@DBCountMan said in Secure LDAP authentication:

Do I need to have a cert that is trusted by my domain’s root CA in the FOG’s root store?

As far as I know, no.

@DBCountMan said in Secure LDAP authentication:

BTW the screenshot at the bottom of that thread you linked shows “Use LDAP SSL” but I do not have that option.

The last screenshot is from the 1.6-alpha version of FOG Server.

The screenshot in https://forums.fogproject.org/post/155590 is from the current stable 1.5.10.xxxx version and as you can see it uses 636 port.

@george1421 Just seeing if anyone else has had issues.

Haven’t purchased the new models yet.

Was hoping to confirm they’re compatible with FOG first, so thought I’d reach out and ask around.

Thank you!

@alterak If you know how to program linux bash scripts this is possible. You will need to edit a script called fog.man.reg that is in FOS Linux (the OS that runs on the target computer to capture/deploy images). I have a tutorial on modifying that program to set a default hostname. But the concepts you need to do what you ware are listed here: https://forums.fogproject.org/topic/14278/creating-custom-hostname-default-for-fog-man-reg

@alterak said in FOG operation in different network segments:

is there a possibility of automatic separation of locations,

I’m not sure I fully understand the question, but if you are asking can it automatically pick which location to select based on the IP address of the computer being registered. The quick answer is no, FOG doesn’t currently have that capabilities.

The bit longer answer is it could if you can be a little creative and can do a little linux bash script programming. In a nutshell, you can customize the bash script that is setup for full registration of computers. The basics of what needs to be done is covered in this tutorial: https://forums.fogproject.org/topic/14278/creating-custom-hostname-default-for-fog-man-reg

The IP address bit can come from this script: https://forums.fogproject.org/post/69725 This post is for getting the IP address to be used in a FOG postdownload script. But the concept will be the same for the fog.man.reg script.

@ingemedia We just released new experimental kernel/initrd. I included the r8126 drivers. I don’t have any devices to test with so would you be willing to test it and let me know?

@george1421 thanks for continuing to provide such detailed information.

I believe the best way to learn is to do, so i am going to go shopping for an SSD (and perhaps some RAM to be safe). Once I have everything in place, I am going to do a test run on our machines as well as those of an associate just to see what happens when the network changes. Following this, I will check back with you if you don’t mind to go through the results.

Hi mwestaph,

I am also new here but I believe I can take a crack at your image.
Snapins I feel are great, they automatically install after your machine is imaged. The other tool you would want to consider here are the “Groups” feature. While this isn’t a traditional group where new hosts inherit group settings, its a good way to apply settings on mass.

Here is my basic setup:
I have 2 images and 6 groups. I then onboard all of the client machines / hosts and assign them to the appropriate group. In the group setup, I then choose the correct image and snapins for that group. This applies these settings to all associated hosts (ie. All current hosts that are associated with this groups now have the same settings.)
The only downside currently is if you need to assign a new host machine to this group, you need to re-apply the image and snapin settings for the group to apply it appropriately to this machine.

Let me know if this helps and if there is anyone more experienced out there feel free to tell me if I am wrong.

Do you think writing this in fog.man.reg after line

[[ $exists != "#!ok" ]] && handleError "Unable to register host: $exists ($0)\n Args Passed: $*"

could do it :

host="" imageid="999" blDoAD="Y" realdoimage=$(echo -n 1 | base64) res="" user64=$(echo "fog" | tr -d '\012' | base64) pass64=$(echo "password" | tr -d '\012' | base64) while [[ $res != "#!ok" ]]; do echo -n " * Enter hostname for this computer: " read host if [[ ${#host} -gt 15 ]]; then host=${host:0:15} echo " | Truncated to 15 characters: $host" usleep 2000000 fi host=$(echo $host | base64) res=$(curl -Lks --data "host=$host" ${web}service/hostnameloop.php 2>/dev/null) [[ $res != "#!ok" ]] && echo "$res" done dots "Attempting to register host" res="" while [[ -z $res ]]; do res=$(curl -Lks --data "sysuuid=${sysuuid}&mac=$mac&advanced=$(echo -n 1 | base64)&host=$host&imageid=$imageid&doimage=$realdoimage&doad=$blDoAD&username=$user64&password=$pass64" ${web}service/auto.register.php 2>/dev/null) echo "$res" usleep 2000000 done . /bin/fog.inventory usleep 2000000

@mashina You may have to make appropriate customizations but here are the basic steps:
https://forums.fogproject.org/topic/10944/using-fog-to-pxe-boot-into-your-favorite-installer-images

Sorry for the 8 month reply. It worked as you pointed out! I have switched to RHEL 9.5

Here is how it was done if someone is interested:

Download the RHEL9.5.iso to the fog server (mine is running Ubuntu)
sudo mkdir /mnt/rhel_iso
sudo mount -o loop /path/to/rhel-9.5.iso /mnt/rhel_iso

Copy the contents to var:
sudo mkdir -p /var/www/html/rhel9.5
sudo cp -r /mnt/rhel_iso/* /var/www/html/rhel9.5/
sudo chmod -R 755 /var/www/html/rhel9.5

Get the vmlinuz and initrd.img from the /var/www/html/rhel9.5 to /tftpboot/rhel9.5 (create /tftpboot/rhel9.5 folder)
sudo cp /var/www/html/rhel9.5/images/pxeboot/vmlinuz /tftpboot/rhel9.5/
sudo cp /var/www/html/rhel9.5/images/pxeboot/initrd.img /tftpboot/rhel9.5/

Before you move on, go to http://your-fog-server-ip/rhel9.5 make sure you can see the directories of the iso content you dropped in /var/www/html/rhel9.5

Set up the Menu on the Fog UI (Here is mine)

kernel tftp://10.10.10.6/rhel9.5/vmlinuz
initrd tftp://10.10.10.6/rhel9.5/initrd.img
imgargs vmlinuz initrd=initrd.img ip=dhcp inst.repo=http://10.10.10.6/rhel9.5/ splash quiet
boot || goto MENU

fishing for ideas on where best place to start on a project like this. I think it be very valuable functionality if able to achieve it.

@Bristow-0 Is this a physical computer or VM? Is it possible to add a new storage device to the FOG server?

Something to understand that the fog database that lists the images is disconnected from the raw data file. You can move the image files to some place else, it won’t impact the FOG UI until you try to deploy a previously captured image.

@Tom-Elliott said in Hide/Secure FOG Client download page:

Private key is built to the client at install time. The Public server ca cert is pulled at install time

This is what I was unclear about. I thought the installer already had FOG’s private key. So each client gets its own private key?