join active directory using fog on ubuntu /linux
@Joe-Schmitt I’m running mono version 4.8.0 (Stable Web Feb 22 18:30:58 UTC 2017) so my version is better than the required version of 4.2.x.
@justeverything so this is definitely a dependency issue here. Either there’s a bug in the recent builds of mono with Ubuntu 16, or some service is blocking the certificate pinning on this machine.
Could you try: removing the service, setting SELinux to permissive, and re-installing?
If that doesn’t work, goahead and re-enable SELinux, and try an older mono build (perhaps using the stock mono build provided in ubuntu repositories).
@Joe-Schmitt I could need a little help on that. How do I set SELinux to permissive?
I removing the FOGService and installing it again doesn’t help.
edit: I checked an my selinux is set to diabled?
@justeverything you can run this command:
sudo setenforce 0
to temporarily set SELinux to permissive. After done testing with it, runsudo setenforce 1
to set to back to enforcing. -
@Joe-Schmitt if I try those commands it always says SELinux is disabled.
@justeverything alright, can you test the older mono build then? So `
sudo apt-get remove --purge mono-complete
sudo rm /etc/apt/sources.list.d/mono-xamarin.list
sudo apt-get update
sudo apt-get install mono-complete
And then re-test installation. (Also re-run the version command and report which one is now installed)
@Joe-Schmitt I also had to run a sudo apt-get autoremove because of some error codes related to different mono versions. Now it is installing mono version 4.2.1.
mono --version output: Mono JIT compiler version 4.2.1 (Debian
after rerunning the SmartInstaller.exe with mono I still have FOGService active (exited)
active (exited)
is fine, that’s just how the client wraps itself around the various linux service controllers. Whats; more important now is the log file. -
@Joe-Schmitt the installation logfile “SmartInstaller.log” says:
3/7/2017 5:17 PM Process ERROR: Unable to run process 3/7/2017 5:17 PM Process ERROR: ApplicationName='sysv-rc-conf', CommandLine='FOGService off', CurrentDirectory='', Native error= Cannot find the specified file 3/7/2017 5:17 PM Process ERROR: Unable to run process 3/7/2017 5:17 PM Process ERROR: ApplicationName='chkconfig', CommandLine='FOGService off', CurrentDirectory='', Native error= Cannot find the specified file 3/7/2017 5:17 PM Middleware::Communication Download: 3/7/2017 5:17 PM Data::RSA Injecting root CA:
the fog.log is here:
3/7/2017 5:17 PM Main Overriding exception handling 3/7/2017 5:17 PM Main Bootstrapping Zazzles 3/7/2017 5:17 PM Controller Initialize 3/7/2017 5:17 PM Zazzles Creating main thread 3/7/2017 5:17 PM Zazzles Service construction complete 3/7/2017 5:17 PM Controller Start 3/7/2017 5:17 PM Service Starting service 3/7/2017 5:17 PM Bus Became bus server 3/7/2017 5:17 PM Bus { "self": true, "channel": "Status", "data": "{\n \"action\": \"load\"\n}" } 3/7/2017 5:17 PM Bus Emmiting message on channel: Status 3/7/2017 5:17 PM Service Invoking early JIT compilation on needed binaries ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 3/7/2017 5:17 PM Client-Info Version: 0.11.9 3/7/2017 5:17 PM Client-Info OS: Linux 3/7/2017 5:17 PM Middleware::Authentication Waiting for authentication timeout to pass 3/7/2017 5:17 PM Middleware::Communication Download: 3/7/2017 5:17 PM Data::RSA FOG Server CA cert found 3/7/2017 5:17 PM Middleware::Authentication Cert OK 3/7/2017 5:17 PM Middleware::Authentication ERROR: Could not get security token 3/7/2017 5:17 PM Middleware::Authentication ERROR: Could not find file "/opt/fog-service/token.dat". 