One FOG server for multiple teams

  • Hello,

    Within our University we would like to use a single FOG server with different storage nodes for different IT teams.
    Is it possible with a “classic” authentication or an “LDAP” to have a reduced visibility:

    • Some “computers”
    • Some “Images”

    To avoid, for example, accidental deletions of images.

    Does any of you use FOG in this configuration?

    Thanking you in advance.


  • @Nicolas-Bricet said in One FOG server for multiple teams:

    To avoid, for example, accidental deletions of images.

    The latest version of Fog records who deletes what images in the history table, in the DB. I had this come up once and asked the senior devs to record who, and they implemented it.

    Also in the latest version, there is a checkbox called “Protected” for each image - when this is enabled, fog won’t let the image be overwritten or deleted via the GUI.

    Both of those functionalities are only available in 1.3+

    You could provide an account to people for the duration of imaging only, then delete their account. You could provide accounts only to your top tier folks, and give everyone else mobile access - so they have to be at the physical boxes in order to image them. Or you could just trust folks, they can do it - you just have to teach them how to do things safely, how stuff works. Let the knowledge flow instead of having a monopoly on it.

    I would not recommend a multi-master setup.

    I come from a school district at my last job, from a department of about 30 people with the same title, “equals” on paper. We had a 14ish server FOG setup - one master and the rest all storage nodes at all the various schools in the district. Everyone had a fog account. In all training I gave about FOG, I always stressed the responsibility that everyone had to have to use fog - and to be extra careful. Out of 2 years usage and that many people in one big system, there were no significant issues. Just pound it into their heads that they must be responsible - and to ask if they don’t know. Extend an olive branch and show them how things work.

  • Moderator

    There is not a concept of limited administrator. You are either an administrator, deployment tech, or no access.

    There are other ways (not quite as seamless) to do what you want. Setting up a multi-Fog setup (which is not currently official supported).