Smart Installer caching credentials causing AD lockouts - maybe?


  • Is it possible that when installing the FOG service using the SmartInstaller, something in the process cached my active directory credentials and is attempting authentication? I ask because a user has this laptop at home, and when she connects to our VPN, my AD account gets locked. Looking at the AD server logs I see that the lockouts are happening because of failed logins from this particular laptop.

    It’s especially weird because I wouldn’t have been able to actually run the installer as a non-admin, but my non-admin account is the only one being affected.

    Sorry for pointing the finger at FOG but it’s the only non-commercial software installed on this particular laptop that I installed under my non-admin account. I’m going to look at it tomorrow and perhaps disable the FOG service in an attempt to prevent the password locks.

  • Senior Developer

    @altitudehack said in Smart Installer caching credentials causing AD lockouts - maybe?:

    It’s especially weird because I wouldn’t have been able to actually run the installer as a non-admin …
    Sorry for pointing the finger at FOG but it’s the only non-commercial software installed on this particular laptop that I installed under my non-admin account.

    Those two sentences don’t make sense to me. One is saying fog-client was installed using the non-admin account and the other says no.

    The fog-client installs a service that should run as local system account and not using AD-accounts at all. Though the fog-client is trying to join the domain on every cycle it runs. If your non-admin account is used as AD-credentials (FOG web UI -> host settings -> Active Directory) and the password was changed at some point I can imagine this to happen as described. But the AD-account would have to have rights to join a computer to the domain - don’t think a non-admin account can do this.

339
Online

8.1k
Users

15.0k
Topics

141.4k
Posts