3/7/2017 5:17 PM Middleware::Communication POST URL: 3/7/2017 5:17 PM Middleware::Response Success 3/7/2017 5:17 PM Middleware::Authentication Authenticated 3/7/2017 5:17 PM Bus Registering ParseBus in channel Power 3/7/2017 5:17 PM Middleware::Communication URL: 3/7/2017 5:17 PM Middleware::Response Success 3/7/2017 5:17 PM Middleware::Communication URL: 3/7/2017 5:17 PM Middleware::Response Success 3/7/2017 5:17 PM Middleware::Communication URL: 3/7/2017 5:17 PM Middleware::Communication URL: 3/7/2017 5:17 PM Service Creating user agent cache 3/7/2017 5:17 PM Middleware::Response Invalid time 3/7/2017 5:17 PM Middleware::Response No Printers 3/7/2017 5:17 PM Middleware::Response Module is disabled globally on the FOG server 3/7/2017 5:17 PM Service Initializing modules ------------------------------------------------------------------------------ ---------------------------------ClientUpdater-------------------------------- ------------------------------------------------------------------------------ 3/7/2017 5:17 PM Client-Info Client Version: 0.11.9 3/7/2017 5:17 PM Client-Info Client OS: Linux 3/7/2017 5:17 PM Client-Info Server Version: 1.3.4 3/7/2017 5:17 PM Middleware::Response Success ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ ----------------------------------TaskReboot---------------------------------- ------------------------------------------------------------------------------ 3/7/2017 5:17 PM Client-Info Client Version: 0.11.9 3/7/2017 5:17 PM Client-Info Client OS: Linux 3/7/2017 5:17 PM Client-Info Server Version: 1.3.4 3/7/2017 5:17 PM Middleware::Response Success ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ --------------------------------HostnameChanger------------------------------- ------------------------------------------------------------------------------ 3/7/2017 5:17 PM Client-Info Client Version: 0.11.9 3/7/2017 5:17 PM Client-Info Client OS: Linux 3/7/2017 5:17 PM Client-Info Server Version: 1.3.4 3/7/2017 5:17 PM Middleware::Response Success 3/7/2017 5:17 PM HostnameChanger Checking Hostname 3/7/2017 5:17 PM HostnameChanger Removing host from domain 3/7/2017 5:17 PM HostnameChanger ERROR: Required domain information is missing 3/7/2017 5:17 PM HostnameChanger Renaming host to fog-desktop-173 3/7/2017 5:17 PM HostnameChanger Brute forcing hostname change... 3/7/2017 5:17 PM HostnameChanger --> Success /etc/hostname 3/7/2017 5:17 PM HostnameChanger ERROR: --> Did not find /etc/HOSTNAME 3/7/2017 5:17 PM HostnameChanger --> Success /etc/hosts 3/7/2017 5:17 PM HostnameChanger ERROR: --> Did not find /etc/sysconfig/network 3/7/2017 5:17 PM Power Creating shutdown command in 60 seconds 3/7/2017 5:17 PM Bus { "self": true, "channel": "Power", "data": "{\n \"action\": \"request\",\n \"period\": 60,\n \"options\": 2,\n \"command\": \"-r +0 \\\"FOG needs to rename your computer\\\"\",\n \"aggregatedDelayTime\": 0,\n \"message\": \"\"\n}" } 3/7/2017 5:17 PM Bus Emmiting message on channel: Power ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ ---------------------------------SnapinClient--------------------------------- ------------------------------------------------------------------------------ 3/7/2017 5:17 PM Client-Info Client Version: 0.11.9 3/7/2017 5:17 PM Client-Info Client OS: Linux 3/7/2017 5:17 PM Client-Info Server Version: 1.3.4 3/7/2017 5:17 PM Middleware::Response Success 3/7/2017 5:17 PM SnapinClient A power operation is pending, aborting module ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ --------------------------------PrinterManager-------------------------------- ------------------------------------------------------------------------------ 3/7/2017 5:17 PM Client-Info Client Version: 0.11.9 3/7/2017 5:17 PM Client-Info Client OS: Linux 3/7/2017 5:17 PM Client-Info Server Version: 1.3.4 3/7/2017 5:17 PM Middleware::Response No Printers 3/7/2017 5:17 PM PrinterManager Module is not compatible with Linux ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ --------------------------------PowerManagement------------------------------- ------------------------------------------------------------------------------ 3/7/2017 5:17 PM Client-Info Client Version: 0.11.9 3/7/2017 5:17 PM Client-Info Client OS: Linux 3/7/2017 5:17 PM Client-Info Server Version: 1.3.4 3/7/2017 5:17 PM Middleware::Response Success 3/7/2017 5:17 PM PowerManagement Calculating tasks to unschedule 3/7/2017 5:17 PM PowerManagement Calculating tasks to schedule ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ ----------------------------------UserTracker--------------------------------- ------------------------------------------------------------------------------ 3/7/2017 5:17 PM Client-Info Client Version: 0.11.9 3/7/2017 5:17 PM Client-Info Client OS: Linux 3/7/2017 5:17 PM Client-Info Server Version: 1.3.4 3/7/2017 5:17 PM Middleware::Response Success 3/7/2017 5:17 PM Middleware::Communication URL:\ukpadmin&mac=44:37:E6:56:46:19&newService&json ------------------------------------------------------------------------------ 3/7/2017 5:17 PM Service Sleeping for 112 seconds 3/7/2017 5:17 PM Controller Stop 3/7/2017 5:17 PM Service Stop requested 3/7/2017 5:17 PM Bus { "self": true, "channel": "Status", "data": "{\n \"action\": \"unload\"\n}" } 3/7/2017 5:17 PM Bus Emmiting message on channel: Status 3/7/2017 5:17 PM Main Overriding exception handling 3/7/2017 5:17 PM Main Bootstrapping Zazzles 3/7/2017 5:17 PM Controller Initialize 3/7/2017 5:17 PM Zazzles Creating main thread 3/7/2017 5:17 PM Zazzles Service construction complete 3/7/2017 5:17 PM Controller Start 3/7/2017 5:17 PM Service Starting service 3/7/2017 5:17 PM Bus Became bus server 3/7/2017 5:17 PM Bus { "self": true, "channel": "Status", "data": "{\n \"action\": \"load\"\n}" } 3/7/2017 5:17 PM Bus Emmiting message on channel: Status 3/7/2017 5:17 PM Service Invoking early JIT compilation on needed binaries ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 3/7/2017 5:17 PM Client-Info Version: 0.11.9 3/7/2017 5:17 PM Client-Info OS: Linux 3/7/2017 5:17 PM Middleware::Authentication Waiting for authentication timeout to pass 3/7/2017 5:17 PM Middleware::Communication Download: 3/7/2017 5:18 PM Controller Stop 3/7/2017 5:18 PM Service Stop requested 3/7/2017 5:18 PM Middleware::Communication ERROR: Could not download file 3/7/2017 5:18 PM Middleware::Communication ERROR: 3/7/2017 5:18 PM Middleware::Authentication ERROR: Could not authenticate 3/7/2017 5:18 PM Middleware::Authentication ERROR: 3/7/2017 5:18 PM Bus { "self": true, "channel": "Status", "data": "{\n \"action\": \"unload\"\n}" } 3/7/2017 5:18 PM Bus Emmiting message on channel: Status 3/7/2017 5:20 PM Main Overriding exception handling 3/7/2017 5:20 PM Main Bootstrapping Zazzles 3/7/2017 5:20 PM Controller Initialize 3/7/2017 5:20 PM Zazzles Creating main thread 3/7/2017 5:20 PM Zazzles Service construction complete 3/7/2017 5:20 PM Controller Start 3/7/2017 5:20 PM Service Starting service 3/7/2017 5:20 PM Bus Became bus server 3/7/2017 5:20 PM Bus { "self": true, "channel": "Status", "data": "{\n \"action\": \"load\"\n}" } 3/7/2017 5:20 PM Bus Emmiting message on channel: Status 3/7/2017 5:20 PM Service Invoking early JIT compilation on needed binaries ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 3/7/2017 5:20 PM Client-Info Version: 0.11.9 3/7/2017 5:20 PM Client-Info OS: Linux 3/7/2017 5:20 PM Middleware::Authentication Waiting for authentication timeout to pass 3/7/2017 5:20 PM Middleware::Communication Download: 3/7/2017 5:20 PM Data::RSA FOG Server CA cert found 3/7/2017 5:20 PM Middleware::Authentication Cert OK 3/7/2017 5:20 PM Middleware::Authentication ERROR: Could not get security token 3/7/2017 5:20 PM Middleware::Authentication ERROR: Data unprotection failed. 3/7/2017 5:20 PM Middleware::Communication POST URL: 3/7/2017 5:20 PM Middleware::Response Invalid security token ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 3/7/2017 5:20 PM Client-Info Version: 0.11.9 3/7/2017 5:20 PM Client-Info OS: Linux 3/7/2017 5:20 PM Middleware::Authentication Waiting for authentication timeout to pass 3/7/2017 5:22 PM Middleware::Communication Download: 3/7/2017 5:22 PM Data::RSA FOG Server CA cert found 3/7/2017 5:22 PM Middleware::Authentication Cert OK 3/7/2017 5:22 PM Middleware::Authentication ERROR: Could not get security token 3/7/2017 5:22 PM Middleware::Authentication ERROR: Data unprotection failed. 