Cloud stories: Groupwise to Office 365 (part 3)

office 365 cloudIt’s been a while since part 2 of our Groupwise to Office 365 story but without further ado here’s the promised part 3 of our migration story…

How much to migrate?

Before figuring out how to move the data the first thing was to decide what we wanted to migrate. Starting from the basics the first question was “do we need to take anything?”

Starting from ground zero and providing users with an empty Office 365 mailbox would’ve been the easiest method. However it’s also the least helpful for staff as they need access to historical data so that idea was soon dismissed.

The next question was whether we could take a subset of the most recent data and keep the rest in an archive. In the end we decided that would be just as much work as moving everything and it was soon obvious we’d need to migrate complete mailboxes. Even the largest ones were a fraction of the 50GB per user we get on Office 365 so no worries on the space front, just a matter of deciding how to do it.

Tools of the trade

My colleague investigated various migration tools but not many work with GroupWise, which narrowed down the field pretty quickly. We also didn’t want to go to the trouble of doing double migration going from GroupWise > an in-house Exchange server > Office 365 as some Microsoft documentation suggested as an option. Quest produce a migration product that seemed to be the cream of the crop (and also recommended by Microsoft) but it also had a price tag to match. As one of the reasons for moving away from GroupWise was to reduce costs paying through the nose for a migration tool seemed counter-intuitive, so we went for the next best option…

Kernel Office 365 Migrator for GroupWise

kernel logo

This tool made by Nucleus Technologies offered us the core functionality of moving GroupWise data directly into a fresh Office 365 mailbox but at a fraction of the cost of Quest, just what we needed! However it did need a bit of ingenuity to do the end-t0-end migration process.

The tool itself was pretty simple to use and worked well with our migration method of going team-by-team, 20 or so users at a time in batch mode (usually running overnight). Batch processing mode allowed us to set off a list of users to be migrated overnight and worked well. We did hit a couple of snags but soon ironed them out:

Missing items

Initially we found some issues with a couple of mailboxes where email and calendar items were missing. We soon narrowed this down to inconsistencies in the mailboxes themselves and found that running GWCHECK before the migration process ensured a complete migration of all data.

Slow migration speeds

Although our 100Mb JANET connection had plenty of spare capacity we found the upload speed to Office 365 was quite slow. Reading the Technet forums suggests Microsoft limit upload speed into Exchange Online so bear this in mind and allow plenty of time for mailboxes to migrate, esepcially for very large (2GB+) mailboxes. Most of our migrations were started at 5pm so they’d complete for the following morning. There’s some more detailed information on the throttle rates at

Close the old mailbox

After the migration is complete ensure that the GroupWise mailbox is closed so the user can no longer login to it. Although users were notified that their accounts were being migrated and to use Outlook at next logon some still used the old GroupWise client by mistake.

Coexistence and the need for customisation

With nearly 1000 mailboxes to migrate, an Office upgrade to deploy and hundreds of users to train there was no way that a “big bang” changeover would be feasible. As a result we needed to run Office 365 and GroupWise side-by-side for a couple of months while users were moved over.

Our workaround for this was to use a forwarding rule on migrated mailboxes, which allowed GroupWise to continue serving mail for users still on the existing system whilst sending migrated users’ mail to Office 365.

The only problem with this plan was that GroupWise doesn’t allow rules to be configured on the server side, in fact they have to be done from the client GUI. Doing this manually for each user was going to take a lot of time and effort, as well as opening up additional risk due to human input error. We needed a better way…

AutoIt to the rescue

autoitI’d done some work with AutoIt in the past to automate a couple of particularly awkward software installations – in this case its ability to script window controls made it the perfect fit.

Along with the main installer also grab the enhanced version of the SciTE editor (I personally find it nicer to work with).

Previously I’d used AutoIt in quite a basic way using the recorder tool to grab a series of keypresses. Although this method often works I wanted to make the process a bit more robust if possible.

