Active Directory join fails
-
@jhuesser The error says invalid security token. Step one is to ensure the time is set, correct, in the same time zone, and syncronized on 1. The fog server, 2. The domain controller(s), and 3. on the hosts you’re trying to join.
After verifying that, you can try to “reset encryption” for the problematic host and see if that fixes it.
Note that simply clicking the “reset encryption” button when time is not synchronized will not fix your issue.
-
@Wayne-Workman thank you for your answer. Selected mit timezone in FOG_TZ_INFO.
The commanddate
displays the correct time in the shell. DC is also fine, Client too. The logfile looks like this now:It says
06.06.2016 16:08 HostnameChanger Users still logged in and enforce is disabled, delaying any further actions
But still, after a reboot it doesn’t do anything. Also i set the tick in FOG_ENFORCE_HOST_CHANGES and on the host settings at Make changes even when users are logged on?
So it should do the steps, even if a user is logged on, shouldn’t it?
-
@jhuesser Yes. The last thing to check is to ensure all the client services are enabled for the problematic host.
Can you post the entire log file?
-
@Wayne-Workman hmm are you unable to open it? posted it here and works for me
@jhuesser said in Active Directory join fails:
It’s to big to embeed it as plain text.
-
@jhuesser I can read that one, I must have just overlooked the other.
The user tracker area says invalid time:
06.06.2016 16:08 Middleware::Response Invalid time
I wonder if that has anything to do with it?
-
What happens if you update?
-
@Wayne-Workman hmm true, didn’t saw that. but the histogram on the fog start page shows the correct time. I don’t know where this error comes from…
-
@Tom-Elliott You mean updating fog to the latest trunk? will try that, but first make a backup.
-
@Tom-Elliott So now I’m on trunk 7981.
Still doesn’t work. This is my logfile:
06.06.2016 17:24 Main Overriding exception handling 06.06.2016 17:24 Main Bootstrapping Zazzles 06.06.2016 17:24 Controller Initialize 06.06.2016 17:24 Entry Creating obj 06.06.2016 17:24 Controller Start 06.06.2016 17:24 Service Starting service 06.06.2016 17:24 Bus Became bus server 06.06.2016 17:24 Bus { "self": true, "channel": "Status", "data": "{\r\n \"action\": \"load\"\r\n}" } 06.06.2016 17:24 Bus Emmiting message on channel: Status ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 06.06.2016 17:24 Client-Info Version: 0.10.6 06.06.2016 17:24 Client-Info OS: Windows 06.06.2016 17:24 Middleware::Authentication Waiting for authentication timeout to pass 06.06.2016 17:24 Middleware::Communication Download: http://10.20.2.60/fog/management/other/ssl/srvpublic.crt 06.06.2016 17:24 Data::RSA FOG Server CA cert found 06.06.2016 17:24 Middleware::Authentication Cert OK 06.06.2016 17:24 Middleware::Communication POST URL: http://10.20.2.60/fog/management/index.php?sub=requestClientInfo&authorize&newService 06.06.2016 17:24 Middleware::Response Invalid security token ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 06.06.2016 17:24 Client-Info Version: 0.10.6 06.06.2016 17:24 Client-Info OS: Windows 06.06.2016 17:24 Middleware::Authentication Waiting for authentication timeout to pass 06.06.2016 17:26 Middleware::Communication Download: http://10.20.2.60/fog/management/other/ssl/srvpublic.crt 06.06.2016 17:26 Data::RSA FOG Server CA cert found 06.06.2016 17:26 Middleware::Authentication Cert OK 06.06.2016 17:26 Middleware::Communication POST URL: http://10.20.2.60/fog/management/index.php?sub=requestClientInfo&authorize&newService 06.06.2016 17:26 Middleware::Response Invalid security token ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 06.06.2016 17:26 Client-Info Version: 0.10.6 06.06.2016 17:26 Client-Info OS: Windows 06.06.2016 17:26 Middleware::Authentication Waiting for authentication timeout to pass 06.06.2016 17:28 Main Overriding exception handling 06.06.2016 17:28 Main Bootstrapping Zazzles 06.06.2016 17:28 Controller Initialize 06.06.2016 17:28 Entry Creating obj 06.06.2016 