3/7/2017 5:22 PM Middleware::Communication POST URL: 3/7/2017 5:22 PM Middleware::Response Invalid security token ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 3/7/2017 5:22 PM Client-Info Version: 0.11.9 3/7/2017 5:22 PM Client-Info OS: Linux 3/7/2017 5:22 PM Middleware::Authentication Waiting for authentication timeout to pass 3/7/2017 5:22 PM Controller Stop 3/7/2017 5:22 PM Service Stop requested 3/7/2017 5:22 PM Middleware::Authentication ERROR: Could not authenticate 3/7/2017 5:22 PM Middleware::Authentication ERROR: 3/7/2017 5:22 PM Bus { "self": true, "channel": "Status", "data": "{\n \"action\": \"unload\"\n}" } 3/7/2017 5:22 PM Bus Emmiting message on channel: Status 3/7/2017 5:23 PM Main Overriding exception handling 3/7/2017 5:23 PM Main Bootstrapping Zazzles 3/7/2017 5:23 PM Controller Initialize 3/7/2017 5:23 PM Zazzles Creating main thread 3/7/2017 5:23 PM Zazzles Service construction complete 3/7/2017 5:23 PM Controller Start 3/7/2017 5:23 PM Service Starting service 3/7/2017 5:23 PM Bus Became bus server 3/7/2017 5:23 PM Bus { "self": true, "channel": "Status", "data": "{\n \"action\": \"load\"\n}" } 3/7/2017 5:23 PM Bus Emmiting message on channel: Status 3/7/2017 5:23 PM Service Invoking early JIT compilation on needed binaries ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 3/7/2017 5:23 PM Client-Info Version: 0.11.9 3/7/2017 5:23 PM Client-Info OS: Linux 3/7/2017 5:23 PM Middleware::Authentication Waiting for authentication timeout to pass 3/7/2017 5:23 PM Middleware::Communication Download: 3/7/2017 5:24 PM Middleware::Communication ERROR: Could not download file 3/7/2017 5:24 PM Middleware::Communication ERROR: The request timed out 3/7/2017 5:24 PM Middleware::Authentication ERROR: Could not authenticate 3/7/2017 5:24 PM Middleware::Authentication ERROR: Could not find file "/opt/fog-service/tmp/public.cer". ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 3/7/2017 5:24 PM Client-Info Version: 0.11.9 3/7/2017 5:24 PM Client-Info OS: Linux 3/7/2017 5:24 PM Middleware::Authentication Waiting for authentication timeout to pass 3/7/2017 5:25 PM Middleware::Communication Download: 3/7/2017 5:25 PM Data::RSA FOG Server CA cert found 3/7/2017 5:25 PM Middleware::Authentication Cert OK 3/7/2017 5:25 PM Middleware::Authentication ERROR: Could not get security token 3/7/2017 5:25 PM Middleware::Authentication ERROR: Data unprotection failed. 3/7/2017 5:25 PM Middleware::Communication POST URL: 3/7/2017 5:25 PM Middleware::Response Invalid security token ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 3/7/2017 5:25 PM Client-Info Version: 0.11.9 3/7/2017 5:25 PM Client-Info OS: Linux 3/7/2017 5:25 PM Middleware::Authentication Waiting for authentication timeout to pass 3/7/2017 5:27 PM Middleware::Communication Download: 3/7/2017 5:27 PM Data::RSA FOG Server CA cert found 3/7/2017 5:27 PM Middleware::Authentication Cert OK 3/7/2017 5:27 PM Middleware::Authentication ERROR: Could not get security token 3/7/2017 5:27 PM Middleware::Authentication ERROR: Data unprotection failed. 3/7/2017 5:27 PM Middleware::Communication POST URL: 3/7/2017 5:27 PM Middleware::Response Invalid security token ------------------------------------------------------------------------------ --------------------------------Authentication-------------------------------- ------------------------------------------------------------------------------ 3/7/2017 5:27 PM Client-Info Version: 0.11.9 3/7/2017 5:27 PM Client-Info OS: Linux 3/7/2017 5:27 PM Middleware::Authentication Waiting for authentication timeout to pass
@justeverything thats good. That means certificate pinning worked. Simply go to the host in the web portal and hit “Reset Encryption Data” and it should work fine now.
It would seem your issue was with recent builds of mono.
@Joe-Schmitt I will try it. If it works now you are my new personal god!
I will also post my solution to joining ubuntu to the active directory with the snapin / bash file / keytab if it works all properly in the next days. I hope this will help other users until there is a solution directly via fog for linux.
@Joe-Schmitt snapins now work perfectly! thanks a lot!