Squirreled away in the AutoIt program folder is the very useful window info tool that can be used to find the exact ID of particular buttons in dialog boxes, as well as window titles (more on that in a moment)

Run it from C:\Program Files (x86)\AutoIt3\Au3Info.exe and drag the finder tool onto an open window.

I created the tool to accept two command line arguments for the username and password of the GroupWise user (our GroupWise accounts weren’t linked to eDirectory and wouldn’t be used again after migration so no problem resetting passwords on those).We also needed to reset the GroupWise client settings to ensure the GUI was in its original state for the AutoIt code to run as expected.


$CmdLine[0] ; Contains the total number of items in the array.
$CmdLine[1] ; The first parameter.
$CmdLine[2] ; The second parameter.
$username = $CmdLine[1]
$password = $CmdLine[2]

We also need to include the Function for the WinWaitActivate command. The AutoIt recorder tool sets this up itself so I created a blank script and grabbed the function from it.

Func _WinWaitActivate($title,$text,$timeout=0)
 If Not WinActive($title,$text) Then WinActivate($title,$text)

I also set up some variables to make the GWIA email forwarding command that my colleague had researched:

$rulept1 = "web-mail.gwia:"
$rulept2 = ""

The next stepwas to run the GroupWise client (we built a dedicated Windows 7 32-bit VM so I knew the path would be OK). The last parameter ensures the client forgets the previously logged in user and always asks for credentials:

Run('"C:\Program Files\Novell\GroupWise\grpwise.exe" /@u-?')

Interestingly I still needed to add a mandatory 5 second load delay or the WinWaitActivate command didn’t work consistently. Reading back now using the WinWaitActivate function’s timeout option may have been a neater way of achieving the same result but either way it works as-is. A longer timeout value may be required on slower machines.

Sleep (5000)
_WinWaitActivate("Novell GroupWise Startup","")

Next part used the window info tool to find the IDs of the username and password fields then press Enter to login

ControlSetText("Novell GroupWise Startup","",1002,$username)
ControlSetText("Novell GroupWise Startup","",1003,$password)

Once logged in use keystrokes simulating the keyboard shortcuts of the client to open the Rules page (Tools menu, Rules) then create a new rule called Forward to Office 365

_WinWaitActivate("Novell GroupWise - Mailbox","")
Sleep (10000)
_WinWaitActivate("Open the Address Book","")
_WinWaitActivate("New Rule","")
Sleep (2000)

The code above creates a “Forward as Attachment” action for Received mail (use this to ensure the email gets to Office 365 in its original form).


I then push the forwarding rule (made up of the variables outlined earlier) into the command text box, with the username parameter sandwiched in between then press enter.


At this point we soon realised that many users had created their own rules, however our forwarding rule always needs to be at the top to be effective.

First we save the rule from earlier by clicking OK in a couple of dialog boxes:

ControlClick ( "Forward", "", 1)
_WinWaitActivate("New Rule","")
ControlClick ( "New Rule", "", 1)

The next step might make some programmers cry but a quick and easy solution was to press the “Up” button in the Rules GUI an arbitrary number of times (I chose 10) which forces the newly created rule up to the top. Repeat these two lines another 9 times ;)

Sleep (500)

When done exit the Rules window and exit GroupWise

ControlClick ( "Rules", "", 2)
_WinWaitActivate("Novell GroupWise - Mailbox","")

At that point I compiled the code into an EXE then it was a case of either launching the tool from a command line e.g.

C:\forwardtool\forward.exe auser password123

Or for batch processing put the login details in a CSV file and launch from PowerShell. Using PowerShell for the CSV side saves re-inventing the wheel in AutoIt to do the same thing and lets me use the command in two different modes.

