• Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login
  • Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login

HostnameChanger question

Scheduled Pinned Locked Moved Solved
FOG Problems
2
27
2.9k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • C
    chunter2
    last edited by Sep 13, 2019, 1:33 AM

    @Sebastian-Roth Do you know what function produces that log message? Just wondering if I can do some googling on the error message.

    1 Reply Last reply Reply Quote 0
    • S
      Sebastian Roth Moderator
      last edited by Sep 13, 2019, 5:23 AM

      @chunter2 Take a look at the code: https://github.com/FOGProject/fog-client/blob/master/Modules/HostnameChanger/Windows/WindowsHostName.cs#L203

      You see the try and catch block in function IsJoinedToDomain. In the current code there is no error handling in the catch block and this is why you don’t see the reason but only the 1219 error when using the official 0.11.16 Modules.dll. Now the Modules.dll I build for you has error logging added.

      So the “domain cannot be contacted” error comes from Domain.GetComputerDomain() or Dns.GetHostAddresses(..).

      When you look a little further down the code you get to the part where it tries to join the domain and where the 1219 error occurs. Function used here is NetJoinDomain.

      Hope you can find something!

      Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

      Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

      1 Reply Last reply Reply Quote 0
      • C
        chunter2
        last edited by Sep 13, 2019, 12:00 PM

        @Sebastian-Roth Would it be possible to get a dll with logging showing which of the following is failing? And maybe the return value of the ones that aren’t?

                        using (var domain = Domain.GetComputerDomain())
                        {
                            var currentIP = Dns.GetHostAddresses(domain.Name);
                            var targetIP = Dns.GetHostAddresses(idealDomain);
        
                            return (currentIP.Intersect(targetIP).Any());
                        }
        
        1 Reply Last reply Reply Quote 0
        • S
          Sebastian Roth Moderator
          last edited by Sep 13, 2019, 3:00 PM

          @chunter2 Will do so in a few hours.

          Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

          Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

          1 Reply Last reply Reply Quote 0
          • C
            chunter2
            last edited by Sep 13, 2019, 3:08 PM

            @Sebastian-Roth I was actually able to compile that dll myself. Looks like it’s throwing on the GetComputerDomain() line in both cases. Trying to join the domain and after I manually join the domain. So I don’t think that’s the problem. It’s failing on the NetJoinDomain() function. I think I need to print out the variables to see if they’re the same for a good image and a bad one.

            1 Reply Last reply Reply Quote 1
            • C
              chunter2
              last edited by Sep 13, 2019, 7:12 PM

              @Sebastian-Roth I decided to remove the client and re-install it on this machine and now I get a different error in the fog log. It keeps looping on this.

              ------------------------------------------------------------------------------
              --------------------------------Authentication--------------------------------
              ------------------------------------------------------------------------------
               13/09/2019 3:06 PM Client-Info Version: 0.11.16
               13/09/2019 3:06 PM Client-Info OS:      Windows
               13/09/2019 3:06 PM Middleware::Authentication Waiting for authentication timeout to pass
               13/09/2019 3:08 PM Middleware::Communication Download: http://xxx.xxx.xxx.xxx/fog/management/other/ssl/srvpublic.crt
               13/09/2019 3:08 PM Data::RSA FOG Server CA cert found
               13/09/2019 3:08 PM Middleware::Authentication Cert OK
               13/09/2019 3:08 PM Middleware::Authentication No token found at C:\Program Files (x86)\FOG\token.dat, this is expected if the client has not authenticated before
               13/09/2019 3:08 PM Middleware::Authentication ERROR: Could not get security token
               13/09/2019 3:08 PM Middleware::Authentication ERROR: Could not find file 'C:\Program Files (x86)\FOG\token.dat'.
               13/09/2019 3:08 PM Middleware::Communication POST URL: http://xxx.xxx.xxx.xxx/fog/management/index.php?sub=requestClientInfo&authorize&newService
               13/09/2019 3:08 PM Middleware::Response Invalid security token
              
              

              I’m wondering if maybe this is the real problem. Do you know what this means?

              Thanks

              1 Reply Last reply Reply Quote 0
              • S
                Sebastian Roth Moderator
                last edited by Sep 13, 2019, 7:56 PM

                @chunter2 Yes, you need to click the “Reset Encryption Data” button in this host’s settings on the web UI!

                Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                1 Reply Last reply Reply Quote 0
                • C
                  chunter2
                  last edited by Sep 13, 2019, 8:52 PM

                  @Sebastian-Roth Thanks for that info. Took me a while to realize where the button was. Not like it’s not big enough. 🙂

                  Here’s what I’ve found so far. On a good image or bad image whether I’m joined to the domain or not IsJoindToDomain() always throws on the using (var domain = Domain.GetComputerDomain()) line. Not sure what the purpose of that is but I’m running an NT4 domain, not an AD domain so it could be for that. Because this function fails the client is always calling NetJoinDomain() on every loop.

