• Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login
  • Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login

FOGClient 0.9.11: Could not get security token after sysprep

Scheduled Pinned Locked Moved Solved
Bug Reports
3
5
2.6k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • A
    aruhuno
    last edited by aruhuno Mar 10, 2016, 8:50 AM Mar 10, 2016, 2:49 PM

    Hello!

    With FOGClient 0.9.11, I’ve problem after deploy syspreped Windows 10 image:

    ------------------------------------------------------------------------------
--------------------------------Authentication--------------------------------
------------------------------------------------------------------------------
 08/03/2016 16:13 Client-Info Version: 0.9.11
 08/03/2016 16:13 Middleware::Communication URL: http://fog.domain.local//management/other/ssl/srvpublic.crt
 08/03/2016 16:13 Middleware::Authentication ERROR: Could not get security token
 08/03/2016 16:13 Middleware::Authentication ERROR: Le fichier 'C:\Windows\system32\token.dat' est introuvable.
 08/03/2016 16:13 Data::RSA FOG Server CA cert found
 08/03/2016 16:13 Data::RSA ERROR: Certificate validation failed
 08/03/2016 16:13 Data::RSA ERROR: Trust chain did not complete to the known authority anchor. Errors: Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. (NotTimeValid)
 08/03/2016 16:13 Middleware::Authentication ERROR: Could not authenticate
 08/03/2016 16:13 Middleware::Authentication ERROR: Certificate is not from FOG CA
 08/03/2016 16:13 Service Sleeping for 120 seconds

    Thanks in advance for the help 🙂

    "Parce que la connaissance appartient à tout le monde", inios.fr

    1 Reply Last reply Reply Quote 0
    • J
      Joe Schmitt Senior Developer
      last edited by Mar 10, 2016, 4:03 PM

      @aruhuno

      Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé.

      The problem is that your machines do not have the same time set as your server. This means, when you updated your server the keys were re-generated and signed against the server’s time. But if the machine’s time is behind (say by 3 hours), according to the clients the keys were signed in the future, and thus invalid.

      You can either fix your server / client times, or wait for the clients to get past the “time in the future” that the keys were made.

      Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

      A 1 Reply Last reply Mar 11, 2016, 8:47 AM Reply Quote 2
      • A
        aruhuno @Joe Schmitt
        last edited by Mar 11, 2016, 8:47 AM

        @Jbob
        Ok, but after deploy, it’s impossible to synchronize time with a DC (computer added in AD with FOGClient) and computer doesn’t have access to WAN (proxy parameters pushed by GPO and the proxy to require an AD auth).

        How to do?

        "Parce que la connaissance appartient à tout le monde", inios.fr

        1 Reply Last reply Reply Quote 0
        • S
          Sebastian Roth Moderator
          last edited by Mar 14, 2016, 11:28 AM

          @aruhuno said:

          it’s impossible to synchronize time with a DC

          Why is that??

          Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

          Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

          A 1 Reply Last reply Mar 14, 2016, 12:29 PM Reply Quote 0
          • A
            aruhuno @Sebastian Roth
            last edited by aruhuno Mar 16, 2016, 2:34 AM Mar 14, 2016, 12:29 PM

            @Sebastian-Roth
            DC synchronize time only with computers added in AD but FOGClient can’t add computer in AD…
            I found a solution by synchronizing time just before the sysprep command.

            edit: I finally installs the client after deploying the post via a script called by unattended file.

            "Parce que la connaissance appartient à tout le monde", inios.fr

            1 Reply Last reply Reply Quote 1
            • 1 / 1
            1 / 1
            • First post
              5/5
              Last post

            184

            Online

            12.1k

            Users

            17.3k

            Topics

            155.3k

            Posts
            Copyright © 2012-2024 FOG Project