• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    Active Directory OU aliases

    Scheduled Pinned Locked Moved Feature Request
    5 Posts 3 Posters 3.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • mosesM
      moses
      last edited by moses

      We have multiple OU destinations for computers joined to our domain via FOG, and right now I’m using a text file as a cheat sheet for those OU paths, which I copy and paste into the host settings.

      What would be nice is if we could define aliases to use for each OU, rather than having to type/paste the full OU path each time we set up a new host, or not have to put them in the same OU every time.

      Perhaps aliases could be defined in FOG settings, and then the user could select from a dropdown list in the Active Directory settings for the host? Correct me if I’m wrong, but this would be as simple as a constant being defined for the OU path string when the user creates an alias.

      1 Reply Last reply Reply Quote 0
      • Tom ElliottT
        Tom Elliott
        last edited by

        You could write a plugin to change how OU’s are displayed to the screen.

        If it’s any help, however, you CAN create an array of aliases in FOG currently which would allow you to choose a select box rather than type in the OU to each host.

        For example:

        in the DEFAULT OU listing you would create a select dropdown list of OU’s by writing out each full ou string, and separating each one with a |.

        You designate a “default selected OU” by trailing the string with a ;

        For example:
        OU=TestOU,OU=Groups,DC=MASTACONTROLA,DC=local;|OU=TestOUÄ,OU=Groups,DC=MASTACONTROLA,DC=local

        Separates the different OU’s into a select box that looks like:
        0_1497449963002_ea163ca6-700b-484e-9e13-df38e537f706-image.png

        You will also notice that the item that’s selected is also the item that has a trailing ; on it.

        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

        1 Reply Last reply Reply Quote 0
        • george1421G
          george1421 Moderator
          last edited by

          We have a fairly complex OU structure at my company. The OU is calculated at deployment time based on the location (city) the image is being installed at, what form factor the target computer is (desktop, portable), and the hard disk image being deployed (lab, kiosk, workstation). Because of this complexity we don’t let FOG connect the target to the domain, but instead we use a FOG post install script to calculate the proper OU path and then it updates the unattend.xml file on the target computer. We do something similar for the computer name, but that’s a bit off point.

          I just wanted to show you that there ARE other ways to manage a complex environment than with FOG’s native tools.

          Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

          mosesM 1 Reply Last reply Reply Quote 0
          • mosesM
            moses @george1421
            last edited by moses

            @george1421 I’d be really interested in your setup, because that’s exactly what I would ultimatly want. Our setup would be much simpler, if it’s possible to do it this way, but we have several physical locations and one OU per location.

            How might I go about getting FOG to change the OU based on location? I am using the plugin. Might you be able to share a redacted version of the scripts you’re using?

            george1421G 1 Reply Last reply Reply Quote 0
            • george1421G
              george1421 Moderator @moses
              last edited by george1421

              @moses If you look at this post: https://forums.fogproject.org/topic/7740/the-magical-mystical-fog-post-download-script/6

              You’ll see how to identify the location by it IP address of where the FOS image is running.

              myip=`ip route get 8.8.8.8 | awk 'NR==1 {print $NF}' | cut -d "." -f1-2`;
              
              case "${myip}" in
                   10.1)
                       sitecode="NYC";
                       timezone="Eastern Standard Time";
                       oupath="ou=computers,ou=nyc,dc=domain,dc=com";
                       ;;
                   10.2)
                       sitecode="LA";
                       timezone="Western Standard Time";
                       oupath="ou=computers,ou=la,dc=domain,dc=com";
                       ;;
                   *)
                       # Default code for the unknowns
                       sitecode="CORP";
                       timezone="Eastern Standard Time";
                       oupath="ou=computers,ou=corp,dc=domain,dc=com";
                       ;;
              esac
              

              If you couple that with this post:
              https://forums.fogproject.org/topic/7740/the-magical-mystical-fog-post-download-script/7 you can see how I use sed to modify the unattend.xml script

              # Unattend.xml path (note the case specifics in the file name and path)
              unattendfile="/ntfs/Windows/Panther/unattend.xml";
              
              sed -i -e "s#<MachineObjectOU>\([^<][^<]*\)</MachineObjectOU>#<MachineObjectOU>${oupath}</MachineObjectOU>#gi" $unattendfile
              

              If someone wanted to merge all of the bits together from that tutorial into a script it might look like this.

