• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    Script to detect and repair AD Biding

    Scheduled Pinned Locked Moved
    General
    2
    7
    752
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      astrugatch
      last edited by

      This isn’t a FOG specific question per-se but with having everyone out of the office for an extended period many devices have non-functioning AD binding. Despite being back in the office on the network they no longer check in to group policy etc.

      They still check into FOG with the client properly so I wanted to see if anyone had a good script the check if the binding is working correctly and correct it/rebind if it isn’t.

      1 Reply Last reply Reply Quote 0
      • S
        Sebastian Roth Moderator
        last edited by

        @astrugatch Would be interesting to see the full fog-client log of a host having the described issue but fog-client working fine. I say this because the fog-client checks if the OS thinks it is joined to the domain or not using MS API calls. So I guess those return true even if AD it’s not good anymore. So a script checking would probably need to call totally other methods to find out. Maybe it would even need to query the AD itself… No idea.

        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

        A 2 Replies Last reply Reply Quote 0
        • A
          astrugatch @Sebastian Roth
          last edited by astrugatch

          @sebastian-roth

          Now I’m not so sure the client IS working properly. I see this when I pulled the log from one of the machines.

           8/17/2021 1:53:08 PM Client-Info Client Version: 0.11.19
           8/17/2021 1:53:08 PM Client-Info Client OS:      Windows
           8/17/2021 1:53:08 PM Client-Info Server Version: 1.5.9.98
           8/17/2021 1:53:08 PM Middleware::Response Success
           8/17/2021 1:53:08 PM Middleware::Communication Download: https://fog.CONTOSO.org/fog/client/SmartInstaller.exe
           8/17/2021 1:53:09 PM Data::RSA FOG Project cert found
           8/17/2021 1:53:09 PM ClientUpdater ERROR: Update file is not authentic
          
          1 Reply Last reply Reply Quote 0
          • A
            astrugatch @Sebastian Roth
            last edited by

            @sebastian-roth

            HA!
            You actually put me on the right path! The computers in question were imaged so long ago that they predated our domain rename. So the info in the Active Directory section of FOG still listed our old domain, so even if they tried to fix themselves they would fail. This matches up as the machines that fixed themselves were all imaged or re-imaged AFTER the domain rename!

            1 Reply Last reply Reply Quote 0
            • S
              Sebastian Roth Moderator
              last edited by

              @astrugatch Good you figured this one out (domain rename)!

              About the fog-client message “ERROR: Update file is not authentic”. This is a known issue as the “FOG Project” cert is not valid anymore. You need to manually install a newer client version on those machines (or re-deploy an image with a newer client).

              Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

              Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

              A 1 Reply Last reply Reply Quote 0
              • A
                astrugatch @Sebastian Roth
                last edited by

                @sebastian-roth

                Is that separate from the cert that is used for HTTPS? Do I need to generate a new cert or does that come from the install as long as it is recent?

                1 Reply Last reply Reply Quote 0
                • S
                  Sebastian Roth Moderator
                  last edited by

                  @astrugatch said in Script to detect and repair AD Biding:

                  Is that separate from the cert that is used for HTTPS? Do I need to generate a new cert or does that come from the install as long as it is recent?

                  It’s separate from the cert used for HTTPS. Nothing you need to mess with. It’s a code siging certificate and it’s bundled into the fog-client. So if you use a recent one you are good to go.

                  Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                  Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                  1 Reply Last reply Reply Quote 0
                  • 1 / 1
                  • First post
                    Last post

                  196

                  Online

                  12.0k

                  Users

                  17.3k

                  Topics

                  155.2k

                  Posts
                  Copyright © 2012-2024 FOG Project