FOG Client. Authentication ERROR: Could not get security token

cojohnson

Server

• FOG Version: 1.3.0-RC-36
• OS: Ubuntu 16.04

Client

• Service Version: 0.11.6 -> 0.11.7
• OS: Windows 10 v1607

Description

I am having problems getting my Windows computers to rename after imaging…
I install the fog client v0.11.6 after the imaging process via a batch script.
I have updated the Date & Time on the Windows devices before installing the fog client.
I have reset encryption data for all hosts on our network a few times

The FOG Client cant get the Server’s Security Token?
Is there anyway to fix this PERMANENTLY???

 12/14/2016 12:33 PM Main Overriding exception handling
 12/14/2016 12:33 PM Main Bootstrapping Zazzles
 12/14/2016 12:33 PM Controller Initialize
 12/14/2016 12:33 PM Zazzles Creating main thread
 12/14/2016 12:33 PM Zazzles Service construction complete
 12/14/2016 12:33 PM Controller Start

 12/14/2016 12:33 PM Service Starting service
 12/14/2016 12:33 PM Bus Became bus server
 12/14/2016 12:33 PM Bus {
  "self": true,
  "channel": "Status",
  "data": "{\r\n  \"action\": \"load\"\r\n}"
}
 12/14/2016 12:33 PM Bus Emmiting message on channel: Status
 12/14/2016 12:33 PM Service Invoking early JIT compilation on needed binaries

------------------------------------------------------------------------------
--------------------------------Authentication--------------------------------
------------------------------------------------------------------------------
 12/14/2016 12:33 PM Client-Info Version: 0.11.7
 12/14/2016 12:33 PM Client-Info OS:      Windows
 12/14/2016 12:33 PM Middleware::Authentication Waiting for authentication timeout to pass
 12/14/2016 12:33 PM Middleware::Communication Download: http://10.21.0.105/fog/management/other/ssl/srvpublic.crt
 12/14/2016 12:33 PM Data::RSA FOG Server CA cert found
 12/14/2016 12:33 PM Middleware::Authentication Cert OK
 12/14/2016 12:33 PM Middleware::Authentication ERROR: Could not get security token
 12/14/2016 12:33 PM Middleware::Authentication ERROR: Could not find file 'C:\Program Files (x86)\FOG\token.dat'.
 12/14/2016 12:33 PM Middleware::Communication POST URL: http://10.21.0.105/fog/management/index.php?sub=requestClientInfo&authorize&newService
 12/14/2016 12:33 PM Middleware::Response Invalid security token

------------------------------------------------------------------------------
--------------------------------Authentication--------------------------------
------------------------------------------------------------------------------
 12/14/2016 12:33 PM Client-Info Version: 0.11.7
 12/14/2016 12:33 PM Client-Info OS:      Windows
 12/14/2016 12:33 PM Middleware::Authentication Waiting for authentication timeout to pass
 12/14/2016 12:35 PM Middleware::Communication Download: http://10.21.0.105/fog/management/other/ssl/srvpublic.crt
 12/14/2016 12:35 PM Data::RSA FOG Server CA cert found
 12/14/2016 12:35 PM Middleware::Authentication Cert OK
 12/14/2016 12:35 PM Middleware::Authentication ERROR: Could not get security token
 12/14/2016 12:35 PM Middleware::Authentication ERROR: Could not find file 'C:\Program Files (x86)\FOG\token.dat'.
 12/14/2016 12:35 PM Middleware::Communication POST URL: http://10.21.0.105/fog/management/index.php?sub=requestClientInfo&authorize&newService
 12/14/2016 12:35 PM Middleware::Response Invalid security token

------------------------------------------------------------------------------
--------------------------------Authentication--------------------------------
------------------------------------------------------------------------------
 12/14/2016 12:35 PM Client-Info Version: 0.11.7
 12/14/2016 12:35 PM Client-Info OS:      Windows
 12/14/2016 12:35 PM Middleware::Authentication Waiting for authentication timeout to pass

Joe Schmitt

@cojohnson 12/14/2016 12:35 PM Middleware::Authentication ERROR: Could not get security token just means the client has never successfully authenticated before. It only receives a token after the first successful authentication.

