New to Fog.... A little help with hostname changer and Join AD
-
This post is deleted! -
I’ve tried completely removing the fog service and reinstalling and I keep getting the same errors in fog.log:
Invalid host certificate
URL: http://myfogserver/fog/management/other/ssl/srvpublic.crt
ERROR: Could not download file
ERROR: The remote server returned an error: 404 not found
ERROR: Could not get security token
ERROR: Could not find file C:\Windows\system32\token.dat
ERROR: Could not authenticate
ERROR: The system cannot find the file specifiedWas the CA and ssl supposed to be recreated? Any further suggestions before I go digging?
Thanks so much for all your help!!
-
Can you rerun the fog installer with:
sudo ./installfog.sh --recreate-CA --recreate-keys
-
Just a heads up, you installed the beta client.And the specific version you install won’t work with hostname changer. I’d either switch to the legacy client OR wait until I fix v0.8.0 of the beta.
-
@Jbob
Ah… Yes, I realized it was a new version 0.8.0, but didn’t realize it was beta. Thanks for the heads up.
-
Logs after rerun:
5/27/2015 12:15 PM CommunicationHandler Response: Invalid host certificate
5/27/2015 12:15 PM CommunicationHandler URL: http://myfogserver/fog/management/other/ssl/srvpublic.crt
5/27/2015 12:15 PM CommunicationHandler ERROR: Could not get security token
5/27/2015 12:15 PM CommunicationHandler ERROR: Could not find file ‘C:\Windows\system32\token.dat’.
5/27/2015 12:15 PM EncryptionHandler CA cert found
5/27/2015 12:15 PM EncryptionHandler ERROR: Certificate validation failed
5/27/2015 12:15 PM EncryptionHandler ERROR: Trust chain did not complete to the known authority anchor. Errors: The signature of the certificate cannot be verified. (NotSignatureValid)
5/27/2015 12:15 PM CommunicationHandler ERROR: Could not authenticate
5/27/2015 12:15 PM CommunicationHandler ERROR: Certificate is not from FOG CA
5/27/2015 12:15 PM CommunicationHandler URL: http://myfogserver/fog/management/other/ssl/srvpublic/fog/service/servicemodule-active.php?moduleid=clientupdater&mac=00:21:70:0A:9A:A2||00:00:00:00:00:00:00:E0&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&newService=1&new -
I’ll re-iterate my message. I’d wait until we fix v0.8.0
-
@Jbob
Lol, I know, I just figured Tom wanted the logs and I was already in the middle of rerunning the installer when you commented. Just finished the legacy client installer.
Thanks,
James
-
With the legacy client, I’m not getting:
HostnameChanger Failed: Incomplete server response; got 7; wanted: 6
HostnameChanger: Host name was not found in the databaseThanks,
James
-
Did you set the “product-key” field on the host?
-
Yes, that was it!!! Again, thank you guys so much for all your help and hard work!!!
James
-
@Jbob
Sorry to bother, just a quick question for ya, is the domain join working in 0.8.1?
-
@James-Harting said:
@Jbob
Sorry to bother, just a quick question for ya, is the domain join working in 0.8.1?
Yes and No.
I am still having issues with it… but that doesn’t mean you’ll have issues.
-
Thanks for the reply, I will test it out.
-
Were you receiving any errors when it fails or was it just failing? Wondering because I’m trying to figure out if I’m missing something in my configuration? Any input would be greatly appreciated.
5/27/2015 4:25 PM Client-Info Version: 0.8.1
5/27/2015 4:25 PM HostnameChanger Running…
5/27/2015 4:25 PM CommunicationHandler URL: http://myfogserver/fog/service/servicemodule-active.php?moduleid=hostnamechanger&mac=00:21:70:0A:9A:A2||00:00:00:00:00:00:00:E0&newService=1
5/27/2015 4:25 PM CommunicationHandler Response: Success
5/27/2015 4:25 PM CommunicationHandler URL: http://myfogserver/fog/service/hostname.php?moduleid=hostnamechanger&mac=00:21:70:0A:9A:A2||00:00:00:00:00:00:00:E0&newService=1
5/27/2015 4:25 PM EncryptionHandler ed2873a80337d19b5e9f9abb590a2c1b|b6a75e03e6ca4d22ce9f0c73338cc30845c800d3384a6fd1a6fdb1e8a6b8673a6c86a6e02eb8a495616a0ba02393749769b381010dfffc83b807bbdafe1d6d40b851a33a2b1a44fc55ae4d4ac6e11ff2d92c7eaa0bb797ce3947bfa870aad3fe244a17144fd1ec39894e94ce5fdc2ce40919b32e833f42a9ebace41cef494da5d424ddae4afa1f3dbd2165bb120be805d3c93a6aeb51a6cc8079b881e43f886a
5/27/2015 4:25 PM CommunicationHandler Response: Success
5/27/2015 4:25 PM HostnameChanger Checking Hostname
5/27/2015 4:25 PM HostnameChanger Hostname is correct
5/27/2015 4:25 PM HostnameChanger Registering host with active directory
5/27/2015 4:25 PM HostnameChanger ERROR: Required Domain Joining information is missing
5/27/2015 4:25 PM HostnameChanger Activing host with product key
5/27/2015 4:25 PM HostnameChanger ERROR: Windows activation disabled -
inside of FOG Configuration -> FOG Settings -> Client Service
The “New client” thing must be checked for the new client to work.
Also please note that you should type in your PLAIN TEXT password into the password field, and that your fogcrypt string should go into the legacy field.
Also note that in the hosts menu, any password that you put into the AD Settings fields in there gets re-encrypted when the aforementioned “NEW CLIENT” check-box is checked. So, I’d recommend just clicking the “Clear Fields” and then click the “Join Domain” so that it simply auto-populates.
-
I’ve triple-checked all those requirements and I’m still getting the ERROR: Required Domain Joining information is missing.
Fog service:
new client: checked
aes_encrypt: not checked
AD defaults:
domainname: tried domain.com and netbios
default ou: OU=Computers,DC=domain,DC=com
default user: tried domain\user and just user
default password: plaintext
default pw legacy: fogcryptIs there something I need to change in a config.php file or anything that I’m missing? Need to add netdom on the windows 7 pc?
-
I’d recommend (just for the purposes of troubleshooting) these things:
Default OU blank
use your domain Administrator as the default user
Administrator passwordthen, I’d play with the domain name…
Try your FQDN (fully qualified domain name)
Try your sloppy domain name (example for My.SchoolDistrict.k12.mo.us you’d just put in “My”)No need to change any php files. This is FOG Trunk, the days of editing PHP files are over.
The rest of your settings look good.
Now, if none of this works… keep in mind that this client is in BETA. If you want to pursue this further, please contact @Jbob
Does your legacy client work?