$list = Import-Csv "C:\inputfile.csv"
foreach($entry in $list) {
    $username= $entry.username
    $password = $entry.password
    $exe = "C:\forwardv4.exe"
    $params = $username, $password
    $process = [Diagnostics.Process]::Start($exe,$params)

I then sat back, very pleased and slightly amazed as it chewed through the accounts, saving us loads of manual effort and avoiding typo-related issues too :D

Save yourself from insanity… Dynamics CRM 2013 setspn unknown parameter

Sometimes in IT you get tasks that can drive you to the brink of madness, fortunately this series of  posts should help before you end up like the chap on the right >>>

Bizarre problem of the day goes to the setspn command that is recommended as part of a Dynamics CRM 2013 installation. I prefer to set up commands with multiple parameters in Notepad before putting them anywhere near the command prompt so did the same as usual with setspn having read the online documentation and added the required options.

I then fired up the command prompt, pasted in my carefully crafted string and… nothing… setspn spat it back at me saying the parameters entered weren’t recognised despite showing an example with exactly the same syntax!

Just to be sure I started cmd again, making doubly sure I’d ran it as elevated, under the correct user, removed any trailing spaces etc. but still no joy :(

Finally I thought I’d try typing the command in just in case I was somehow picking up a stray character from the copy \ paste operation… success!

Moral of the story… type this one manually

I’ve never seen anything like it before but bizarrely it seems typing the command manually is the only way to get it to work. Verifying with setspn -l confirmed the records had entered correctly, definitely one for the weird fixes list…

We had to re-install CRM today when moving to a production environment; I forgot about the trick and re-found (!) the solution via TechNet forums, seems I wasn’t alone in experiencing the issue:

Office 365 Student Advantage end-to-end guide

office 365 cloud

One of the (many) additions to our IT provision we’ve made over the summer was to enable Office 365 accounts for all our students, having finished migrating all staff over at the end of July.

One of the key drivers was so that they could access the Student Advantage component of the offering i.e. Office 365 ProPlus.

I was going to write a longer, more detailed post but realised James B Marshall has done most of the hard work, although the links can be a bit scattered so thought I’d bring it all together here, along with a couple of real-life screenshots from our activation process.

The first three links you want are James’ guides, read these first to get an overview of the process:

How do I get Student Advantage in Office 365 Education – part 1
How do I get Student Advantage in Office 365 Education – part 2
How do I get Student Advantage in Office 365 Education – part 3
Student Advantage Deployment Guide

Disclaimer: as you can guess I don’t work for Microsoft and anything written below is based on my experiences only.
If in doubt contact your software license reseller or your Microsoft account manager!

Your EES agreement

A key requirement of getting your Office 365 licenses is to have a valid agreement covering all your staff. If you’re new to EES also make sure your reseller uses the Eduserv agreement to get the best pricing.

You need to ask your reseller for the Office 365 licenses to be added to your agreement; both for the free plan A2 (now known as E1) for Faculty \ Students as well as the (additional) Student Advantage licenses.

When renewing \ setting up your agreement make sure you fill in your primary contact details carefully. The activation email for your Office 365 accounts will go to the primary account contact unless you specify a separate licensing contact on the form.

You might need to do this if your agreement is ordered by someone outside of IT and they get put down as the primary contact. This is important as it can be difficult to track down those activation emails later on if they’ve gone to a user who isn’t expecting them.

ees contact info

Contact information page from EES enrolment form


Activating your licenses and checking VLSC

Once your EES agreement is processed you should see two things

  1. your licenses will appear in VLSC in the Agreement Summary
  2. you’ll receive an email (or two) to activate your Office 365 licenses

Sometimes the Office 365 licenses might take a week or two longer to come through compared to when your new EES agreement goes live. If you don’t see anything after 14 days it’s worth checking with your reseller \ Microsoft that everything has gone through OK.

To check VLSC log in with the nominated Microsoft account you use to manage your licenses then head to Licenses > License Summary

VLSC license summary

Then look down the list for the Office 365 licenses as highlighted below:

I've snipped this screenshot as we have a lot more licenses in the list!

