@LLamaPie Everything has been clean now for about a week. I would consider this at least resolved on our end. Still no answer about when it became compromised exactly. Our hyper-paranoid theory is it may have been a “time bomb”. This could have been on the server for months before popping up. Our long-term solution is keeping endpoint protection in place. I have nothing else to add but if I discover anything I will let everyone know.

@45lightrain ok so lets start with some basics.

a 1GbE link (under theoretical conditions) is 1 Giga bits per second or 128MB/sec or 7.5GB/min raw data. Understand that there is ethernet overhead and you will never achieve 7.5GB/min.

So how is it possible to see speeds above 7.5GB/min on a 1GbE link? Simply data compression. So what you are seeing in the part clone screen is a composite speed including fog server speed sending the data to the network, network transfer time, the client receiving the image, expanding in it memory, and then writing it to disk.

If you are getting 5.5-6.1GB/min in partclone on a pure 1GbE network your fog environment is well designed and network well managed.

I wrote an article a few years ago that has some benchmark tools you can use to see where you can get additional speed out of your setup. https://forums.fogproject.org/topic/10459/can-you-make-fog-imaging-go-fast

So the executive summary is that if you want to go fast.

Install at least (1) 10GbE network link. (If you have many computers running the fog clients, run (2) 10GbE links in lag configuration. If you have many clients hitting your fog server while you are trying to image use a ssd disk or nvme drives on your fog server (I would look at spending here the last, typically its not the disk that is slow, unless you have just a single spindle hdd driving your fog server). Try to get the 10GbE network as close to the target computers as you can. If you are trying to image multiple target computers at the same time look into fog casting your image to the target computers. When capturing your image use the zstd compression tool over gzip. Set zstd at compression 11 to start. If your target computers have a lot of horsepower, 16GB of ram, and fast nvme disks you can get more data through your network by compressing the data more. This will put a heavier load on the target computer expanding the image and writing it to disk.

Think if your imaging as 3 factor triangle. You have server speed to get the image to the network adapter, the speed at which your network can move the image to the target computer, and finally the time it takes for the target computer to intake the image, expand it in memory and write to disk. In the imaging process the fog server typically has the least impact on imaging of the three.

Sorry everyone I haven’t updated on this post, my organization wanted our fog server migrated to our data center on to a vm so my time was reverted to doing that and building an additional one at one of our new hospitals we recently finished construction on. But I plan to get back to working on it this week on my test server I have set up. Once I have it set up I am going to implement it on our production servers, I think I’m very close to implementing this concept and once I have it cracked I will make sure to share this with everyone because I think the option of being able to do this will be valuable to many others. @george1421 @Wayne-Workman

@JJ-Fullmer Thank you for the suggestion! I’m still new to creating GPO’s so I’ll have to figure out how to do that one. Doesn’t seem like it should be too hard. Thank you!

@JJ-Fullmer Good to know, thank you so much 😎💯

@Tom-Elliott

Yes, I even spun up a new FOG VM where the mount points were created before FOG was installed to makesure the FOG installer created all the files and set permissions.

edited - words

@Sab First I would have to say both fog server and fog storage node have to be on the same version. The fog storage node doesn’t have its own database, it uses the fog server’s database. There could be schema changes in the database between 1.5.10 and 1.5.9.

Unless you change the storage group around, its not possible to capture to a storage node (in the default configuration). Only the master node in a storage group captures the image, then it replicates the captured image to all storage nodes. Both the master node and storage node can deploy images.

If I had to guess, I would think that in the storage group the nas fog server is not defined as the master node. If I think I understand what you did to configure this setup.

On the fog error screen it should print out the kernel parameters sent to the FOS imaging engine. There should be a filed marked storage or storage_ip, that will point to the fog server it will try to get the image from. Make sure that is correct for your configuration.

Update to fog 1.6 fixed problem

@JJ-Fullmer Thank you for these suggestions. Yes, I am using an install package when doing it manually. I have looked all through device settings, and while I can find the punching feature, I can’t enable it.
I will look into FOG printer settings as well as FogApi powershell module. Haven’t delved into these yet.
Thanks again.

@mentaluproar sadly, due to the windows updates previously mentioned, which are actually fully enforced in the 2024-08 updates, a domain admin account is pretty much required to join the domain in an automated fashion. Microsoft gives some guidance on creating policies to allow a least privileged account but I haven’t been able to get that to work with fog. Granted, as long as your aren’t granting access to the fog gui to non privileged users, saving those creds in fog is safe and secured.

@Tom-Elliott

Ok thanks

@HorizonG

I’m making an update to my script.

If the computer belongs to several groups at the same time, this can cause problems.