17:28 Controller Start 06.06.2016 17:28 Service Starting service 06.06.2016 17:28 Bus Became bus server 06.06.2016 17:28 Bus { "self": true, "channel": "Status", "data": "{\r\n \"action\": \"load\"\r\n}" } 06.06.2016 17:28 Bus Emmiting message on channel: Status ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 06.06.2016 17:28 Client-Info Version: 0.10.6 06.06.2016 17:28 Client-Info OS: Windows 06.06.2016 17:28 Middleware::Authentication Waiting for authentication timeout to pass 06.06.2016 17:28 Middleware::Communication Download: http://10.20.2.60/fog/management/other/ssl/srvpublic.crt 06.06.2016 17:28 Data::RSA FOG Server CA cert found 06.06.2016 17:28 Middleware::Authentication Cert OK 06.06.2016 17:28 Middleware::Communication POST URL: http://10.20.2.60/fog/management/index.php?sub=requestClientInfo&authorize&newService 06.06.2016 17:28 Middleware::Response Invalid security token ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 06.06.2016 17:28 Client-Info Version: 0.10.6 06.06.2016 17:28 Client-Info OS: Windows 06.06.2016 17:28 Middleware::Authentication Waiting for authentication timeout to pass 06.06.2016 17:30 Middleware::Communication Download: http://10.20.2.60/fog/management/other/ssl/srvpublic.crt 06.06.2016 17:30 Data::RSA FOG Server CA cert found 06.06.2016 17:30 Middleware::Authentication Cert OK 06.06.2016 17:30 Middleware::Communication POST URL: http://10.20.2.60/fog/management/index.php?sub=requestClientInfo&authorize&newService 06.06.2016 17:30 Middleware::Response Invalid security token ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 06.06.2016 17:30 Client-Info Version: 0.10.6 06.06.2016 17:30 Client-Info OS: Windows 06.06.2016 17:30 Middleware::Authentication Waiting for authentication timeout to pass
Now I have this again:
06.06.2016 17:30 Middleware::Response Invalid security token
-
@jhuesser said in Active Directory join fails:
06.06.2016 17:24 Client-Info Version: 0.10.6
06.06.2016 17:24 Client-Info OS: Windows
06.06.2016 17:24 Middleware::Authentication Waiting for authentication timeout to pass
06.06.2016 17:24 Middleware::Communication Download: http://10.20.2.60/fog/management/other/ssl/srvpublic.crt
06.06.2016 17:24 Data::RSA FOG Server CA cert found
06.06.2016 17:24 Middleware::Authentication Cert OK
06.06.2016 17:24 Middleware::Communication POST URL: http://10.20.2.60/fog/management/index.php?sub=requestClientInfo&authorize&newService
06.06.2016 17:24 Middleware::Response Invalid security token06.06.2016 17:24 Client-Info Version: 0.10.6
06.06.2016 17:24 Client-Info OS: Windows
06.06.2016 17:24 Middleware::Authentication Waiting for authentication timeout to pass
06.06.2016 17:24 Middleware::Communication Download: http://10.20.2.60/fog/management/other/ssl/srvpublic.crt
06.06.2016 17:24 Data::RSA FOG Server CA cert found
06.06.2016 17:24 Middleware::Authentication Cert OK
06.06.2016 17:24 Middleware::Communication POST URL: http://10.20.2.60/fog/management/index.php?sub=requestClientInfo&authorize&newService
06.06.2016 17:24 Middleware::Response Invalid security tokenAlso, I notice the time, is it actually 17:24 there?
-
@Tom-Elliott Hmmm i just deployed it. I recived the “Image Task Completed”-Mail at 17:21 and then logged in. So I guess 17:24 could be true. Now it’s 17:34 local time.
-
@jhuesser Can you reset the encryption data on this host?
-
@Tom-Elliott like this?
UPDATE hosts SET hostPubKey="", hostSecToken="", hostSecTime="0000-00-00 00:00:00";
-
@jhuesser Right from the host edit area on the interface. If the data’s been setup, you will have a button that states “Reset Encryption Data”.
-
@jhuesser That is the manual method to reset it for all hosts, which is entirely not necessary.
You can do this on an individual host via the web interface, or through groups. On the “General/Basic” page, it’s a huge button that says “Reset encryption”, you cannot miss it.
-
@Tom-Elliott @Wayne-Workman hmmm only saw the button on the group setting (chrome / firefox). But resetted the encryption.
Still doesn’t work. This is the log now.