I’ve snipped this screenshot as we have a lot more licenses in the list (click to enlarge)


So now you just need that activation email… although you might have already received it but not realised. You might initially think it would be branded from Office 365 but it’s a lot more subtle and could easily be mistaken as a confirmation email for your VLSC access. Watch out for the magic words Microsoft Online Services Team

Here’s what the subject line looks like in your inbox:

student advantage subject line

And here’s the message body:

student advantage message body

make sure your browsers aren’t logged into anything before clicking!

As per James’ instructions the email offers you two choices:

1) Use an existing account (if you’ve already set up an Office 365 tenancy and just need to add licenses to it)
2) Create a new account (if you’re new to Office 365)

There are some warnings about making sure you’re signed out from all Microsoft accounts but I’ll mention it again…

*** be 100% sure you’re signed out of all your accounts before clicking any links! ***

Be very paranoid here, especially if you’re already using Office 365 for your work account (even worse if you’ve opened the email in OWA rather than the Outlook client)

If the link finds anything apart from your Office 365 admin account logged in when it opens in the browser those licenses will disappear into the void and you’ll need to go the long way round Microsoft support to get it sorted out.


Enabling your licenses

If all goes well you should see this in your Office 365 admin panel under Billing > Licenses

office 365 licenses

Now you could go through all your users in the Office 365 admin site, click each one and assign the licenses by ticking the required boxes but that’s far too much like hard work! Fortunately PowerShell comes to the rescue :)

There’s a useful article that explains how to log into Office 365 remotely, the commands to use and even provides some pre-made scripts for you to work with – nice work! 

The only thing to note from our experience is that the SKU names have your organisation’s tenancy at the start so if you’re scripting use the Get-MsolAccountSku command first to double-check what yours are listed as.

student advantage powershell
We used this snippet to add the Student Advantage licenses to all existing Office 365 accounts that had the A2 Student license set:

Get-MsolUser -All | select UserPrincipalName,Licenses | Where-Object {$_.Licenses[0].AccountSkuID -eq "YOURORG:STANDARDWOFFPACK_STUDENT"} | Set-MsolUserLicense -AddLicenses "YOURORG:OFFICESUBSCRIPTION_STUDENT"

Replace YOURORG with the correct result from the Get-MsolAccountSku command above
Also remember you need to connect to an Office 365 session first using the instructions here

The students’ view

With the licenses assigned it’s worth trying out a sample account see what the user experience is like for those trying to access their software. Here’s a quick run-through:

When students sign in they can either use the old link to go directly to the software page (we used it in our user guides and looking back at James’ instructions he does the same)

Alternatively if you’ve set the new Office 365 Start page as the default view when users log on the links to install Office 365 ProPlus will appear (providing you’ve assigned the licenses correctly ;) )

student advantage install 1
The executable is a small Click-to-Run installer that gets users up and running nice and quickly.
There’s a bit of download activity at the start as the installer streams down to the machine

student advantage install 2
Soon you’ll see a welcome screen (pictured) followed by the usual Use Recommended Settings box (not pictured). Also note the notification tray icon and progress message in the corner:

welcome to Office

Now the important bit, students need to sign in using their Office 365 account to activate the license:

sign in

if the account is valid it’s just a matter if time for the full installation to complete but Office is now ready to roll!

student advantage install 7

Installation errors

Although Microsoft say that the click-to-run installer should behave itself alongside other versions we’ve sometimes found that isn’t the case. In those situations the safest bet tends to be removing any old versions using the Microsoft FixIt tools

Office for Mac

Update: as promised here’s some Mac screenshots

Microsoft do have some guides available but Office 365 version doesn’t show all the steps and the Office 2011 version doesn’t show the sign-in option so I figured might be useful to put everything on one page :)

The main difference when installing is that there’s no click-to-run version for Macs, you have to download the full Office 2011 DMG file (a shade over 600MB)
Once it’s downloaded click to mount it and run from the CD icon on the desktop


Click on Office Installer from the window that appears then acknowledge the security warning by clicking Open



Click through the first couple of screens with the default options to accept the license agreement and install location.
The setup process should go through cleanly and show the success screen



Once the installation is complete the Office Setup Assistant will launch, which is where you activate the product.

