusions
  • Installation
    • 2Pint PXE Server Manual Installation
    • Unattended Installation
    • 2PXE Post Installation Checks
  • Configuration
    • 2PXE Server Configuration File
      • Configuring the 2PXE Request Handlers
    • DHCP Configuration
      • Using DHCP Scope Options
        • Overview - DHCP Scope Options
        • Creating DHCP Scope Options
          • Manually Creating DHCP Scope Options
      • Using IP Helpers
    • Booting custom entries in 2PXE menu
    • iPXE 802.1x Integration
  • Troubleshooting
    • Overview
    • Multi NIC and trunks implementations
    • Custom entries in WinPEShl.ini
    • DP Package Share IIS Permissions
  • Reference
    • iPXE Console Commands
Powered by GitBook
On this page
  • Configuration Manager Permissions
  • Distribution Point Package Share IIS Permissions
  • Allowing Access to the Configuration Manager SQL Database
  • Security without Configuration Manager
  1. Planning

Permissions

PreviousPlanning Your ImplementationNextFirewall Considerations

Last updated 7 months ago

Configuration Manager Permissions

Distribution Point Package Share IIS Permissions

Please see which addresses a recent IIS permission issue which can result in access denied errors when a client attempts to download a boot image.

Allowing Access to the Configuration Manager SQL Database

2PXE uses SQL as the fastest way to retrieve boot actions for a system. Add the service account (default the machine account of the Distribution Point) to the ConfigMgr_DViewAccess local group on the Configuration Manager Site Server. Members in this group have the required access for using distributed views against the Configuration Manager database. The account only requires read rights and can be further locked down if necessary.

Security without Configuration Manager

If you are not using Configuration Manager then the only security related issue is to ensure that the boot URL returned from the PowerShell command is accessible with anonymous security or by using an ACL and the iPXE Network Access Account.

this link