Active Directory Join fails



  • Hei there.
    Trying to setup Windows 10 with FOG.

    As far as I can see, all the settings in the FOG Management are correct, the relevant computers have Hostnamechanger and Active Directory settings set and active.

    When installing windows 10, everything works fine, I make the FOG Service stop and disable it before I sysprep the computer and reactivate it via setupcomplete file.

    I can login to the computer using the administrator account that I activated via setupcomplete as well. However long I wait then, nothing happens. The FOG client sits in the tray, but nothing seems to happen. Reboot doesnt help.

    Log file shows:

    ------------------------------------------------------------------------------
    ----------------------------------UserTracker---------------------------------
    ------------------------------------------------------------------------------
     26.07.2017 11:37 Client-Info Client Version: 0.11.12
     26.07.2017 11:37 Client-Info Client OS:      Windows
     26.07.2017 11:37 Client-Info Server Version: 1.4.2
     26.07.2017 11:37 Middleware::Response ERROR: Unable to get subsection
     26.07.2017 11:37 Middleware::Response ERROR: Object reference not set to an instance of an object.
     26.07.2017 11:37 Service Sleeping for 71 seconds
     26.07.2017 11:38 Middleware::Communication URL: http://fog.lfdw.local/fog/management/index.php?sub=requestClientInfo&configure&newService&json
     26.07.2017 11:38 Middleware::Response Success
     26.07.2017 11:38 Middleware::Communication URL: http://fog.lfdw.local/fog/management/index.php?sub=requestClientInfo&mac=08:00:27:C9:AB:F1&newService&json
     26.07.2017 11:38 Middleware::Authentication Waiting for authentication timeout to pass
     26.07.2017 11:39 Middleware::Communication Download: http://fog.lfdw.local/fog/management/other/ssl/srvpublic.crt
     26.07.2017 11:39 Middleware::Authentication ERROR: Could not authenticate
     26.07.2017 11:39 Middleware::Authentication ERROR: Value cannot be null.
    Parameter name: authority
     26.07.2017 11:39 Middleware::Response Success
     26.07.2017 11:39 Middleware::Communication URL: http://fog.lfdw.local/fog/service/getversion.php?clientver&newService&json
     26.07.2017 11:39 Middleware::Communication URL: http://fog.lfdw.local/fog/service/getversion.php?newService&json
    
     26.07.2017 11:39 Service Creating user agent cache
     26.07.2017 11:39 Middleware::Response ERROR: Unable to get subsection
     26.07.2017 11:39 Middleware::Response ERROR: Object reference not set to an instance of an object.
     26.07.2017 11:39 Middleware::Response ERROR: Unable to get subsection
     26.07.2017 11:39 Middleware::Response ERROR: Object reference not set to an instance of an object.
     26.07.2017 11:39 Middleware::Response ERROR: Unable to get subsection
     26.07.2017 11:39 Middleware::Response ERROR: Object reference not set to an instance of an object.
    
    ------------------------------------------------------------------------------
    ---------------------------------ClientUpdater--------------------------------
    ------------------------------------------------------------------------------
     26.07.2017 11:39 Client-Info Client Version: 0.11.12
     26.07.2017 11:39 Client-Info Client OS:      Windows
     26.07.2017 11:39 Client-Info Server Version: 1.4.2
     26.07.2017 11:39 Middleware::Response Success
    ------------------------------------------------------------------------------
    
    
    ------------------------------------------------------------------------------
    ----------------------------------TaskReboot----------------------------------
    ------------------------------------------------------------------------------
     26.07.2017 11:39 Client-Info Client Version: 0.11.12
     26.07.2017 11:39 Client-Info Client OS:      Windows
     26.07.2017 11:39 Client-Info Server Version: 1.4.2
     26.07.2017 11:39 Middleware::Response ERROR: Unable to get subsection
     26.07.2017 11:39 Middleware::Response ERROR: Object reference not set to an instance of an object.
    
    ------------------------------------------------------------------------------
    --------------------------------HostnameChanger-------------------------------
    ------------------------------------------------------------------------------
     26.07.2017 11:39 Client-Info Client Version: 0.11.12
     26.07.2017 11:39 Client-Info Client OS:      Windows
     26.07.2017 11:39 Client-Info Server Version: 1.4.2
     26.07.2017 11:39 Middleware::Response ERROR: Unable to get subsection
     26.07.2017 11:39 Middleware::Response ERROR: Object reference not set to an instance of an object.
    
