• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    Run Snap-In as domain user

    Scheduled Pinned Locked Moved Solved
    Windows Problems
    2
    5
    626
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      andrewhancock91
      last edited by

      Hi all,
      I’m working on getting fog set up in my environment, one snag I’m running in to is that I would like so have a batch file snap-in that runs post deployment to trigger PDQ Deploy. The problem is that by default the Fog Service runs as local system, when it executes my script PDQ doesn’t run because it doesn’t recognize the user. The simple answer seems to be running the Fog Service as a domain user, okay fine but when you change the Fog Service user it requires you to reset the encryption data from the console. I’m trying to find a way to get this all automated and surely I’m not the only one that has had this problem. So, my thoughts on possible solutions are:

      A) Be able to change fog service user (via script possibly) to domain account without resetting encryption data
      B) Run the snap-in as a domain user so that PDQ kicks off

      I’m of course open to any solutions those are just the two that I’ve thought of so far.

      Thanks in advance!

      1 Reply Last reply Reply Quote 0
      • S
        Sebastian Roth Moderator
        last edited by Sebastian Roth

        @andrewhancock91 Asking the internet for “runas password” brings up a huge amount of questions and answers on this. Maybe just use psexec… Or even using a text file as password input.

        But that’s just my point of view trying to tackle this as low cost as possible.

        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

        1 Reply Last reply Reply Quote 0
        • S
          Sebastian Roth Moderator
          last edited by

          @andrewhancock91 Or mayb
          C) Use runas or similar tools…

          Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

          Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

          1 Reply Last reply Reply Quote 0
          • A
            andrewhancock91
            last edited by

            @Sebastian-Roth
            Thanks for the reply, I’ve tried using runas but since you can’t pass the password in the script it doesn’t achieve what I’m wanting to do which is completely hands off deployment.

            1 Reply Last reply Reply Quote 0
            • S
              Sebastian Roth Moderator
              last edited by Sebastian Roth

              @andrewhancock91 Asking the internet for “runas password” brings up a huge amount of questions and answers on this. Maybe just use psexec… Or even using a text file as password input.

              But that’s just my point of view trying to tackle this as low cost as possible.

              Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

              Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

              1 Reply Last reply Reply Quote 0
              • A
                andrewhancock91
                last edited by

                Sorry I forgot to respond to this thread, thanks for your responses @Sebastian-Roth. I ended up solving this particular issue by simply integrating credentials that PDQ recognizes into the powershell script, it works smoothly every time and shouldn’t present much of a security concern because the creds are only allowed to kick of a PDQ deployment and nothing else.

                1 Reply Last reply Reply Quote 0
                • 1 / 1
                • First post
                  Last post

                155

                Online

                12.0k

                Users

                17.3k

                Topics

                155.2k

                Posts
                Copyright © 2012-2024 FOG Project