              #!/bin/bash
              
              . /usr/share/fog/lib/funcs.sh
              
              # windows 7
              osdiskpart="/dev/sda2";
              
              # create a directory to hang the Windows C: drive partition on in FOS
              # the 2>/dev/null below just redirects any errors from the mkdir command to null. i.e.
              # if the directory already exists, I don't want to know about it, just hide the error. Understand
              # that I could have tested if the directory already existed, but that takes more programming steps
              # I'm just going to try to create it and ignore the error if it already exists. 
              
              mkdir /ntfs 2>/dev/null
              
              # This next command connects the hard drive partition to the directory we just created. You will see the
              # 2>/tmp/mntfail at the end of the mount command. In this case if the connection fails we want to write
              # the output to a text file we can review and test to see if it exists. If the file exists then something went
              # wrong with the connection to the hard disk partition.
              
              mount.ntfs-3g "${osdiskpart}" /ntfs 2>/tmp/mntfail
              
              # this last bit of magic checks to see if the mntfail file exists and if it does then it means the mount
              # failed so there is no need to continue on with the script. 
              mntRet="$?";
              if [ ! "$mntRet" = "0" ]; then
                  echo "Failed to mount C:";
                  # display what happened
                  cat /tmp/mntfail;
                  # give the reader a chance to see what the error was
                  sleep 12;
                  # terminate the post install script
                  exit 1;
              fi
              
              # Unattend.xml path (note the case specifics in the file name and path)
              unattendfile="/ntfs/Windows/Panther/unattend.xml";
              
              chassis=`dmidecode -s chassis-type`;
              chassis="${chassis%"${chassis##*[![:space:]]}"}";  #Remove training space
              chassis="${chassis,,}"; # Convert string to lower
              
              if [ "$chassis" = "laptop" ]; then
                  chtype="Portable";
              elif [ "$chassis" = "tablet" ]; then
                  chtype="Tablet";
              else
                  # We'll default every other chassis type to desktop
                  chtype="Desktop";
              fi
              
              # you may need to replace the host 8.8.8.8 with a valid target address if you have a closed network
              myip=`ip route get 8.8.8.8 | awk 'NR==1 {print $NF}' | cut -d "." -f1-2`;
              case "${myip}" in
                   10.1)
                       sitecode="NYC";
                       timezone="Eastern Standard Time";
                       oupath="ou=computers,ou=nyc,dc=domain,dc=com";
                       ;;
                   10.2)
                       sitecode="LA";
                       timezone="Western Standard Time";
                       oupath="ou=computers,ou=la,dc=domain,dc=com";
                       ;;
                   *)
                       # Default code for the unknowns
                       sitecode="CORP";
                       timezone="Eastern Standard Time";
                       oupath="ou=computers,ou=corp,dc=domain,dc=com";
                       ;;
              esac
              
              sed -i -e "s#<ComputerName>\([^<][^<]*\)</ComputerName>#<ComputerName>$hostname</ComputerName>#gi" $unatendfile 
              
              sed -i -e "s#<TimeZone>\([^<][^<]*\)</TimeZone>#<TimeZone>$timezone</TimeZone>#gi" $unattendfile
              
              sed -i -e "s#<MachineObjectOU>\([^<][^<]*\)</MachineObjectOU>#<MachineObjectOU>${oupath}</MachineObjectOU>#gi" $unattendfile
              

              Understand these are just snippets of code that are stuck together in some kind of logical order. The above hasn’t been tested. There are also some assumptions in this script as to the partition layout for win7. There are other scripts in other of my tutorials that does a better job of actually finding the ‘C:’ drive on the target computer. In the snippet above the fog client isn’t used to name the computer or connect it to the domain. The unattend.xml file is use for that. So you need to have the other bits in the unattend.xml file so the target is capable of doing what it needs. Like having a user account defined that is allowed to add computers to the domain and such.

              Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

              1 Reply Last reply Reply Quote 0
              • 1 / 1
              • First post
                Last post

              141

              Online

              12.3k

              Users

              17.4k

              Topics

              155.8k

              Posts
              Copyright © 2012-2025 FOG Project