• Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login
  • Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login

Hostnamechanger: Padding is invalid and cannot be removed.

Scheduled Pinned Locked Moved
FOG Problems
5
11
3.4k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • W
    WourN
    last edited by May 26, 2016, 11:01 AM

    Hello.
    I’ve had FOG for years, and it has worked almost flawlessly.
    Yesterday I prepared a new image for school, and I uploaded it, and downloaded it, just to check everything.
    I always make sure everything works before I start massdeployment of images to schoolcomputers.
    And I’ve always used hostname changer to change machinename and join domain.
    When I tried it today, hostnamechanger changed the name, rebooted, and when I expected it to join domain, it did nothing.
    I checked the log files, and here it is:

    26/05/2016 09:48 FOG::HostnameChanger AD mode requested, confirming settings.
    26/05/2016 09:48 FOG::HostnameChanger Padding is invalid and cannot be removed.
    26/05/2016 09:48 FOG::HostnameChanger    at System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer, Int32 outputOffset, PaddingMode paddingMode, Boolean fLast)
       at System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)
       at System.Security.Cryptography.CryptoStream.FlushFinalBlock()
       at System.Security.Cryptography.CryptoStream.Dispose(Boolean disposing)
       at System.IO.Stream.Close()
       at FOG.FOGCrypt.decrypt(Byte[] cipherData, Byte[] Key, Byte[] IV)
       at FOG.FOGCrypt.decrypt(Byte[] cipherData, String Password)
       at FOG.FOGCrypt.decryptHex(String hex)
       at FOG.HostNameChanger.changeHostName()
    

    I’ve googled it, but didn’t find a real answer.
    I’ve checked AD settings in FOG, the password is encrypted with fogcrypt.
    The FOG Client was downloaded and installed from my FOG-servers web-based GUI. (Also tried to reinstall it, with no luck)
    I have never had this problem before, and no the password of my admin account has not changed since.

    Info: The FOG-server runs on Centos 6.something. FOG is version 1.2.0

    Please help

    1 Reply Last reply Reply Quote 0
    • J
      Joe Schmitt Senior Developer
      last edited by May 26, 2016, 2:55 PM

      Are you using the default encryption key, or did you custom set one?

      Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

      W 2 Replies Last reply May 27, 2016, 6:05 AM Reply Quote 0
      • W
        WourN @Joe Schmitt
        last edited by May 27, 2016, 6:05 AM

        @Jbob I am using the default one.

        1 Reply Last reply Reply Quote 0
        • W
          WourN @Joe Schmitt
          last edited by May 27, 2016, 1:43 PM

          @Jbob Hmm. I have also tried on 0.32-fogserver now, and I got the same result. I uninstalled and deleted the 1.2 client of course, and installed the 0.32 client from the 0-32servers webGUI. Still same problem, so it has to do something with my image.
          You have any idea what it might be?

          1 Reply Last reply Reply Quote 0
          • J
            Joe Schmitt Senior Developer
            last edited by Joe Schmitt May 27, 2016, 8:34 AM May 27, 2016, 2:34 PM

            It sounds like the encrypted AD password got changed by accident. Try redoing fogcrypt on it and using that output.

            Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

            W 2 Replies Last reply May 30, 2016, 6:10 AM Reply Quote 0
            • W
              WourN @Joe Schmitt
              last edited by May 30, 2016, 6:10 AM

              @Joe-Schmitt I can try. I’ve heard you get different results based on wether you use fogcrypt on a windows or linux. Is that true?

              W 1 Reply Last reply May 31, 2016, 10:47 PM Reply Quote 0
              • W
                WourN @Joe Schmitt
                last edited by WourN May 30, 2016, 1:55 AM May 30, 2016, 7:33 AM

                @Joe-Schmitt Okay so I fixed the initial issue with copying over the HostNameChanger.dll from an old image. Now I’m facing a new issue.
                The log file now says this:

                
                 30.05.2016 09:25 FOG::HostnameChanger Attempting to connect to fog server...
                 30.05.2016 09:25 FOG::HostnameChanger Module is active...
                 30.05.2016 09:25 FOG::HostnameChanger AD mode requested, confirming settings.
                 30.05.2016 09:25 FOG::HostnameChanger Hostname is up to date
                 30.05.2016 09:25 FOG::HostnameChanger Attempting to join domain if not already a member....
                 30.05.2016 09:25 FOG::HostnameChanger netdom output: 
                 30.05.2016 09:25 FOG::PrinterManager Module is active...
                