Now i just have to do some settings on my custom snapin - but I will do this tomorrow, its already late here in germany. Thanks again for your help, I really appreciate it!
well, I have to ask another question - My Snapin does not work correctly. If I start it manually on the host pc, everything works fine. but If i run it with the fog client, it does not work. the snapin history of the client says:
joindomain 2017-03-15 10:22:44 Complete 30 seconds 0
so no error code. that’s fine I guess. I read in your wiki, that the script is run by the user root or SYSTEM and that there may be some issues with the security, but I really can’t find out where or what the issues could be.
here are my snapin settings:
Name joindomain
Type Snapin Pack
Pack Template - please select an option -
Pack File /bin/bash
Pack Arguments “[FOG_SNAPIN_PATH]/”
Reboot after install checked
Snapin enabled checked
Replicate? checked
Timeout after 600 seconds
Snapin Command /bin/bash “[FOG_SNAPIN_PATH]/”the fog client log says the following -
so also everything seems to be fine. what else can I consider?------------------------------------------------------------------------------ ---------------------------------SnapinClient--------------------------------- ------------------------------------------------------------------------------ 3/15/2017 11:22 AM Client-Info Client Version: 0.11.9 3/15/2017 11:22 AM Client-Info Client OS: Linux 3/15/2017 11:22 AM Client-Info Server Version: 1.3.4 3/15/2017 11:22 AM Middleware::Response Success 3/15/2017 11:22 AM SnapinClient Snapin Found: 3/15/2017 11:22 AM SnapinClient ID: 25 3/15/2017 11:22 AM SnapinClient Name: joindomain 3/15/2017 11:22 AM SnapinClient Created: 2017-03-15 10:22:42 3/15/2017 11:22 AM SnapinClient Action: reboot 3/15/2017 11:22 AM SnapinClient Pack: True 3/15/2017 11:22 AM SnapinClient Hide: False 3/15/2017 11:22 AM SnapinClient Server: 3/15/2017 11:22 AM SnapinClient TimeOut: 600 3/15/2017 11:22 AM SnapinClient SnapinPack File: /bin/bash 3/15/2017 11:22 AM SnapinClient SnapinPack Args: "[FOG_SNAPIN_PATH]/" 3/15/2017 11:22 AM SnapinClient File: 3/15/2017 11:22 AM Middleware::Communication Download: 3/15/2017 11:22 AM SnapinClient /opt/fog-service/tmp/ 3/15/2017 11:22 AM SnapinClient Processing SnapinPack 3/15/2017 11:22 AM SnapinClient Extracting SnapinPack 3/15/2017 11:22 AM SnapinClient Processing SnapinPack settings 3/15/2017 11:22 AM SnapinClient New SnapinPack File: /bin/bash 3/15/2017 11:22 AM SnapinClient New SnapinPack Args: "/opt/fog-service/tmp/joindomain/" 3/15/2017 11:22 AM Bus { "self": true, "channel": "Notification", "data": "{\n \"title\": \"Installing joindomain\",\n \"message\": \"Please do not shutdown until this is completed\"\n}" } 3/15/2017 11:22 AM Bus Emmiting message on channel: Notification 3/15/2017 11:22 AM SnapinClient Starting snapin... 3/15/2017 11:23 AM SnapinClient Snapin finished 3/15/2017 11:23 AM SnapinClient Return Code: 0 3/15/2017 11:23 AM Bus { "self": true, "channel": "Notification", "data": "{\n \"title\": \"joindomain installed\",\n \"message\": \"Installation has finished and is now ready for use\"\n}" } 3/15/2017 11:23 AM Bus Emmiting message on channel: Notification 3/15/2017 11:23 AM Middleware::Communication URL: 3/15/2017 11:23 AM Power Creating shutdown command in 60 seconds 3/15/2017 11:23 AM Bus { "self": true, "channel": "Power", "data": "{\n \"action\": \"request\",\n \"period\": 60,\n \"options\": 2,\n \"command\": \"-r +0 \\\"Snapin requested restart\\\"\",\n \"aggregatedDelayTime\": 0,\n \"message\": \"This computer needs to reboot to apply new software.\"\n}" } 3/15/2017 11:23 AM Bus Emmiting message on channel: Power ------------------------------------------------------------------------------
@justeverything at this point it’s a matter of debugging the script. Personally I’d have it use a log file somewhere (keep in mind it runs as root, so you can place it anywhere outside of the client tmp dir). Start with basic stuff like logging on script start, just to make sure it’s actually getting run.
@Joe-Schmitt thank you
I finally found a little mistake that crashed everything, so now it runs perfectly. this can be marked as solved. thanks again for all your help!
@justeverything Do you have the working version of this?