                  On a good image that’s disconnected from the domain the first call to DomainWrapper() always fails. I think it’s because my ADOU is always empty. Again something with an NT4 domain? The return value is 50 so then DomainWrapper() is called again with false set. And then it connects.

                  On a bad image that’s disconnected from the domain the first call to DomainWrapper() fails with a 1219 and then doesn’t try again. I tried adding 1219 to the switch to call again with false set but it fails with a 1219 as well. Not sure what to try next.

                  Thanks

                  1 Reply Last reply Reply Quote 0
                  • S
                    Sebastian Roth Moderator
                    last edited by Sebastian Roth Sep 13, 2019, 11:38 PM Sep 14, 2019, 5:38 AM

                    @chunter2 said in HostnameChanger question:

                    On a good image or bad image whether I’m joined to the domain or not IsJoindToDomain() always throws on the using (var domain = Domain.GetComputerDomain()) line. Not sure what the purpose of that is but I’m running an NT4 domain, not an AD domain so it could be for that. Because this function fails the client is always calling NetJoinDomain() on every loop.

                    As mentioned before this is known and documented in more details in a github issue.

                    On a good image that’s disconnected from the domain the first call to DomainWrapper() always fails. I think it’s because my ADOU is always empty. Again something with an NT4 domain? The return value is 50 so then DomainWrapper() is called again with false set. And then it connects.

                    On a bad image that’s disconnected from the domain the first call to DomainWrapper() fails with a 1219 and then doesn’t try again. I tried adding 1219 to the switch to call again with false set but it fails with a 1219 as well. Not sure what to try next.

                    Ok so the bad image/client seems to persistently return with the 1219 error. But on the other hand you seem to be able to manually join the domain.

                    Let’s see if we can manually get this right with the fog-client. Start the problem host, open two command shells, one as normal user and one as Administrator:

                    Admin cmd:

                    net stop FOGService
                    

                    User cmd:

                    net session
                    net use
                    net use * /d /y
                    

                    Admin cmd:

                    net session
                    net use
                    net use * /d /y
                    net stop lanmanworkstation
                    net start lanmanworkstation
                    net start netlogon
                    net start sessionenv
                    net start FOGService 
                    

                    Take a picture of what you get from the commands net session and net use in both cmd shells. Now watch the fog-client log and see if it still returns error 1219.

                    Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                    Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                    1 Reply Last reply Reply Quote 0
                    • S
                      Sebastian Roth Moderator
                      last edited by Sep 14, 2019, 5:44 AM

                      @chunter2 And if that doesn’t help we can still go ahead and capture network packets on your Samba server or enable debug logging to see if the client opens another SMB connection.

                      Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                      Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                      1 Reply Last reply Reply Quote 0
                      • C
                        chunter2
                        last edited by Sep 14, 2019, 12:30 PM

                        @Sebastian-Roth All the net use and net session commands return “There are no entries in the list”. So there’s nothing to delete. I’m connected using RDP on all these machines (good and bad images) so I can’t stop the lanmanworkstation service. If I run net use or net session on a good image I get the same message. I think network packets and debug logging on the samba server makes sense to try next. I’ll have to look into that.

                        1 Reply Last reply Reply Quote 0
                        • S
                          Sebastian Roth Moderator
                          last edited by Sep 14, 2019, 3:44 PM

                          @chunter2 Ok, then let’s go ahead. Install tcpdump on your Samba server and get the bad unjoined imaged host ready. Don’t start it yet. Now run this command on your server and let it sit there: tcpdump -i eth0 -w /tmp/netdump.pcap host x.x.x.x

                          Put in the correct host IP and your server network Interface if it’s not eth0.

                          Boot the host and wait for 10 minutes. Then stop tcpdump by pressing Ctrl+c. Copy the generated file over to another system, upload and post a Link here.

                          Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                          Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                          1 Reply Last reply Reply Quote 0
                          • S
                            Sebastian Roth Moderator
                            last edited by Sep 18, 2019, 5:02 PM

                            The PCAP revealed that there were some left overs from an old software that would open an application on a public network share on boot up of that system. Removing that stuff fixed the issue and fog-client domain join works perfectly fine now again.

                            Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                            Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                            1 Reply Last reply Reply Quote 0
                            • 1
                            • 2
                            • 2 / 2
                            2 / 2
                            • First post
                              24/27
                              Last post

                            212

                            Online

                            12.0k

                            Users

                            17.3k

                            Topics

                            155.2k

                            Posts
                            Copyright © 2012-2024 FOG Project