Install and Configure Nomad in WinPE

Installs and configures Nomad in WinPE. Typically, to support the use of pre-staged content.

This custom action is available in the 1E Nomad task sequence actions.

Actions

Notes

When run, this task:

  1. Creates the Nomad registry values and sets the parameters passed from the task sequence action.

  2. Disables the firewall in the WinPE environment if set in the task sequence action.

  3. Self-installs Nomad.

  4. Configures registry COM.

  5. Enables multicast if set in the task sequence action.

  6. Starts the Nomad service.

This task sequence action:

  • Is specifically for use in WinPE and requires NomadBranch.exe, SMSNomad.exe and SNOttfps.dll to be added to the WinPE image (the NomadBranchTools.msi in Configuration Manager does this automatically).

  • Must be set as one of the tasks following Restart in Windows PE and before Apply Operating System.

Configurable parameters

Parameter

Default value

Description

Name

Install and Configure Nomad in WinPE

Name for the custom task sequence action.

Description

Action to Install and configure Nomad in WinPE

Description for the custom task sequence action.

Workrate

80

Sets the work rate. This is the proportion of available (free) bandwidth to use.

P2P Port

1779

Port used to broadcast election messages.

SpecialNetShare

8224 (0x2020)

Must be an integer. See SpecialNetShare for more information.

P2PEnabled

9

Must be an integer. See P2PEnabled for more information.

P2P Http port

5080

This option is only available if HTTP P2P has been enabled in P2PEnabled. It defines the port used for Nomad P2P communication over HTTP and must be the same value used on all Nomad clients.

P2P Https port

5443

This option is only available if HTTPS P2P has been enabled in P2PEnabled. It defines the port used for Nomad P2P communication over HTTPS and must be the same value used on all Nomad clients.

Use PKI cert for client auth

Disabled (unchecked)

Enables certificate-based client authentication, which requires a PKI-issued certificate. Selecting this option sets bit 0x2 of P2PSslSettings.

Use PKI cert for server auth

Disabled (unchecked)

Configures Nomad to use a PKI certificate for server authentication when HTTPS P2P is enabled (bit 0x40 set in P2PEnabled). If this option is not checked and bit 0x40 in P2PEnabled is set, Nomad will use a self-signed certificate for server authentication.

CompatibilityFlags

0x210000A

Must be an integer. See CompatibilityFlags for more information.

Log file size

10485760 (10MB)

Sets the maximum size for the Nomad log file.

Disable firewall

Enabled by default.

Disables the Windows PE firewall so that NomadPackageLocator and Nomad can communicate with other peers on the local network.

Use FIPS Encryption

Disabled (unchecked)

Sets EncryptionType to 0x1 (FIPS compliant encryption). This must be the same on all Nomad clients.

Enable Single Site Download

Disabled (unchecked)

Enables the SSD feature. For Nomad running in WinPE, sets the SSDEnabled registry value to 0x1 so that SSD is enabled, but the device will be set to just retrieve downloads via SSD and not to put themselves forward to provide content.

Max. machines from 1E Platform

10

The maximum number of devices (i.e. machines) with the content (package, application or software update) that Nomad can retrieve from Content Distribution in one call. The maximum value is 20.

1E Platform Background Channel URL List

""

This is a list of URL containing each of the 1E Platform Background Channels in your organization, and is normally the same list as used by your 1E Client devices. Please refer to BackgroundChannelUrl.

Note

Nomad clients connect to Content Distribution via 1E Switches and a proxy feature of Background Channel.

Non-Configurable settings

Setting

Default value

Description

P2PElectionWeight

10

Helps determine the outcome of Nomad elections. The higher the value, the more chances the device has to win the election.

EncryptionType

0

Determines the type of encryption used by Nomad for communications between Nomad peers.

DPNotAvailableCodes

0x205A, 0x205D

This registry entry contains a comma-separated list of return codes, see Nomad return codes for a list of the possible ones. If Nomad encounters one of these during download, it will attempt a retry from an alternative DP. It gets the list of possible DPs from Configuration Manager. The two return codes set as default are the only ones that are applicable to DP availability:

  • 0x205A – in valid special package path (set using --pp)

  • 0x205D – DP path not found

Under normal circumstances, you would not change this from the default value. You may want to not allow failover to an alternative DP altogether, in which case you would set the value to " " in the registry. Or you may only want to fail over if the DP path was not found, in which case you would set the value to 0x205D only.