                It’s progress I guess, but it still wont join domain.
                netdom.exe is located under c:\windows\system32 and the path is correct in config.ini
                What now?

                1 Reply Last reply Reply Quote 0
                • W
                  Wayne Workman @WourN
                  last edited by May 31, 2016, 10:47 PM

                  @WourN said in Hostnamechanger: Padding is invalid and cannot be removed.:

                  @Joe-Schmitt I can try. I’ve heard you get different results based on wether you use fogcrypt on a windows or linux. Is that true?

                  I would always recommend running fog crypt on a windows system.

                  Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
                  Daily Clean Installation Results:
                  https://fogtesting.fogproject.us/
                  FOG Reporting:
                  https://fog-external-reporting-results.fogproject.us/

                  1 Reply Last reply Reply Quote 0
                  • W
                    Wayne Workman
                    last edited by Wayne Workman May 31, 2016, 4:49 PM May 31, 2016, 10:49 PM

                    What version of windows are you trying to join? The legacy client doesn’t work with win10.

                    Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
                    Daily Clean Installation Results:
                    https://fogtesting.fogproject.us/
                    FOG Reporting:
                    https://fog-external-reporting-results.fogproject.us/

                    1 Reply Last reply Reply Quote 0
                    • L
                      lonnie776
                      last edited by Dec 22, 2016, 6:06 PM

                      I also ran into this issue when trying to join a Windows 10 machine to the domain. The HostnameChanger will still change the PC name but only if you only try to change the PC name off domain.

                      The issue is with the System.Security.Cryptography.Rinjdael Class. I am assuming they changed the default padding method in windows 10 and this causes issues because windows can no longer decrypt the encrypted AD password due to non congruent padding.

                      *As a side note, passwords encrypted using FOGCrypt on Windows 10 will still work to join Windows 10 machines to domain, but then you will not be able to join any machine below Windows 10.

                      To solve the issue I went into the code and specified a padding method in both the HostnameChanger and FOGCrypt.

                      It is quite simple

                      private byte[] encrypt(byte[] clearData, byte[] Key, byte[] IV)
                              {
                      
                                  MemoryStream ms = new MemoryStream();
                                  Rijndael alg = Rijndael.Create();
                                  alg.Padding = PaddingMode.Zeros; //(Added for cross windows compatability)
                                  alg.Key = Key;
                                  alg.IV = IV;
                      
                                  CryptoStream cs = new CryptoStream(ms, alg.CreateEncryptor(), CryptoStreamMode.Write);
                      
                                  cs.Write(clearData, 0, clearData.Length);
                                  cs.Close();
                      
                                  byte[] encryptedData = ms.ToArray();
                      
                                  return encryptedData;
                      
                              }
                      
                              private byte[] decrypt(byte[] cipherData, byte[] Key, byte[] IV)
                              {
                                  MemoryStream ms = new MemoryStream();
                                  Rijndael alg = Rijndael.Create();
                                  alg.Padding = PaddingMode.Zeros; //(Added for cross windows compatability)
                      
                                  alg.Key = Key;
                                  alg.IV = IV;
                      
                                  CryptoStream cs = new CryptoStream(ms, alg.CreateDecryptor(), CryptoStreamMode.Write);
                      
                                  cs.Write(cipherData, 0, cipherData.Length);
                                  cs.Close();
                      
                                  byte[] decryptedData = ms.ToArray();
                                  return decryptedData;
                              }
                      

                      Do the same in FOGCrypt, re-encrypt your password, and presto. Windows 10, 8, 8.1, 7, etc, all join domains properly.

                      I hope this helps people.
                      Lonnie

                      Tom ElliottT 1 Reply Last reply Dec 22, 2016, 6:56 PM Reply Quote 0
                      • Tom ElliottT
                        Tom Elliott @lonnie776
                        last edited by Dec 22, 2016, 6:56 PM

                        @lonnie776 while I am glad that youve taken the steps to find and correct a problem, I feel you may want to look at the latest fog has to offer. First we’ve, and by we I mean @Joe-Schmitt , rewritten the fog client and it is much more secure and less resource intensive on the server. As an overall result the client is much faster than the old client and has many more features to work with. I’d highly recommend updating and using this new client for any system.

                        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                        1 Reply Last reply Reply Quote 2
                        • 1 / 1
                        • First post
                          Last post

                        166

                        Online

                        12.0k

                        Users

                        17.3k

                        Topics

                        155.2k

                        Posts
                        Copyright © 2012-2024 FOG Project