Don’t start any Office programs until you’ve completed this step otherwise you’ll end up having to complete the activation process several times.

setup assistant

The next step is important as some people may think they need a product key at this point. Instead you need to click Sign in to an existing Office 365 subscription


When the email address box appears the student will need to enter their college-provided email address and password

Office 365 for Mac sign in screen   sign in

If sign-in is successful complete the final personalisation screen then you’re good to go!

personalize   complete

Other platforms

On top of the standard Office ProPlus for Windows students can also use their subscription to download apps for Mac, iPad \ iPhone, Android phone (with hopefully an Android tablet version coming soon).

If I can get my hands on a couple of spare devices I’ll add a few screenshots from those as well but the idea is pretty much the same each time; as long as the student knows their Office 365 username and password they’re good to go.


If a user tries to install on more than 5 devices they have to deactivate one of them before installing on another device as per



HD videoconferencing kit for Lync and beyond

With our Office 365 migration complete for all users at the college we’ve started to turn our attentions to integrating Lync into our environment. One of our aims was to provide conference calling between the multiple sites the college is based across. These days the consumer world does 1:1 video calling with ease but we also wanted to have a system set up so a full room of users could connect across sites easily, without needing everyone signed into individual devices to do it.

Previously this kind of requirement would have seen 3rd party vendors’ eyes light up with pound signs; however with the software side now covered by Office 365 \ Lync all we needed was some decent hardware.

I remembered an article I read a while back about Google’s Chrome Box conferencing system that seemed to be sporting some fairly commodity-level kit. This interested me as we basically wanted the same setup but with the opposite vendor supplying the platform. A glance down the comments suggested a Logitech camera and Jabra conference mic, if it’s good enough for Google to support an HD system under their brand then it’s good enough for us!

Kit list

Both the Logitech camera and Jabra mic are part of Microsoft’s Lync-certified hardware compatibility list
Interestingly the Logitech camera appears in quite a few of the “Room Systems” from partner suppliers which further enhances its credentials.

Logitech C930e conference webcam

Jabra SPEAK 510MS mic

D-Link 7 port powered USB hub


Although the kit was purchased with Lync as the primary objective the timing worked out well for us; during last week we were asked to set up our conference room for a variety of web demonstrations and video calls. In each case the scenario was exactly as originally planned above; a room full of people all needing to provide input during the call.

With a deadline set the unboxing and setup commenced:

shiny new kit ready to go

shiny new kit ready to go

In terms of hardware the system is basically plug-and-play, although I did install the optional software for both pieces of kit that give some additional status reporting (Jabra) and camera control (Logitech).

The hardest part in our room was running the USB for the mic as the cable run is pretty much on the limit of the 5m USB limit. The powered USB hub will give us a few more options, maybe mounted underneath the conference table in the long-run. Alternatively something like an active USB extension cable can get around the 5m problem.

Logitech c930e

In terms of physical installation the camera sat securely on the top of our SMART E70 screen. The mounting clip has multiple pivot points which help it stay in place at both back and front of the screen you’re placing it on, which is a nice touch. There’s also a lens cap that can be fitted for when you definitely don’t want video being shown, again shows a bit of thought has gone into the design.

One hooked up the first thing that struck me about the camera is the wide field of view compared to standard webcams. It’s definitely an advantage in our setup, easily covering the full length and width of our conference table which has ~12 people around it when fully populated.

Video quality was smooth, something you don’t get with some cheaper cameras.  With standard lighting colours looked crisp, I did close the blinds at the far end of the room as bright sunlight coming through caused problems.

