HostnameChanger question



  • I’ve just tried deploying a Windows 7 image to two computers and it doesn’t seem to want to join the domain. I’m getting the following error. I’ve deployed other Windows 7 images and they joined the domain properly. I’m guessing I’ve done something wrong with the image but I’m not sure what the error code means.

    ------------------------------------------------------------------------------
    --------------------------------HostnameChanger-------------------------------
    ------------------------------------------------------------------------------
     06/09/2019 7:17 PM Client-Info Client Version: 0.11.16
     06/09/2019 7:17 PM Client-Info Client OS:      Windows
     06/09/2019 7:17 PM Client-Info Server Version: 1.5.6
     06/09/2019 7:17 PM Middleware::Response Success
     06/09/2019 7:17 PM HostnameChanger Checking Hostname
     06/09/2019 7:17 PM HostnameChanger Hostname is correct
     06/09/2019 7:17 PM HostnameChanger Attempting to join domain
     06/09/2019 7:17 PM HostnameChanger Unknown Return Code:  1219
    ------------------------------------------------------------------------------
    
    

    Thanks


  • Developer

    The PCAP revealed that there were some left overs from an old software that would open an application on a public network share on boot up of that system. Removing that stuff fixed the issue and fog-client domain join works perfectly fine now again.


  • Developer

    @chunter2 Ok, then let’s go ahead. Install tcpdump on your Samba server and get the bad unjoined imaged host ready. Don’t start it yet. Now run this command on your server and let it sit there: tcpdump -i eth0 -w /tmp/netdump.pcap host x.x.x.x

    Put in the correct host IP and your server network Interface if it’s not eth0.

    Boot the host and wait for 10 minutes. Then stop tcpdump by pressing Ctrl+c. Copy the generated file over to another system, upload and post a Link here.



  • @Sebastian-Roth All the net use and net session commands return “There are no entries in the list”. So there’s nothing to delete. I’m connected using RDP on all these machines (good and bad images) so I can’t stop the lanmanworkstation service. If I run net use or net session on a good image I get the same message. I think network packets and debug logging on the samba server makes sense to try next. I’ll have to look into that.


  • Developer

    @chunter2 And if that doesn’t help we can still go ahead and capture network packets on your Samba server or enable debug logging to see if the client opens another SMB connection.


  • Developer

    @chunter2 said in HostnameChanger question:

    On a good image or bad image whether I’m joined to the domain or not IsJoindToDomain() always throws on the using (var domain = Domain.GetComputerDomain()) line. Not sure what the purpose of that is but I’m running an NT4 domain, not an AD domain so it could be for that. Because this function fails the client is always calling NetJoinDomain() on every loop.

    As mentioned before this is known and documented in more details in a github issue.

    On a good image that’s disconnected from the domain the first call to DomainWrapper() always fails. I think it’s because my ADOU is always empty. Again something with an NT4 domain? The return value is 50 so then DomainWrapper() is called again with false set. And then it connects.

    On a bad image that’s disconnected from the domain the first call to DomainWrapper() fails with a 1219 and then doesn’t try again. I tried adding 1219 to the switch to call again with false set but it fails with a 1219 as well. Not sure what to try next.

    Ok so the bad image/client seems to persistently return with the 1219 error. But on the other hand you seem to be able to manually join the domain.

    Let’s see if we can manually get this right with the fog-client. Start the problem host, open two command shells, one as normal user and one as Administrator:

    Admin cmd:

    net stop FOGService
    

    User cmd:

    net session
    net use
    net use * /d /y
    

    Admin cmd:

    net session
    net use
    net use * /d /y
    net stop lanmanworkstation
    net start lanmanworkstation
    net start netlogon
    net start sessionenv
    net start FOGService 
    

    Take a picture of what you get from the commands net session and net use in both cmd shells. Now watch the fog-client log and see if it still returns error 1219.



  • @Sebastian-Roth Thanks for that info. Took me a while to realize where the button was. Not like it’s not big enough. :)

    Here’s what I’ve found so far. On a good image or bad image whether I’m joined to the domain or not IsJoindToDomain() always throws on the using (var domain = Domain.GetComputerDomain()) line. Not sure what the purpose of that is but I’m running an NT4 domain, not an AD domain so it could be for that. Because this function fails the client is always calling NetJoinDomain() on every loop.

    On a good image that’s disconnected from the domain the first call to DomainWrapper() always fails. I think it’s because my ADOU is always empty. Again something with an NT4 domain? The return value is 50 so then DomainWrapper() is called again with false set. And then it connects.

    On a bad image that’s disconnected from the domain the first call to DomainWrapper() fails with a 1219 and then doesn’t try again. I tried adding 1219 to the switch to call again with false set but it fails with a 1219 as well. Not sure what to try next.