I now return all the groups, then the script selects only the group starting with GROUP_AUTOMATE_ …

7679ccb4-dc09-4d19-9a3f-49b8039eeaf2-image.png

This will copy only this folder to the local directory of the client machine : clientfolderpath=“/ntfs/FOG/Sites/$SITE_GROUP”
136a0ede-7eec-46bc-a1bc-04560b236750-image.png

Le script

#!/bin/bash #Variables FOG_HOSTNAME=$hostname FOG_API_TOKEN="deleted for privacy reasons" FOG_USER_TOKEN="deleted for privacy reasons" FOG_SERVER="deleted for privacy reasons" # Adresse IP ou nom d'hôte de votre serveur FOG echo "Serveur FOG: $FOG_SERVER" # Fonction pour appeler l'API FOG function invoke_fog_api() { local fog_api_token="$1" local fog_user_token="$2" local fog_server="$3" local uri_path="$4" local method="${5:-GET}" local json_data="$6" local base_uri="http://$fog_server/fog" local uri="$base_uri/$uri_path" # Construct headers local headers=( -H "fog-api-token: $fog_api_token" -H "fog-user-token: $fog_user_token" -H "Content-Type: application/json" ) # Make API call and store response in a variable if [ "$method" == "GET" ]; then response=$(curl -s -X GET "$uri" "${headers[@]}") else response=$(curl -s -X "$method" "$uri" "${headers[@]}" -d "$json_data") fi echo "$response" } # Fonction pour obtenir les détails de l'hôte function get_fog_host() { local fog_api_token="$1" local fog_user_token="$2" local fog_server="$3" local fog_hostname="$4" response=$(invoke_fog_api "$fog_api_token" "$fog_user_token" "$fog_server" "host?name=$fog_hostname") # Vérifiez si la réponse est vide if [ -z "$response" ]; then echo "Erreur: La réponse de l'API pour l'hôte est vide." return 1 fi # Vérifiez la validité du JSON if ! echo "$response" | jq . > /dev/null 2>&1; then echo "Erreur: La réponse de l'API pour l'hôte n'est pas un JSON valide." echo "Réponse brute de l'API: $response" return 1 fi # Extraire les détails de l'hôte local host_info host_info=$(echo "$response" | jq --arg hostname "$fog_hostname" '.hosts[] | select(.name == $hostname)') if [ -z "$host_info" ]; then echo "Erreur: Aucun détail trouvé pour l'hôte $fog_hostname." return 1 fi echo "$host_info" } # Fonction pour obtenir les groupes associés à un hôte function get_fog_groups_for_host() { local fog_api_token="$1" local fog_user_token="$2" local fog_server="$3" local host_id="$4" # Récupérer les associations de groupes local response response=$(invoke_fog_api "$fog_api_token" "$fog_user_token" "$fog_server" "groupassociation") # Vérifiez la validité du JSON if ! echo "$response" | jq . >/dev/null 2>&1; then echo "Erreur: La réponse de l'API pour les associations de groupes n'est pas un JSON valide." echo "Réponse brute de l'API: $response" return 1 fi # Extraire les IDs des groupes associés à l'hôte local group_ids group_ids=$(echo "$response" | jq -r --arg host_id "$host_id" '.groupassociations[] | select(.hostID == ($host_id | tonumber)) | .groupID') # Récupérer les détails des groupes response=$(invoke_fog_api "$fog_api_token" "$fog_user_token" "$fog_server" "group") # Vérifiez la validité du JSON if ! echo "$response" | jq . >/dev/null 2>&1; then echo "Erreur: La réponse de l'API pour les groupes n'est pas un JSON valide." echo "Réponse brute de l'API: $response" return 1 fi # Afficher les détails des groupes associés dans un format simple local group_ids_array group_ids_array=$(echo "$group_ids" | jq -R -s -c 'split("\n") | map(select(length > 0) | tonumber)') echo "$response" | jq -r --argjson group_ids "$group_ids_array" \ '.groups[] | select(.id as $id | $group_ids | index($id)) | "\(.id) \(.name)"' } # Fonction pour traiter et afficher les groupes dont le nom commence par GROUP_AUTOMATE_ function process_fog_groups() { local group_data="$1" echo "Groupes associés à l'hôte (commençant par GROUP_AUTOMATE_) :" # Initialiser les index local group_index=1 # Extraire les groupes et définir les variables d'environnement while IFS= read -r line; do id=$(echo "$line" | awk '{print $1}') name=$(echo "$line" | awk '{$1=""; print $0}' | sed 's/^ *//') # Remove leading spaces from the name if [[ "$name" == GROUP_AUTOMATE_* ]]; then # Définir les variables d'environnement pour le nom et l'ID du groupe export FOG_GROUP_NAME_$group_index="$name" export FOG_GROUP_ID_$group_index="$id" # Afficher le groupe echo "GROUP NAME = $name" echo "GROUP ID = $id" export FOG_GROUP_NAME_AUTOMATE=$name export FOG_GROUP_NAME_ID=$id # Incrémenter l'index pour le prochain groupe group_index=$((group_index + 1)) fi done <<< "$group_data" } # Fonction principale