Another Domain Join Issue
-
Great Questions! Sorry about that.
Server is 1.5.5
Client is 0.11.16
Thanks,
-
@Jay-Bosworth
Please log into fog and go to hosts --> pick your host --> go to the Active directory tab
please confirm there is a check next to “Join Domain after deploy” on the host that is in question -
@David-Osinski Yes, that check is there.
-
@Jay-Bosworth Please check the log on the client in
C:\fog.log
orC:\Program Files (x86)\FOG\fog.log
and post that here. -
@Sebastian-Roth I just imaged another machine this morning. Here is the log.fog.log
-
@Jay-Bosworth Interesting what we see in the logs here.
- It starts off with
Middleware::Response Invalid host
which is usually due to different encryption keys and was possibly fixed by resetting the encryption data for this host in the web UI (or possibly just a hickup that solved itself). - Second it finds that you have fog-client version 0.11.12 installed and does an update to the current 0.11.16 version. You can easily prevent that from happening by installing the latest fog-client version to your reference image!
- When it finally gets to the point where it should rename and join to the domain it says:
------------------------------------------------------------------------------ --------------------------------HostnameChanger------------------------------- ------------------------------------------------------------------------------ 9/6/2019 11:48 AM Client-Info Client Version: 0.11.16 9/6/2019 11:48 AM Client-Info Client OS: Windows 9/6/2019 11:48 AM Client-Info Server Version: 1.5.5 9/6/2019 11:48 AM Middleware::Response Success 9/6/2019 11:48 AM HostnameChanger Checking Hostname 9/6/2019 11:48 AM HostnameChanger Hostname is correct ------------------------------------------------------------------------------
There should be more messages unless you don’t have the AD settings correct. Please post a full picture of the host’s Active Directory settings as you have them in the web UI!!
- It starts off with
-
@Sebastian-Roth Thanks for the reply. Here is the screenshot:
As I said, nothing has been physically changed on the server from this work vs. not working. The only key thing that has been changed is I am using Windows 10 1903 instead of 17xx in my audit image.
-
@Jay-Bosworth said in Another Domain Join Issue:
The only key thing that has been changed is I am using Windows 10 1903 instead of 17xx in my audit image.
While I don’t have a 1903 machine in my test environment yet I don’t think this is actually causing the problem. We’d have way more issue reports on this if there’d really be a problem with 1903 in general I suppose.
Thanks for the picture. My guess was you had the option Join Domain after deploy unchecked but it’s not.
I really wonder why HostnameChanger module does not seem to try to join at all. I might compile a new Modules.dll for you later on so we know what exactly it does. Will get back to you in about two hours.
-
@Sebastian-Roth Okay, thank you. I will adjust my audit image and add the new client. Maybe it not having to update that will fix things.
-
@Jay-Bosworth Before you deploy your next machine may I ask you to use this debug enabled Modules.dll so we get more helpful output in the log file: https://github.com/FOGProject/fog-client/releases/download/0.11.16/Modules_debug_HostnameChanger.dll
Stop
FOGService
(Windows services.msc), then go toC:\Program Files (x86)\FOG\
and renameModules.dll
. Now download the one from above and put in place of the original one. Now capture your master image from that machine and deploy to another host. Please grabfog.log
after deployment and post the full contents here. -
@Sebastian-Roth Oh crap, I already captured my image already. I am running out of time today, so I might not be able try and create a whole new image again until tomorrow.
-
@Jay-Bosworth There is an easy way around this. Don’t start the host immediately after you deployed the image to it. Copy the downloaded Modules.dll to a USB drive. Then schedule another debug deploy task for this same host, PXE boot it and when you get to the shell run the following commands (assuming your hard disk drive is
/dev/sda
and your USB drive is/dev/sdb
mkdir -p /mnt/usb mkdir -p /mnt/win mount /dev/sdb1 /mnt/usb mount /dev/sdaX /mnt/win cd /mnt/win/Program\ Files\ \(x86\)/FOG/ mv Modules.dll Modules_orig.dll cp /mnt/usb/Modules.dll . cd umount /mnt/win umount /mnt/usb
Something along these lines. This is untested and I can’t promise you it’s working exactly like this as I don’t know your partition layout or drive specs.
-
@Sebastian-Roth @Jay-Bosworth Understand I’ve only read the last 2 posts, so I’m not sure where the thread is headed.
BUT I can offer a comment. During Windows golden image development I’ve used a modified post download script (similar to the one for sending the drivers to the target computer) to patch the unattend.xml and replace dlls in a previously captured image. I only did this during golden image development or until the next time I built a golden image.
The principles of this is outlined in this article: https://forums.fogproject.org/topic/11126/using-fog-postinstall-scripts-for-windows-driver-injection-2017-ed
The fog.copydrivers script could be modified to just copy over the one needed file from the fog server. In this section. Where
clientdriverpath
is the destination path andremotedriverpath
is the path of the files to copy.dots "Preparing Drivers" clientdriverpath="/ntfs/Drivers" remotedriverpath="/images/drivers/$machine/$osn/$arch" debugPause if [[ ! -d "${remotedriverpath}" ]]; then echo "failed"; echo " ! Driver package not found for ${machine}/$osn/$arch ! "; debugPause; return; fi echo "Ready"; debugPause [[ ! -d $clientdriverpath ]] && mkdir -p "$clientdriverpath" >/dev/null 2>&1 echo -n "In Progress" rsync -aqz "$remotedriverpath" "$clientdriverpath" >/dev/null 2>&1 [[ ! $? -eq 0 ]] && handleError "Failed to download driver information for [$machine/$osn/$arch]" debugPause
-
I apologize, I had to put this on the back burner for a couple of days. It is the beginning of the school year and things are nuts. I am starting to wonder if it does have something to do with my Sysprep process and changes between 17xx and 19xx that the file doesn’t like. When I pushed my audit image to remove the older FOG client and install the newer one, I forgot to uncheck the box in FOG that says “Name Change/AD Join Forced Reboot”. As soon as I installed the new FOG client on the audit image, it joined itself to the domain. I wiped it back to my original audit image and followed the same process but I first unchecked that box. I uploaded my audit image and then rechecked that box before uploading my sysprepped image. Upon deploy the sysprep image will still not automatically join to my domain.
-
@Jay-Bosworth said in Another Domain Join Issue:
Upon deploy the sysprep image will still not automatically join to my domain.
Did you use the Modules.dll I provided? Please check the
fog.log
file on the client an post here. -
@Sebastian-Roth No, this was just something I noticed before you posted that request. Sorry, like I said, things have been nuts and I am a couple of days behind to work on this.
-
@Sebastian-Roth I apologize for the log delay in this. Here is the file after I used the other Modules.dll file.fog.log
-
@Jay-Bosworth Sorry but there is no valuable information in that log. every loop cycle on hostname changer is either “Users still logged in and enforce is disabled, delaying any further actions” or “A power operation is pending, aborting module” (offical scheduled reboot via fog-client). We can’t help you if we don’t see what’s exactly going on when it tries to join.
-
@Sebastian-Roth So that’s it? I am just SOL? I can’t really change what it is doing automatically. I did exactly what you asked me to.
-
@Jay-Bosworth Its possible that changes in release 1903 have caused difficulties with the fog client. I’ve noticed a lot of posts regarding the fog client and 1903 lately. There has to be something going on that we don’t understand just jet.
While I can’t really help with the fog level connect to domain, I can say that I don’t use the fog client for naming the host or connecting it to AD, I let the unattend.xml file do that. I don’t have a problem using this method.