Have numerous different servers (primarily Dell) that we are installing through pxeboot. After the OS is installed the first time, the UEFI boot sequence is automatically changed to allow the OS to load as the first boot option.
This works fine for regular people that want to build a single host one time, but in lab environments where things are continually rebuilt, this causes a large sore. Is there anyway to disable the OS install from changing boot order in UEFI after an install.
This article talks more regarding it https://arstechnica.com/civis/viewtopic.php?f=21&t=1474353 and it is discussed that it is potetnially the uefi specification but no affirmative answer on this.
Is there a way to not allow the UEFI Boot Sequence to be modified after installing an OS?
The option to modify efi boot order is in the uefi specification. You could indeed create a firmware that ignores this part, or has an option to reset it. (Reach out to the manufacturer, Dell for this)
As a work around you could reset this from the OS at least in linux you can use efimgr to change the order.
Another option to consider could be that many machines have the option for different boot order depending on network start or not. That is normal startup uses the normal efi order, however if the machine is "started over the network" with WOL then the "network boot order" is used instead. - This could then be used to instead of restart of the machine, shut it down and then start it remotely.