AD join works with legacy client fails with new client


  • Testers

    Running Version 1.4.4
    SVN Revision: 6077 (checkout says 6078 but management page still says 6077)
    Ubuntu Server 14.04.3 all updates current
    Client
    Windows 10 running FOG client
    [Log Follows]

    11/28/2017 1:40 PM Main Overriding exception handling
     11/28/2017 1:40 PM Main Bootstrapping Zazzles
     11/28/2017 1:40 PM Controller Initialize
     11/28/2017 1:40 PM Controller Start
    
     11/28/2017 1:40 PM Service Starting service
     11/28/2017 1:40 PM Bus Became bus server
     11/28/2017 1:40 PM Bus Emmiting message on channel: Status
     11/28/2017 1:40 PM Service Invoking early JIT compilation on needed binaries
    
    ------------------------------------------------------------------------------
    --------------------------------Authentication--------------------------------
    ------------------------------------------------------------------------------
     11/28/2017 1:40 PM Client-Info Version: 0.11.12
     11/28/2017 1:40 PM Client-Info OS:      Windows
     11/28/2017 1:40 PM Middleware::Authentication Waiting for authentication timeout to pass
     11/28/2017 1:40 PM Middleware::Communication Download: http://10.200.10.150/fog/management/other/ssl/srvpublic.crt
     11/28/2017 1:40 PM Data::RSA FOG Server CA cert found
     11/28/2017 1:40 PM Middleware::Authentication Cert OK
     11/28/2017 1:40 PM Middleware::Communication POST URL: http://10.200.10.150/fog/management/index.php?sub=requestClientInfo&authorize&newService
     11/28/2017 1:40 PM Middleware::Response Success
     11/28/2017 1:40 PM Middleware::Authentication Authenticated
    
    
     11/28/2017 1:40 PM Middleware::Communication URL: http://10.200.10.150/fog/management/index.php?sub=requestClientInfo&configure&newService&json
     11/28/2017 1:40 PM Middleware::Response Success
     11/28/2017 1:40 PM Middleware::Communication URL: http://10.200.10.150/fog/management/index.php?sub=requestClientInfo&mac=D8:9E:F3:10:F0:96&newService&json
     11/28/2017 1:40 PM Middleware::Response Success
     11/28/2017 1:40 PM Middleware::Communication URL: http://10.200.10.150/fog/service/getversion.php?clientver&newService&json
     11/28/2017 1:40 PM Middleware::Communication URL: http://10.200.10.150/fog/service/getversion.php?newService&json
    
     11/28/2017 1:40 PM Service Creating user agent cache
     11/28/2017 1:40 PM Middleware::Response Invalid time
     11/28/2017 1:40 PM Middleware::Response No Printers
     11/28/2017 1:40 PM Middleware::Response Module is disabled globally on the FOG server
     11/28/2017 1:40 PM Service Initializing modules
    
    ------------------------------------------------------------------------------
    ---------------------------------ClientUpdater--------------------------------
    ------------------------------------------------------------------------------
     11/28/2017 1:40 PM Client-Info Client Version: 0.11.12
     11/28/2017 1:40 PM Client-Info Client OS:      Windows
     11/28/2017 1:40 PM Client-Info Server Version: 1.4.4
     11/28/2017 1:40 PM Middleware::Response Success
    ------------------------------------------------------------------------------
    
    
    ------------------------------------------------------------------------------
    ----------------------------------TaskReboot----------------------------------
    ------------------------------------------------------------------------------
     11/28/2017 1:40 PM Client-Info Client Version: 0.11.12
     11/28/2017 1:40 PM Client-Info Client OS:      Windows
     11/28/2017 1:40 PM Client-Info Server Version: 1.4.4
     11/28/2017 1:40 PM Middleware::Response Success
    ------------------------------------------------------------------------------
    
    
    ------------------------------------------------------------------------------
    --------------------------------HostnameChanger-------------------------------
    ------------------------------------------------------------------------------
     11/28/2017 1:40 PM Client-Info Client Version: 0.11.12
     11/28/2017 1:40 PM Client-Info Client OS:      Windows
     11/28/2017 1:40 PM Client-Info Server Version: 1.4.4
     11/28/2017 1:40 PM Middleware::Response Success
     11/28/2017 1:40 PM HostnameChanger Checking Hostname
     11/28/2017 1:40 PM HostnameChanger Hostname is correct
     11/28/2017 1:40 PM HostnameChanger Attempting to join domain
     11/28/2017 1:40 PM HostnameChanger Logon failure: unknown username or bad password, code =  1326
    ------------------------------------------------------------------------------
    

    Note older windows 7 machines running the legacy client do not show this error.


  • Senior Developer

    @Joseph-Hales the new client always shipped with plain text passwords as the security model is fundamentally different.


  • Testers

    @Joe-Schmitt @Sebastian-Roth ok entered the ad password again for the new client cleared and re checked it for the problematic host and it is now working. When the new client first came out was the entry always plain text or did that get added in a later SVN maybe i had it encrypted from before?


  • Senior Developer

    @Sebastian-Roth @Joseph-Hales theinvalid time comes from creating the user-cache, specifically the auto log out time.

    The client logs show the error:

    11/28/2017 1:40 PM HostnameChanger Logon failure: unknown username or bad password, code = 1326
    

    So the credentials are not set correctly on the server. A couple ideas:

    • Is the AD password field for the new client filled in (the legacy client uses a different field)
    • Are you placing the FOGCrypt version of the password in field? The new client does NOT use FOGCrypt, and the password should be entered plain-text.

    If you are sure both are correct, I can provide instructions how to use the client’s debugger to find the exact issue.


  • Testers

    @Sebastian-Roth Both client, fog server, and domain controller time settings match including time zone. My server password isn’t unusually exotic it is just Uppercase and lower case letters and numbers no special characters.


  • Developer

    @joseph-hales said in AD join works with legacy client fails with new client:

    Middleware::Response Invalid time

    This is the other thing I noticed. Though I don’t know all the client code this kind of sounds like there could be a time mismatch between Windows server (AD) and client?!


  • Developer

    @joseph-hales said in AD join works with legacy client fails with new client:

    Logon failure: unknown username or bad password, code = 1326

    Well the message seems pretty clear. I know you are saying that it works with the legacy client but possibly there is some kind of special character in your password that was not escaped in the legacy client but is now in the new fog-client?! Just an idea.


Log in to reply
 

453
Online

39.4k
Users

11.1k
Topics

105.4k
Posts

Looks like your connection to FOG Project was lost, please wait while we try to reconnect.