    ------------------------------------------------------------------------------
    ---------------------------------SnapinClient---------------------------------
    ------------------------------------------------------------------------------
     26.07.2017 11:39 Client-Info Client Version: 0.11.12
     26.07.2017 11:39 Client-Info Client OS:      Windows
     26.07.2017 11:39 Client-Info Server Version: 1.4.2
     26.07.2017 11:39 Middleware::Response ERROR: Unable to get subsection
     26.07.2017 11:39 Middleware::Response ERROR: Object reference not set to an instance of an object.
    
    ------------------------------------------------------------------------------
    --------------------------------PrinterManager--------------------------------
    ------------------------------------------------------------------------------
     26.07.2017 11:39 Client-Info Client Version: 0.11.12
     26.07.2017 11:39 Client-Info Client OS:      Windows
     26.07.2017 11:39 Client-Info Server Version: 1.4.2
     26.07.2017 11:39 Middleware::Response ERROR: Unable to get subsection
     26.07.2017 11:39 Middleware::Response ERROR: Object reference not set to an instance of an object.
    
    ------------------------------------------------------------------------------
    --------------------------------PowerManagement-------------------------------
    ------------------------------------------------------------------------------
     26.07.2017 11:39 Client-Info Client Version: 0.11.12
     26.07.2017 11:39 Client-Info Client OS:      Windows
     26.07.2017 11:39 Client-Info Server Version: 1.4.2
     26.07.2017 11:39 Middleware::Response ERROR: Unable to get subsection
     26.07.2017 11:39 Middleware::Response ERROR: Object reference not set to an instance of an object.
    
    ------------------------------------------------------------------------------
    ----------------------------------UserTracker---------------------------------
    ------------------------------------------------------------------------------
     26.07.2017 11:39 Client-Info Client Version: 0.11.12
     26.07.2017 11:39 Client-Info Client OS:      Windows
     26.07.2017 11:39 Client-Info Server Version: 1.4.2
     26.07.2017 11:39 Middleware::Response ERROR: Unable to get subsection
     26.07.2017 11:39 Middleware::Response ERROR: Object reference not set to an instance of an object.
     26.07.2017 11:39 Service Sleeping for 105 seconds
     26.07.2017 11:40 Controller Stop
     26.07.2017 11:40 Service Stop requested
     26.07.2017 11:40 Bus Emmiting message on channel: Status
    

    Any ideas or hints where to look at? Thanks for your help :)



  • Another thing that shows up in the log:

    Several of the modules (for example: TaskReboot or the HostnameChanger) list:

    Middleware::Response Module is disabled on the host

    Where would I even do that? On the server - as far as I can see from the web-gui - the modules are activated. I also deactivated and reactivated them to see if that would kickstart anything - no success.

    EDIT:
    Okay … I just saw that one of the two hosts I deployed the image to had the modules deactivated in the Service Settings. I have no idea why, it is enabled globally and the other machine does not have them deactivated.
    Now in the fog.log the Modules are shown with a response success on the one machine (the one that had the services disabled) but the “Unable to get subsection” message still appears on the other machine.

    EDIT2:
    The computer that had the services disabled just restarted - so in that case it seems everything works.

    EDIT3: After reading some more I tried resetting the Encryption Data and aw and behold - everything seems fine now. Thanks for reading along if you have :)

    Sorry if I’m being complicated - just trying to figure this out :-/



  • Thank you all for your help.

    I solved it by adding the certificates to the store via my setupcomplete after deploying the images.

    Also, I added the Certificates to my GPO and have them deployed that way as well.

    Now there is something new: Some clients just wont Autojoin, even though they have the certificates installed, the box ticked on the server and everything else activated as far as I can see that would be necessary herefore. The fog service is running and set to automatically start.