Hostnamechanger says
06.06.2016 17:55 HostnameChanger Users still logged in and enforce is disabled, delaying any further actions
and Authentification:
06.06.2016 17:55 Middleware::Response Invalid time
-
Hey guys, thank you for your help until here. Unfortunally I need to go and I’m back in office at Thursday. If something changes here, I will try that immediately!
-
So now I’ve updated to trunk 8046 and deployed the target again. But still it doesn’t work.
In the first try I got the error
Middleware::Response Invalid security token
again. So i reseted the encryption data for the group and tried it again, but the error still appears. Here is the complete log:
09.06.2016 08:46 Main Overriding exception handling 09.06.2016 08:46 Main Bootstrapping Zazzles 09.06.2016 08:46 Controller Initialize 09.06.2016 08:46 Entry Creating obj 09.06.2016 08:46 Controller Start 09.06.2016 08:46 Service Starting service 09.06.2016 08:46 Bus Became bus server 09.06.2016 08:46 Bus { "self": true, "channel": "Status", "data": "{\r\n \"action\": \"load\"\r\n}" } 09.06.2016 08:46 Bus Emmiting message on channel: Status ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 09.06.2016 08:46 Client-Info Version: 0.10.6 09.06.2016 08:46 Client-Info OS: Windows 09.06.2016 08:46 Middleware::Authentication Waiting for authentication timeout to pass 09.06.2016 08:46 Middleware::Communication Download: http://10.20.2.60/fog/management/other/ssl/srvpublic.crt 09.06.2016 08:46 Data::RSA FOG Server CA cert found 09.06.2016 08:46 Middleware::Authentication Cert OK 09.06.2016 08:46 Middleware::Communication POST URL: http://10.20.2.60/fog/management/index.php?sub=requestClientInfo&authorize&newService 09.06.2016 08:46 Middleware::Response Invalid security token ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 09.06.2016 08:46 Client-Info Version: 0.10.6 09.06.2016 08:46 Client-Info OS: Windows 09.06.2016 08:46 Middleware::Authentication Waiting for authentication timeout to pass 09.06.2016 08:48 Middleware::Communication Download: http://10.20.2.60/fog/management/other/ssl/srvpublic.crt 09.06.2016 08:48 Data::RSA FOG Server CA cert found 09.06.2016 08:48 Middleware::Authentication Cert OK 09.06.2016 08:48 Middleware::Communication POST URL: http://10.20.2.60/fog/management/index.php?sub=requestClientInfo&authorize&newService 09.06.2016 08:48 Middleware::Response Invalid security token ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 09.06.2016 08:48 Client-Info Version: 0.10.6 09.06.2016 08:48 Client-Info OS: Windows 09.06.2016 08:48 Middleware::Authentication Waiting for authentication timeout to pass 09.06.2016 08:50 Middleware::Communication Download: http://10.20.2.60/fog/management/other/ssl/srvpublic.crt 09.06.2016 08:50 Data::RSA FOG Server CA cert found 09.06.2016 08:50 Middleware::Authentication Cert OK 09.06.2016 08:50 Middleware::Communication POST URL: http://10.20.2.60/fog/management/index.php?sub=requestClientInfo&authorize&newService 09.06.2016 08:50 Middleware::Response Invalid security token ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 09.06.2016 08:50 Client-Info Version: 0.10.6 09.06.2016 08:50 Client-Info OS: Windows 09.06.2016 08:50 Middleware::Authentication Waiting for authentication timeout to pass 09.06.2016 08:53 Main Overriding exception handling 09.06.2016 08:53 Main Bootstrapping Zazzles 09.06.2016 08:53 Controller Initialize 09.06.2016 08:53 Entry Creating obj 09.06.2016 08:53 Controller Start 09.06.2016 08:53 Service Starting service 09.06.2016 08:53 Bus Became bus server 09.06.2016 08:53 Bus { "self": true, "channel": "Status", "data": "{\r\n \"action\": \"load\"\r\n}" } 09.06.2016 08:53 Bus Emmiting message on channel: Status ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 09.06.2016 08:53 Client-Info Version: 0.10.6 09.06.2016 08:53 Client-Info OS: Windows 09.06.2016 08:53 Middleware::Authentication Waiting for authentication timeout to pass 09.06.2016 08:53 Middleware::Communication Download: http://10.20.2.60/fog/management/other/ssl/srvpublic.crt 09.06.2016 08:54 Data::RSA FOG Server CA cert found 09.06.2016 08:54 Middleware::Authentication Cert OK 09.06.2016 08:54 Middleware::Communication POST URL: http://10.20.2.60/fog/management/index.php?sub=requestClientInfo&authorize&newService 09.06.2016 08:54 Middleware::Response Invalid security token ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 09.06.2016 08:54 Client-Info Version: 0.10.6 09.06.2016 08:54 Client-Info OS: Windows 09.06.2016 08:54 Middleware::Authentication Waiting for authentication timeout to pass
-
@jhuesser resetting encryption data should work for group or individual hosts, however this will only work if the host that you’re pulling the log from is in the group you performed the reset on. If it’s not in that group you haven’t done anything to that host. This doesn’t mean I’m right as I’m constantly updating trunk and sometimes one change affects another area typically unknown to me. If you find ONLY the host that’s hang this problem and reset the encryption data for it does this issue still persist?
