APIPA, domain joining, PXE operation not permitted

Seb

Hey guys,

First off i have to apologise for the range of issues and huge wall of text approaching.
Really sorry :oops:

I was on ver 1.0.1 and when PCs booted up, they could not log in because they had been put onto the 169 range, however imaging worked and named themselves correctly.
I have upgraded to 1.2.0 and the APIPA issue was resolved, however now when i image a PC they no longer join the domain and rename themselves to something random such as - “TBO193753-1123” or similar (TBO being the first few letters of our domain.)

I have looked into the ad settings within fog config and made sure that username only has the username within and is not in the format of domain\user. The AD account has not changed, same password, permissions and it’s not expired.

I think that when i built these images last year they [U]may[/U] have been joined to the domain when i uploaded the image, is this where i am going wrong. Has the procedure changed? The images have worked fine when on versions below 1.2.0
Do i have to rebuild all my images?

My second issue is that when i was looking at this last night, my server suddenly died with a memory error.
I have since fixed the issue, however after i got the server back online the clients get the following error during iPXE boot.

[url]http://ip.address/fog/service/ipxe/boot.php[/url]… operation not permitted ([url]http://ipxe.org/410c613c[/url])
Could not boot: Operation not permitted ([url]http://ipxe.org/410c613c[/url])
PXE-M0F : Exiting PXE ROM

I have followed this thread here with no luck - [url]http://fogproject.org/forum/threads/stuck-at-boot-php-operation-not-permitted.10706/[/url]

Thank you guys in advance, love ya

Seb

Seb

In regards to domain joining, i did check the individual host AD setting and it all looked fine. It pulled across successfully from fog config

Junkhacker

[SIZE=3][FONT=arial]nothing changed in fog betweeen 1.0.1 and 1.2.0 that would affect APIPA[/FONT][/SIZE]
[SIZE=3][FONT=arial]fog never names anything randomly, it give hosts the names they are registered with in the database. if a name is not specifically granted, the mac address is used as the name.[/FONT][/SIZE]
[FONT=arial][SIZE=3]the procedure has not changed for AD username/password format[/SIZE][/FONT]
[FONT=arial][SIZE=3]we do not recommend using an image from a computer that has been joined to a domain. but, i will admit that i have done it and had no problems. [/SIZE][/FONT]
[FONT=arial][SIZE=3]that ipxe error is a http 403 error. what do you see if you go to that address in a browser?[/SIZE][/FONT]

Seb

[COLOR=#000000][FONT=arial][SIZE=3]Hey, cheers for the reply.[/SIZE][/FONT][/COLOR]
[LIST]
[][COLOR=#000000][FONT=arial][SIZE=3]On version 1.0.1 (i think,) we had the issue with APIPA whenever i put option 67 in DHCP for it to find a real file, such as unidionly.kpxe. I used to change it to something like ‘unidionly.kpxeeee’ and it wouldn’t mess with IPs. Not an issue now anyway though. :)[/SIZE][/FONT][/COLOR]
[][COLOR=#000000][FONT=arial][SIZE=3]I’m almost 100% certain that it was giving names out in the format above, i’ll be able to double check when i get it back up.[/SIZE][/FONT][/COLOR]
[*][COLOR=#000000][FONT=arial][SIZE=3]So am i right in putting :[/SIZE][/FONT][/COLOR]
[CODE]FOG_AD_DEFAULT_DOMAINNAME : “Domain”
FOG_AD_DEFAULT_OU : OU=Workstations,DC=“DOMAIN”,DC=net
FOG_AD_DEFAULT_USER : “user”
FOG_AD_DEFAULT_PASSWORD : fogcrypt’d passsword[/CODE]
[COLOR=#000000][FONT=arial][SIZE=3]

Because with versions below 1.0.0 in the user field I had domain\user[/SIZE][/FONT][/COLOR]
[][COLOR=#000000][FONT=arial][SIZE=3] I will try and create one new image and see if that changes anything[/SIZE][/FONT][/COLOR]
[][COLOR=#000000][COLOR=#000000][FONT=arial][SIZE=3]If i go to the address in a browser i get [/SIZE][/FONT][/COLOR][/COLOR]
[CODE]ForbiddenYou don’t have permission to access /fog/service/ipxe/boot.php on this server.
Apache/2.2.22 (Ubuntu) Server at IP Port 80[/CODE]
[/LIST]
[COLOR=#000000][FONT=arial][SIZE=3]Have permissions been messed up on the var/www/fog/service/ipxe folders?[/SIZE][/FONT][/COLOR]

[B]EDIT[/B]
I have tried to reset permissions using
[CODE]sudo chown -R www-data:www-data /var/www/fog
sudo chown -R fog:www-data /var/www/fog/service/ipxe/[/CODE]

and then [CODE]sudo service apache2 restart[/CODE]

with still no luck, when i restart apache services i am prompted with this…
[CODE]Restarting web server apache2
apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.1.1 for ServerName
… waiting apache2:
Could not reliably determine the server’s fully qualified domain name, using 127.0.1.1 for ServerName[/CODE]

Seb

OK, I have sorted the 403 error now.
I edited /ect/apache2/apache2.conf, adding a new line at the bottom with
[CODE]ServerName localhost[/CODE]
And restarted the services with no errors

I’m now going to look at my domain joining and naming issue.

[B]EDIT[/B]

Just imaged two PCs, in the fog log on C both get this error

[CODE]HostnameChanger Domain Error! (‘Unknown Error’ Code: 2)[/CODE]

[SIZE=3][FONT=arial]There was a typo in [COLOR=#555555]FOG_AD_DEFAULT_OU - this must be the issue[/COLOR][/FONT][/SIZE]
[COLOR=#555555][FONT=Ubuntu][SIZE=3][FONT=arial]I’m a frickin idiot[/FONT][/SIZE] [/FONT][/COLOR]

Junkhacker

so all of your problems are resolved?

Seb

Yes, all sorted