Initially the auto focus took a bit of time to adjust to the room but it got there after a couple of seconds, at which point all users around the table were clearly visible. The only downside is no optical zoom, although you can use the digital zoom via the camera’s control panel the results weren’t great (as you’d expect). For this reason you’ll need to use the c930e as a fixed camera; if you want something that’s going to move around for close-ups on an individual you might be better served by the Conferencecam BCC950 but it comes with a heftier price tag.

Audio wise the C930e covered the front half of the room well enough but volume dropped off towards the back. I was expecting that to some extent which was why I preferred a separate conference mic that could be placed at the centre of the audio source. In a smaller room you’ll likely be fine with the C930e’s mic alone.

Jabra Speak 510MS

The Jabra 510MS really impressed me; audio was clear from all areas of the table without fuss. The biggest challenge is running a suitable length USB cable as our conference PC is on the other side of the room, however as mentioned above a mixture of either USB hub or active extension cable should do the trick.

The UFO-esque design is rather unusual but I like it, little LEDs light up around the circumference of the device when you press input buttons and there’s also additional indicators for charging and Bluetooth. Sometimes it’s easy to knock the capacitative buttons by accident but easy enough to get back to where you were before.

Audio-wise the microphone worked perfectly, easily picking up users at both ends of the table. On conferences the user at the other end reported clear audio with GoToMeeting and Skype. My first test with Lync had the desktop client reporting “echo detected” but there does seem to be a fix listed in the latest firmware release notes so will run the update and try again to see if that solves it.

The 510MS does have a built-in speaker, although it did sound a bit on the tinny side. I’d recommend using a more powerful set of speakers for delivering audio (in our case a sound bar) but it’s basically a case of using the best tool for the job.


For both parts of the system you’re looking at around £200 to kit out a room, which for HD video \ audio is a fair deal I think. If you don’t need to cover a room full of people there are more affordable options out there, including a stand for your existing tablet ;)

Office 365 watch – Summer 2014

Over the summer Microsoft have made some handy changes to the Office 365 UI. Some of the new additions are features I’ve wanted to see for a while and have come on board just in time for the start of the new academic year.

Start page

The lack of a coherent start page that allowed users to perform common tasks was something that seemed an odd omission from the product and didn’t make life easy for users. Previously the Office logo went off to a product page that was pretty pointless (and quite annoying). Good to see that the link now goes somewhere useful; the start page now allows users to create documents, access the key features of 365 and install Office ProPlus (if licensed).

Office 365 start screen

the new Office 365 start screen

The quote of the day is also quite amusing, albeit in a David Brent kind-of-way ;)

You can set the preference for whether you see the new start screen as the home page for all users in Office 365 settings; it’s also configurable on a per-user basis. There’s a nicely-made video on YouTube that shows where to do this if you’d like to see how…

Menu improvements for touch

The main navigation bar has doubled in size, which should make working on touch devices much easier. Noticed this rolling out last week, first appearing in OWA but now seems to be consistent across the whole O365 suite. Microsoft also allowing branding and some customisation of the menu which is a nice bonus.

Upload limit increased on OneDrive for Business

When testing out OneDrive for Business I found the 2GB file limit a bit restrictive, particularly if working with video where file sizes can balloon quite quickly. Fortunately Microsoft have upped the limit to what seems to be 10GB (based on what I’ve read elsewhere). Along with the 1TB storage upgrade means OneDrive for Business is right up there again with the competition; granted Google Drive can upload up to 5TB but good luck putting that through your internet connection!

A few more requests…

Now that MS seem to have caught up my previous wish lists here’s a few more I’m hoping for:

  • Easily visible storage meter for OneDrive for Business
    Granted it’s not so important with 1TB storage per user but it should be easier to see how much space you’ve used, either on the Start Page or front screen of OneDrive please.
  • Simpler file management in OneDrive for Business
    It’s still rather clunky to move files between folders using the web UI in OneDrive, probably something that’s due to its SharePoint origins but does require improvement.
  • OneDrive for Business client
    The desktop client is still crying out for a next-generation upgrade. It definitely needs to be more intelligent in terms of how to deal with what could potentially be 1TB of sync data and integrate more smoothly with the operating system as a coherant whole. I’d also like to see the Modern UI and Desktop versions of the app working as one rather than separately, might have to hold out until Office 2015 for progress there though

100,000 views and counting!