-
@Tom-Elliott The Host was the only member of that group. In the host detail page I don’t see a button to reset the encryption data.
I also registered a new host to fog, put it into that group and imaged it. This doesn’t work too… Here is the logfile of that host:09.06.2016 12:03 Main Overriding exception handling 09.06.2016 12:03 Main Bootstrapping Zazzles 09.06.2016 12:03 Controller Initialize 09.06.2016 12:03 Entry Creating obj 09.06.2016 12:03 Controller Start 09.06.2016 12:03 Service Starting service 09.06.2016 12:03 Bus Became bus server 09.06.2016 12:03 Bus { "self": true, "channel": "Status", "data": "{\r\n \"action\": \"load\"\r\n}" } 09.06.2016 12:03 Bus Emmiting message on channel: Status ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 09.06.2016 12:03 Client-Info Version: 0.10.6 09.06.2016 12:03 Client-Info OS: Windows 09.06.2016 12:03 Middleware::Authentication Waiting for authentication timeout to pass 09.06.2016 12:03 Middleware::Communication Download: http://10.20.2.60/fog/management/other/ssl/srvpublic.crt 09.06.2016 12:03 Data::RSA FOG Server CA cert found 09.06.2016 12:03 Middleware::Authentication Cert OK 09.06.2016 12:03 Middleware::Communication POST URL: http://10.20.2.60/fog/management/index.php?sub=requestClientInfo&authorize&newService 09.06.2016 12:03 Middleware::Response Error multiple hosts returned for list of mac addresses ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 09.06.2016 12:03 Client-Info Version: 0.10.6 09.06.2016 12:03 Client-Info OS: Windows 09.06.2016 12:03 Middleware::Authentication Waiting for authentication timeout to pass 09.06.2016 12:06 Main Overriding exception handling 09.06.2016 12:06 Main Bootstrapping Zazzles 09.06.2016 12:06 Controller Initialize 09.06.2016 12:06 Entry Creating obj 09.06.2016 12:06 Controller Start 09.06.2016 12:06 Service Starting service 09.06.2016 12:06 Bus Became bus server 09.06.2016 12:06 Bus { "self": true, "channel": "Status", "data": "{\r\n \"action\": \"load\"\r\n}" } 09.06.2016 12:06 Bus Emmiting message on channel: Status ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 09.06.2016 12:06 Client-Info Version: 0.10.6 09.06.2016 12:06 Client-Info OS: Windows 09.06.2016 12:06 Middleware::Authentication Waiting for authentication timeout to pass 09.06.2016 12:06 Middleware::Communication Download: http://10.20.2.60/fog/management/other/ssl/srvpublic.crt 09.06.2016 12:06 Data::RSA FOG Server CA cert found 09.06.2016 12:06 Middleware::Authentication Cert OK 09.06.2016 12:06 Middleware::Communication POST URL: http://10.20.2.60/fog/management/index.php?sub=requestClientInfo&authorize&newService 09.06.2016 12:06 Middleware::Response Error multiple hosts returned for list of mac addresses ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 09.06.2016 12:06 Client-Info Version: 0.10.6 09.06.2016 12:06 Client-Info OS: Windows 09.06.2016 12:06 Middleware::Authentication Waiting for authentication timeout to pass
This one seems really strange:
09.06.2016 12:06 Middleware::Response Error multiple hosts returned for list of mac addresses