In general we recommend installing the client IN the image, as the tokens are automatically reset when an imaging task is performed. However, you should never have to continuously reset encryption data, only when you manually install / uninstall the client.

cojohnson

@Joe-Schmitt “In general we recommend installing the client IN the image, as the tokens are automatically reset when an imaging task is performed. However, you should never have to continuously reset encryption data, only when you manually install / uninstall the client.”

So, I am assuming, installing the FOG Client via a batch script after the image process is considered “manually installing”?

I am going to put the FOG client on the image.

Wayne Workman

@cojohnson said in FOG Client. Authentication ERROR: Could not get security token:

I am going to put the FOG client on the image.

That’s the correct answer.

cojohnson

@Wayne-Workman @Joe-Schmitt

I installed the latest FOG client 0.11.7 on my image. However, I am still having problems authenticating.

0_1481821462892_fog.log

Any ideas or suggestions?
Thanks

Wayne Workman

@cojohnson Do you see the certificate when you go to this address in a web browser:
http://10.21.0.105/fog/management/other/ssl/srvpublic.crt

Wayne Workman

Also, this error makes me think you have DB issues:

Middleware::Response Error multiple hosts returned for list of mac addresses

The answer to the db issues is running these cleanup/maintenance queries against the fog db:
https://wiki.fogproject.org/wiki/index.php?title=Troubleshoot_MySQL#Hosts_think_they_are_not_registered_.2F_can.27t_register_.2F_Already_Registered_.2F_other_weirdness

Wayne Workman

For this error here:

Authentication ERROR: Could not find file 'C:\Program Files (x86)\FOG\token.dat'.

Are you rebooting the reference machine after installing the client, but before capturing the image? This is very important, the fog client has to do stuff on it’s first run to work right later on when deployed. I always, always reboot after installing the client and then check the fog log for errors. If there are issues, an image is not captured until those are solved first.

cojohnson

@Wayne-Workman
Hmmnn, OK, I am going to clean my DB now and restore my “audit mode reference image” to see what the FOG Client is doing. I will keep you posted

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> DELETE FROM `hosts` WHERE `hostID` = '0';
Query OK, 0 rows affected (0.00 sec)

mysql> DELETE FROM `hostMAC` WHERE hmID = '0' OR `hmHostID` = '0';
Query OK, 0 rows affected (0.00 sec)

mysql> DELETE FROM `groupMembers` WHERE `gmID` = '0' OR `gmHostID` = '0' OR `gmGroupID` = '0';
Query OK, 12 rows affected (0.05 sec)

mysql> DELETE FROM `snapinGroupAssoc` WHERE `sgaID` = '0' OR `sgaSnapinID` = '0' OR `sgaStorageGroupID` = '0';
Query OK, 0 rows affected (0.00 sec)

mysql> DELETE from `snapinAssoc` WHERE `saID` = '0' OR `saHostID` = '0' OR `saSnapinID` = '0';
Query OK, 11 rows affected (0.01 sec)

mysql> DELETE FROM `hosts` WHERE `hostID` NOT IN (SELECT `hmHostID` FROM `hostMAC`);
Query OK, 1 row affected (0.00 sec)

mysql> DELETE FROM `hostMAC` WHERE `hmhostID` NOT IN (SELECT `hostID` FROM `hosts`);
Query OK, 0 rows affected (0.00 sec)

mysql> DELETE FROM `snapinAssoc` WHERE `saHostID` NOT IN (SELECT `hostID` FROM `hosts`);
Query OK, 0 rows affected (0.00 sec)

mysql> DELETE FROM `groupMembers` WHERE `gmHostID` NOT IN (SELECT `hostID` FROM `hosts`);
Query OK, 0 rows affected (0.00 sec)

mysql> quit

cojohnson

@Wayne-Workman @Joe-Schmitt
I am currently in Sysprep mode on my image and I am still getting the same error with the FOG client.
**Note, I restarted halfway into the log

0_1481828004736_fog.log

Wayne Workman

@cojohnson For the moment, let’s stop worrying about imaging, and just focus on the fog client. The goal is to fix the errors in the log. Try uninstalling it and reinstalling it first.