    When I check my fog.log I see:


    ----------------------------------UserTracker---------------------------------

    07.08.2017 12:37 Client-Info Client Version: 0.11.12
    07.08.2017 12:37 Client-Info Client OS: Windows
    07.08.2017 12:37 Client-Info Server Version: 1.5.0-RC-6
    07.08.2017 12:37 Middleware::Response ERROR: Unable to get subsection
    07.08.2017 12:37 Middleware::Response ERROR: Object reference not set to an instance of an object.
    07.08.2017 12:37 Service Sleeping for 145 seconds
    07.08.2017 12:40 Middleware::Communication URL: http://fog.lfdw.local/fog/management/index.php?sub=requestClientInfo&configure&newService&json
    07.08.2017 12:40 Middleware::Response Success
    07.08.2017 12:40 Middleware::Communication URL: http://fog.lfdw.local/fog/management/index.php?sub=requestClientInfo&mac=9C:B6:54:F7:B5:37|0A:00:27:00:00:0D||00:00:00:00:00:00:00:E0|00:00:00:00:00:00:00:E0&newService&json
    07.08.2017 12:40 Middleware::Authentication Waiting for authentication timeout to pass
    07.08.2017 12:40 Middleware::Communication Download: http://fog.lfdw.local/fog/management/other/ssl/srvpublic.crt
    07.08.2017 12:40 Data::RSA FOG Server CA cert found
    07.08.2017 12:40 Middleware::Authentication Cert OK
    07.08.2017 12:40 Middleware::Communication POST URL: http://fog.lfdw.local/fog/management/index.php?sub=requestClientInfo&authorize&newService
    07.08.2017 12:40 Middleware::Response Invalid security token
    07.08.2017 12:40 Middleware::Response Success
    07.08.2017 12:40 Middleware::Communication URL: http://fog.lfdw.local/fog/service/getversion.php?clientver&newService&json
    07.08.2017 12:40 Middleware::Communication URL: http://fog.lfdw.local/fog/service/getversion.php?newService&json

    07.08.2017 12:40 Service Creating user agent cache
    07.08.2017 12:40 Middleware::Response ERROR: Unable to get subsection
    07.08.2017 12:40 Middleware::Response ERROR: Object reference not set to an instance of an object.
    07.08.2017 12:40 Middleware::Response ERROR: Unable to get subsection
    07.08.2017 12:40 Middleware::Response ERROR: Object reference not set to an instance of an object.
    07.08.2017 12:40 Middleware::Response ERROR: Unable to get subsection
    07.08.2017 12:40 Middleware::Response ERROR: Object reference not set to an instance of an object.

    And then on the following entries the subsection ERROR appears as well.

    I do see something strange - switched to 1.5.0 RC6 a few days ago - in the host management. There is two pending Hosts:

    ![alt text](0_1502102829347_Host Management - Pending.png)

    When I tick their boxes and then approve them I get this:
    0_1502102876830_Response.png

    Maybe completely unrelated?


  • Developer

    @Taspharel said:

    26.07.2017 11:39 Middleware::Authentication ERROR: Could not authenticate
    26.07.2017 11:39 Middleware::Authentication ERROR: Value cannot be null.
    Parameter name: authority
    

    This error shows up when the FOG Server CA certificate is missing in the windows certificate store. When installing the fog-client the setup injects the server cert into the store and my guess is that sysprep is dumping those (registry entries).

    Open up the certificate snapin (see here on where to find it) for the “Computer account” and check if you still have the “FOG Server CA” entry in there. See below:

    0_1501206258690_mmc_cert.jpg

    I suspect this is missing after sysprep. I have not tested but you might be able to import the certs on the client by hand/snapin/GPO again. Find both in the fog-client installation directory - ca.cert = “FOG Server CA” and fog.ca = “FOG Project” - the later one being the root cert to validate the other one.



  • Are you stopping FOG as part of running Sysprep?

    I think you need to stop fog and disable it so the FOGService doesn’t start on the target computer and then enable and start fogservice up in the SetupComplete.cmd (or is it CompleteSetup.cmd?).

    I don’t think you’ll get a good result if the FOG service starts while sysprep is running (post imaging). You don’t need to reinstall FOGService (at least we don’t have to). Also, the issue may be the encryption data, if you’re imaging the machine on which you created the image.

    Jim



  • Okay, according to another thread I tried reinstalling the fog client - all went well.

    Any idea on why the pre-sysprep-installed fog client won’t do the domain join while after imaging and deinstalling, then reinstalling the client it does?

    Is there a way to avoid having to install the fog client manually on every computer after imaging?

    Or can I set up setupcomplete.cmd to install the fog client silently using the documented switches?


Log in to reply
 

379
Online

39.3k
Users

11.0k
Topics

104.4k
Posts

Looks like your connection to FOG Project was lost, please wait while we try to reconnect.