    Thanks


  • Developer

    @chunter2 Yes, you need to click the “Reset Encryption Data” button in this host’s settings on the web UI!



  • @Sebastian-Roth I decided to remove the client and re-install it on this machine and now I get a different error in the fog log. It keeps looping on this.

    ------------------------------------------------------------------------------
    --------------------------------Authentication--------------------------------
    ------------------------------------------------------------------------------
     13/09/2019 3:06 PM Client-Info Version: 0.11.16
     13/09/2019 3:06 PM Client-Info OS:      Windows
     13/09/2019 3:06 PM Middleware::Authentication Waiting for authentication timeout to pass
     13/09/2019 3:08 PM Middleware::Communication Download: http://xxx.xxx.xxx.xxx/fog/management/other/ssl/srvpublic.crt
     13/09/2019 3:08 PM Data::RSA FOG Server CA cert found
     13/09/2019 3:08 PM Middleware::Authentication Cert OK
     13/09/2019 3:08 PM Middleware::Authentication No token found at C:\Program Files (x86)\FOG\token.dat, this is expected if the client has not authenticated before
     13/09/2019 3:08 PM Middleware::Authentication ERROR: Could not get security token
     13/09/2019 3:08 PM Middleware::Authentication ERROR: Could not find file 'C:\Program Files (x86)\FOG\token.dat'.
     13/09/2019 3:08 PM Middleware::Communication POST URL: http://xxx.xxx.xxx.xxx/fog/management/index.php?sub=requestClientInfo&authorize&newService
     13/09/2019 3:08 PM Middleware::Response Invalid security token
    
    

    I’m wondering if maybe this is the real problem. Do you know what this means?

    Thanks



  • @Sebastian-Roth I was actually able to compile that dll myself. Looks like it’s throwing on the GetComputerDomain() line in both cases. Trying to join the domain and after I manually join the domain. So I don’t think that’s the problem. It’s failing on the NetJoinDomain() function. I think I need to print out the variables to see if they’re the same for a good image and a bad one.


  • Developer

    @chunter2 Will do so in a few hours.



  • @Sebastian-Roth Would it be possible to get a dll with logging showing which of the following is failing? And maybe the return value of the ones that aren’t?

                    using (var domain = Domain.GetComputerDomain())
                    {
                        var currentIP = Dns.GetHostAddresses(domain.Name);
                        var targetIP = Dns.GetHostAddresses(idealDomain);
    
                        return (currentIP.Intersect(targetIP).Any());
                    }
    

  • Developer

    @chunter2 Take a look at the code: https://github.com/FOGProject/fog-client/blob/master/Modules/HostnameChanger/Windows/WindowsHostName.cs#L203

    You see the try and catch block in function IsJoinedToDomain. In the current code there is no error handling in the catch block and this is why you don’t see the reason but only the 1219 error when using the official 0.11.16 Modules.dll. Now the Modules.dll I build for you has error logging added.

    So the “domain cannot be contacted” error comes from Domain.GetComputerDomain() or Dns.GetHostAddresses(..).

    When you look a little further down the code you get to the part where it tries to join the domain and where the 1219 error occurs. Function used here is NetJoinDomain.

    Hope you can find something!



  • @Sebastian-Roth Do you know what function produces that log message? Just wondering if I can do some googling on the error message.


  • Developer

    @chunter2 said:

    ...
    12/09/2019 4:14 PM HostnameChanger Unable to resolve domain DNS name: The local computer is not joined to a domain or the domain cannot be contacted
    ...
    

    Ok, this really seems to be a similar issue to what we discussed in https://github.com/FOGProject/fog-client/issues/110 - somehow I got confused because all the others seem to be able to properly join the domain but just complain about the client trying to re-join ever loop cycle.

    It’s very interesting you get the 1219 error code although it seems to be more a problem with resolving the domain at all. As well I find it awkward that you can join the domain manually. Sounds a bit like our fog-client just is not able to cope with those different Samba setups.

    I am not sure were we are headed with this. I won’t find the time to setup a Samba domain and try to replicate the issue any time soon. But on the other hand I am not sure what to suggest to you to fix or get around this problem - hmmmmm.



  • @Sebastian-Roth I tried re-installing last night but ran out of time. I had an old version of Windows 7 that needed a bunch of updates before the fog client would install and run. I’ll have to try again another time.

    I did try your debug Module.dll from the other thread and got the following in the log.