pour la simulation function GetInfo_host() { local fog_api_token="$FOG_API_TOKEN" local fog_user_token="$FOG_USER_TOKEN" local fog_server="$FOG_SERVER" local fog_hostname="$FOG_HOSTNAME" # Obtenez les détails de l'hôte local local_host local_host=$(get_fog_host "$fog_api_token" "$fog_user_token" "$fog_server" "$fog_hostname") # Vérifiez si local_host est vide if [ -z "$local_host" ]; then echo "Erreur: Aucune information sur l'hôte trouvée." return 1 fi # Obtenez l'ID de l'hôte local host_id host_id=$(echo "$local_host" | jq -r '.id') if [ -z "$host_id" ]; then echo "Erreur: Impossible d'extraire l'ID de l'hôte." return 1 fi # Obtenez les groupes associés à l'hôte local host_groups host_groups=$(get_fog_groups_for_host "$fog_api_token" "$fog_user_token" "$fog_server" "$host_id") # Vérifiez si host_groups est vide if [ -z "$host_groups" ]; then echo "Erreur: Aucune information sur les groupes trouvée pour l'hôte." return 1 fi # Traitement des groupes et affichage des détails process_fog_groups "$host_groups" # Accès aux variables d'environnement pour chaque groupe for i in $(seq 1 $((group_index - 1))); do echo "Nom du groupe $i: ${!FOG_GROUP_NAME_$i}" echo "ID du groupe $i: ${!FOG_GROUP_ID_$i}" done # Affichage des détails echo "---------------------------------------" echo "Détails de l'hôte pour: $fog_hostname" echo "---------------------------------------" echo "Détails de l'hôte récupérés :" echo "$local_host" echo "---------------------------------------" # Afficher le contenu de host_groups => ALL GROUPS echo "---------------------------------------" echo "ALL GROUPS :" echo "$host_groups" echo "---------------------------------------" # Affichage des détails du groupe AUTOMATION #echo $FOG_GROUP_NAME_AUTOMATE #echo $FOG_GROUP_NAME_ID echo "Détails du groupe automation" echo "Nom du groupe: $FOG_GROUP_NAME_AUTOMATE" echo "ID du groupe: $FOG_GROUP_NAME_ID" echo "---------------------------------------" # Définir les variables d'environnement pour le nom et l'ID du groupe export FOG_GROUP_NAME_AUTOMATE export FOG_GROUP_NAME_ID } GetInfo_host SITE_GROUP="${FOG_GROUP_NAME_AUTOMATE##*_}" echo "Target Site $SITE_GROUP" echo "Try to copy this folder if existing : /images/Sites/$SITE_GROUP" # Vérification de la présence du disque système echo "Verifying we've found the OS disk" if [[ ! -d /ntfs/windows && ! -d /ntfs/Windows && ! -d /ntfs/WINDOWS ]]; then echo "! OS root Not found !" # Assurez-vous que 'debugPause' est défini, sinon utilisez une alternative appropriée # debugPause exit 1 fi echo "Found" # Préparer le chemin des dossiers clientfolderpath="/ntfs/FOG/Sites/$SITE_GROUP" remotefolderpath="/images/Sites/$SITE_GROUP" # Créer le répertoire /tmp/sites s'il n'existe pas déjà if [[ ! -d /tmp/sites ]]; then mkdir -p /tmp/sites fi # Créer le sous-répertoire avec le nom contenu dans $SITE_GROUP if [[ -n "$SITE_GROUP" ]]; then mkdir -p "/tmp/sites/$SITE_GROUP" echo "Le répertoire /tmp/sites/$SITE_GROUP a été créé." else echo "Erreur : \$SITE_GROUP est vide. Impossible de créer le répertoire." exit 1 fi # Créer le répertoire clientfolderpath s'il n'existe pas déjà if [[ ! -d "$clientfolderpath" ]]; then mkdir -p "$clientfolderpath" echo "Répertoire client créé : $clientfolderpath" fi # Copier le dossier avec rsync echo -n "In Progress" rsync -aqz "$remotefolderpath/" "$clientfolderpath/" >/dev/null 2>&1 if [[ $? -eq 0 ]]; then echo "Dossier copié avec succès." else echo "Erreur : Échec de la copie du dossier." exit 1 fi debugPause

@HorizonG
Solution :
I deleted all my groups and renamed them.
I think there’s still a bug in the DATABASE

I’ve found myself in this situation where many of my hosts are stuck in this 0.11.16 version and I was assuming they would eventually update themselves, but now I see they won’t.
I’m assuming there is no way to force update them, right?
I am managing a whole building with hundreds of computers, so it would be helpful to have a way of knowing which of my hosts have this old client and need manual updating, and which ones are already updated.
Is there any log or exported info where fog server could show which client version its hosts are using to sync with the server? something like how the fog client shows the fog server version that it is connecting to, but the other way around.

Hello again,

After some tests its appears that le pc join the domain if somebody was logged before ( and the dot red became a green windows logo). Is there a solution to do the same thing without a first loging ?