Clear Encrypted Data When Moved to New Switch Port
-
I have FOG up and running on version SVN 3537.
Any time I physically move a PC to another location (New port on a switch) I have to clear the encrypted data or it refuses to join the domain. Sometimes it wont rename the machine but this is sporadic. Any ideas or if this is just a big. I have moved to multiple locations and it is always the case of having ot clear the encryption before I can reimage the machine.
-
That’s a question for @Jbob
-
My guess is that the security tokens are somehow becoming out of sync. Can you post the “Authentication” section of the client log when it messes up? (Preferably in a formatted code-block in the forum post)
-
Did a test this morning and randomly after re-imaging the machine a few times it wont add back to the domain, reset the encryption and boom it works. Any idea why this is happening.
-
Yep will do. Going ot have to wait for it to mess up again I cant seem to force it.
-
------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 6/29/2015 11:23 AM Client-Info Version: 0.8.4 6/29/2015 11:23 AM Middleware::Communication URL: http://10.20.60.14/fog/management/other/ssl/srvpublic.crt 6/29/2015 11:24 AM Data::RSA CA cert found 6/29/2015 11:24 AM Middleware::Authentication Cert OK 6/29/2015 11:24 AM Middleware::Communication POST URL: http://10.20.60.14/fog/management/index.php?sub=authorize 6/29/2015 11:24 AM Middleware::Communication Response: Invalid security token
-
This is what I am getting for the hostname changer part:
------------------------------------------------------------------------------ --------------------------------HostnameChanger------------------------------- ------------------------------------------------------------------------------ 6/29/2015 11:24 AM Client-Info Version: 0.8.4 6/29/2015 11:24 AM HostnameChanger Running... 6/29/2015 11:24 AM Middleware::Communication URL: http://10.20.60.14/fog/service/servicemodule-active.php?moduleid=hostnamechanger&mac=F8:B1:56:B5:EE:31|&newService=1 6/29/2015 11:24 AM Middleware::Communication Response: Success 6/29/2015 11:24 AM Middleware::Communication URL: http://10.20.60.14/fog/service/hostname.php?moduleid=hostnamechanger&mac=F8:B1:56:B5:EE:31|&newService=1 6/29/2015 11:24 AM Middleware::Communication Response: Invalid host certificate 6/29/2015 11:24 AM Middleware::Communication URL: http://10.20.60.14/fog/management/other/ssl/srvpublic.crt 6/29/2015 11:24 AM Data::RSA CA cert found 6/29/2015 11:24 AM Middleware::Authentication Cert OK 6/29/2015 11:24 AM Middleware::Communication POST URL: http://10.20.60.14/fog/management/index.php?sub=authorize 6/29/2015 11:24 AM Middleware::Communication Response: Invalid security token```
-
Trying to gather as much info as possible. This seems to be happening over night also. Re-imaged a machine more than 10 times yesterday without issue. Come in the morning and try to reimage it and the hostname problem is there again. I have attached the FOG client log for troubleshooting
-
Screenshot of the Service Settings in Fog Configuration also
-
When creating the image I am installing the client to the windows 7 machine then running sysprep set to shutdown, then uploading to FOG. Not sure if that is relevant or not.
-
This post is deleted! -
Would it be possible to turn this feature off. MY FOG is only internal and I don’t really have a need for the encryption. Unless I am way off-base and feel free to correct me if I am.
-
@Psycholiquid Are your FOG Service settings still the same as in the picture below?
You need the “FOG_New_Client” setting enabled to use the new client at all.
-
Yes setting have not been changed. I have now checked that and will be running a few tests. I’ll give an update after i reimage a few times and move ports around to see if I can break it.
-
The encryption is not optional. Making it so would open up quite a few security holes.
-
@Jbob OK good to know. I will run these tests and see what happens.
-
Seems I can get 5 re-images out of it before the encryption data has to be reset. I have been able to move it from one port to another within that 5 and it not cause me to have to clear the Encryption data. But after 5 re-images it forces me to clear it to rename the host and join the domain.
Also as soon as I hit the clear button the computer renames and joins the domain without issue.
-
I can officially say it is every 5th image that is breaking it. I am not sure why but that happens on image 5 every time. Any ideas. I will try to upgrade to the latest SVN tomorrow to see if that helps but I am not sure that the server is the issue.
-
@Psycholiquid notifying @Jbob about it… this is his realm till the official release.
-
Thanks for the notification Wayne. @Psycholiquid I will attempt to reproduce this issue in my vms. Is there anything special you are doing to the image? E.G. sysprepping?