    ------------------------------------------------------------------------------
    --------------------------------HostnameChanger-------------------------------
    ------------------------------------------------------------------------------
     12/09/2019 4:14 PM Client-Info Client Version: 0.11.16
     12/09/2019 4:14 PM Client-Info Client OS:      Windows
     12/09/2019 4:14 PM Client-Info Server Version: 1.5.6
     12/09/2019 4:14 PM Middleware::Response Success
     12/09/2019 4:14 PM HostnameChanger Checking Hostname
     12/09/2019 4:14 PM HostnameChanger Hostname is correct
     12/09/2019 4:14 PM HostnameChanger RenameComputer returned properly, trying register/join next.
     12/09/2019 4:14 PM HostnameChanger Checking AD params before join.
     12/09/2019 4:14 PM HostnameChanger Attempting to join domain
     12/09/2019 4:14 PM HostnameChanger Unable to resolve domain DNS name: The local computer is not joined to a domain or the domain cannot be contacted.
     12/09/2019 4:14 PM HostnameChanger Unknown Return Code:  1219
    ------------------------------------------------------------------------------
    

    Does that extra log message help at all? When I ran out if time I just re-imaged back to the image that has the join problem.

    Thanks


  • Developer

    @chunter2 said in HostnameChanger question:

    I’m almost at the point of just re-installing Windows 7 from scratch to see if that cleans it up.

    Although it might cost some time I would certainly try it. Just install a fresh Windows 7 from scratch and try fog-client domain join as very first thing. This way you don’t spend too much time in case this is a dead end.



  • @Sebastian-Roth I just tried disconnecting from the domain on a computer with a different image and the fog client reconnected correctly. Here’s the log.

    ------------------------------------------------------------------------------
    --------------------------------HostnameChanger-------------------------------
    ------------------------------------------------------------------------------
     10/09/2019 4:46 AM Client-Info Client Version: 0.11.16
     10/09/2019 4:46 AM Client-Info Client OS:      Windows
     10/09/2019 4:46 AM Client-Info Server Version: 1.5.6
     10/09/2019 4:46 AM Middleware::Response Success
     10/09/2019 4:46 AM HostnameChanger Checking Hostname
     10/09/2019 4:46 AM HostnameChanger Hostname is correct
     10/09/2019 4:46 AM HostnameChanger Attempting to join domain
     10/09/2019 4:46 AM HostnameChanger Success, code =  0
     10/09/2019 4:46 AM Power Creating shutdown command in 60 seconds
     10/09/2019 4:46 AM Bus Emmiting message on channel: Power
    ------------------------------------------------------------------------------
    

    And then this.

    ------------------------------------------------------------------------------
    --------------------------------HostnameChanger-------------------------------
    ------------------------------------------------------------------------------
     10/09/2019 4:50 AM Client-Info Client Version: 0.11.16
     10/09/2019 4:50 AM Client-Info Client OS:      Windows
     10/09/2019 4:50 AM Client-Info Server Version: 1.5.6
     10/09/2019 4:50 AM Middleware::Response Success
     10/09/2019 4:50 AM HostnameChanger Checking Hostname
     10/09/2019 4:50 AM HostnameChanger Hostname is correct
     10/09/2019 4:50 AM HostnameChanger Attempting to join domain
     10/09/2019 4:51 AM HostnameChanger The machine is already joined to the domain, code =  2691
    ------------------------------------------------------------------------------
    

    I really think it’s just something specific with this image but I can’t seem to figure out what’s different. It doesn’t make sense that I can join the domain manually either. I’m almost at the point of just re-installing Windows 7 from scratch to see if that cleans it up.


  • Developer

    @chunter2 said in HostnameChanger question:

    The machine is already joined to the domain, code = 2691

    This is known in Samba NT 4 domains. See details here: https://github.com/FOGProject/fog-client/issues/110

    The net session command says There are no entries in the list.

    I really wonder if I am on the wrong track here or if it has some kind of hidden IPC connection open that is causing this. But why are you able to manually join the domain then? Maybe I was wrong and it actually is an issue that has to do with the methods we use to join and your Samba NT 4 domain. But why does it work for others - see issue on github in the link above. Those users are able to join.



  • @Sebastian-Roth I just tried your suggestion. The net session command says There are no entries in the list. Starting the FOG service again produces the same error message as my first post. Strange how there’s no sessions. I figured there’s be something. If I manually join the domain and reboot I then get the following in the fog log.

     09/09/2019 7:36 PM HostnameChanger Checking Hostname
     09/09/2019 7:36 PM HostnameChanger Hostname is correct
     09/09/2019 7:36 PM HostnameChanger Attempting to join domain
     09/09/2019 7:36 PM HostnameChanger The machine is already joined to the domain, code =  2691
    

Log in to reply
 

374
Online

6.2k
Users

13.5k
Topics

127.5k
Posts