Hot on the heels of the 100th post I noticed the other day that I’ve also hit over 100,000 views so thought it deserved a little celebration.

When I first started this I wasn’t even expecting 100 views and thought the blog would just serve as a personal memory bank, looks like it’s proved useful to people too which is an unexpected bonus :) Thanks for reading and all your comments, now onto the next milestone of 250,000!

I wasn’t sure if celebrating 0x186a0 views was going to have quite the same headline effect…

Solving PXE boot problems on ZCM 11

pxe boot blogDuring the last week I’ve been having a look at ZCM 11.3 in preparation for when we upgrade our production zone from 11.2.3a. I wanted to check that imaging was still going to work in the same way as before as well as testing some of our new hardware that doesn’t work with the current PXE drivers.

The test environment makes use of some of our old server and comms kit including some Dell PE2950 servers running ESXi hooked up via Cisco 3750 switches.

The DHCP server was installed on a Windows Server 2012 R2 virtual machine.
I downloaded the ZCM 11.3 appliance, imported it and ran through the setup wizard, all pretty painless so far.

With the zone configured I then tried to PXE boot a client PC but it disappointingly failed with an error

“PXE-E51 No DHCP or DHCP Proxy Offers received”

In the end a series of fixes were required to get PXE working, not all of them present in the official Novell documentation so I figured it might be useful to pull everything together in one place

Server services

By default the ZCM server doesn’t have the Proxy DHCP service enabled. Without this you’re going nowhere so log onto the server with Putty \ console and type the following

service novell-pbserv start

check it with

service novell-pbserv status

While you’re there it’s also worth setting it to auto-start using chkconfig otherwise it’s an easy step to forget if you reboot the server at some point in the future.


The appliance also ships with the firewall enabled but this seems to block PXE boot (!)
Solution: turn it off using the YaST tool (console onto the GUI of the ZCM server for this)


VLAN environment pre-requisites

My dev environment was set up as a series of VLANs, in this scenario make sure you have ip helper-adress configured on each VLAN interface. According to the Novell documentation you need two entries, one for your DHCP server’s address and the other for the ZCM server that’s providing the PXE service.


You also need ip-forward rules set up on your router \ L3 switch

ip forward-protocol udp 67
ip forward-protocol udp 68

Cisco switch port settings

Despite all the fixes above the client device still wouldn’t boot from the network and was beginning to wonder if it was ever going to work. The missing link was that Portfast needs to be enabled on Cisco switches (might apply in a similar way to other vendors) to ensure the port comes up quickly enough for the PXE service to work.


PortFast has been known to have been switched off and this has caused issues on the PXE boot sequence. PXE tends to boot faster and request DHCP faster than the switch can handle.
PortFast has been enabled so that the Switch can start talking to a device without going through the process of waiting for the switch and device to decide what speed they will communicate, by enabling Portfast the switch will open the port and enable packets to flow.
The normal time period for the Switch to open up a port is around 30 seconds, with PortFast enabled the clients can start talking as soon as they are switched on, and in the case of PXE boot services it would not wait for 30 seconds.

Troubleshooting tips

The server logs can be useful to help figure out how far along the path the packets are getting (or not) so you know if the problem is on the networking side or the server. To check if your DHCP requests are getting through have a look in


and you should see a line like this, where 192.160.0.X is the server VLAN’s IP address.

Received packet on
Received packet on 192.168.0.X:67 from relay agent 192.168.0.X

You should also be able to see workstation information as they check in to the imaging system, this log file is a little further into the folder tree



Get every new post delivered to your Inbox.

Join 50 other followers