RE: FOG Client error: Middleware::Authentication ERROR: Could not get security token

@Sebastian-Roth, not a problem at all. I manually added the affected client.
Thank you for your genuine efforts and good luck sleuthing it out!

@Sebastian-Roth
My version: Your version of FOG is up to date.
You're running the latest dev-branch version: 1.5.8.28

@Sebastian-Roth Thanks for confirming the function of the pending MAC filter. Are the MAC addresses in the comma-separated list case-sensitive by chance?

The computer was listed under Pending when I checked this morning with the primary MAC with the correct value but it also had an Additional MACs entry labeled Not found which matches the filter (I added the checkmarks):

Maybe I need to enter it again as 54:ea:3f?

Hi Sebastian, thanks for the rapid and accurate response! I did find a duplicate of the MAC address which is because the clients all use a VPN.

I added the first three parts of the MAC address (0A:00:27) into FOG Configuration -> FOG Settings -> FOG Client - Host Register -> QUICKREG PENDING MAC FILTER:

Isn’t that supposed to make it ignore the duplicate?

In the meantime, I will try ignoring it via the duplicate host’s Additional MACs screen:

Please let me know if there’s a better or different approach I can take.

Updated the server and reinstalled the client on this host and I cannot seem to get the client to connect and auto-register. Maybe I could push it manually from a pxe boot but believe I had the process automated before. It is not listed under Pending Hosts either.

---

FOG.log on the client

------------------------------------------------------------------------------
--------------------------------Authentication--------------------------------
------------------------------------------------------------------------------
 4/16/2020 3:11:10 PM Client-Info Version: 0.11.19
 4/16/2020 3:11:10 PM Client-Info OS:      Windows
 4/16/2020 3:11:10 PM Middleware::Authentication Waiting for authentication timeout to pass
 4/16/2020 3:11:10 PM Middleware::Communication Download: http://fogserver/fog/management/other/ssl/srvpublic.crt
 4/16/2020 3:11:10 PM Data::RSA FOG Server CA cert found
 4/16/2020 3:11:10 PM Middleware::Authentication Cert OK
 4/16/2020 3:11:10 PM Middleware::Authentication No token found at C:\Program Files (x86)\FOG\token.dat, this is expected if the client has not authenticated before
 4/16/2020 3:11:10 PM Middleware::Authentication ERROR: Could not get security token
 4/16/2020 3:11:10 PM Middleware::Authentication ERROR: Could not find file 'C:\Program Files (x86)\FOG\token.dat'.
 4/16/2020 3:11:10 PM Middleware::Communication POST URL: http://fogserver/fog/management/index.php?sub=requestClientInfo&authorize&newService
 4/16/2020 3:11:10 PM Middleware::Response Invalid security token

------------------------------------------------------------------------------
--------------------------------Authentication--------------------------------
------------------------------------------------------------------------------
 4/16/2020 3:11:10 PM Client-Info Version: 0.11.19
 4/16/2020 3:11:10 PM Client-Info OS:      Windows
 4/16/2020 3:11:10 PM Middleware::Authentication Waiting for authentication timeout to pass
 4/16/2020 3:13:10 PM Middleware::Communication Download: http://fogserver/fog/management/other/ssl/srvpublic.crt
 4/16/2020 3:13:10 PM Data::RSA FOG Server CA cert found
 4/16/2020 3:13:10 PM Middleware::Authentication Cert OK
 4/16/2020 3:13:10 PM Middleware::Authentication No token found at C:\Program Files (x86)\FOG\token.dat, this is expected if the client has not authenticated before
 4/16/2020 3:13:10 PM Middleware::Authentication ERROR: Could not get security token
 4/16/2020 3:13:10 PM Middleware::Authentication ERROR: Could not find file 'C:\Program Files (x86)\FOG\token.dat'.
 4/16/2020 3:13:10 PM Middleware::Communication POST URL: http://fogserver/fog/management/index.php?sub=requestClientInfo&authorize&newService
 4/16/2020 3:13:10 PM Middleware::Response Invalid security token

------------------------------------------------------------------------------
--------------------------------Authentication--------------------------------
------------------------------------------------------------------------------
 4/16/2020 3:13:10 PM Client-Info Version: 0.11.19
 4/16/2020 3:13:10 PM Client-Info OS:      Windows
 4/16/2020 3:13:10 PM Middleware::Authentication Waiting for authentication timeout to pass

---

apache access_log on fogserver

<Client_IP_Address> - - [16/Apr/2020:15:11:09 -0500] "GET /fog/management/other/ssl/srvpublic.crt HTTP/1.1" 200 1744 "-" "-"
<Client_IP_Address> - - [16/Apr/2020:15:11:10 -0500] "POST /fog/management/index.php?sub=requestClientInfo&authorize&newService HTTP/1.1" 200 15 "-" "-"
<Client_IP_Address> - - [16/Apr/2020:15:13:09 -0500] "GET /fog/management/other/ssl/srvpublic.crt HTTP/1.1" 200 1744 "-" "-"
<Client_IP_Address> - - [16/Apr/2020:15:13:09 -0500] "POST /fog/management/index.php?sub=requestClientInfo&authorize&newService HTTP/1.1" 200 15 "-" "-"

Re: unable to install CA certificate

I was getting this error:

Unable to install FOG Project CA

during GPO installation while the .msi lives on a DFS share. I also could not install the .msi manually over the share:

However copying it to the local machine it installed fine.

I made some permission changes on the DFS such as forcing READ permissions from the root for Domain Computers. I was able to install it over the share, and after a couple reboots it finally installed via GPO.

@astrugatch So it sounds like you’re kicking off a script rather than using the fields within the FOG Snapin GUI, correct?

@astrugatch What’s your share access look like? No user/passwords necessary?

We can do that. It lives in the same folder as setup so would I reuse the FOG variable like so?

[FOG_SNAPIN_PATH]\setup.exe /configure [FOG_SNAPIN_PATH]\installOfficeBusRet32.xml

Although now that I think about it, it’d be great if I could modify this file as-needed without having to re-compress the folder.

Could I use something like this instead?

[FOG_SNAPIN_PATH]\setup.exe /configure \\myserver\share\installOfficeBusRet32.xml

and if so, do you have any suggestions on creating a share which the fog service could read from without authentication?

Created a snapin pack using the directions here but can’t get the Office Suite to install. It keeps failing the above error.

Tried placing the setup.exe file along with the config.xml file inside a folder called ODT. I then selected each item within that folder and created a .zip:

It was automatically named after the parent folder: ODT.zip:

To be clear, I did not zip up the ODT folder. I selected the files/folders within it and created a zipped file called ODT.zip.

I deployed the snapin pack, but it seems FOG is unable see the files:

------------------------------------------------------------------------------
---------------------------------SnapinClient---------------------------------
------------------------------------------------------------------------------
 7/18/2019 1:46 PM Client-Info Client Version: 0.11.16
 7/18/2019 1:46 PM Client-Info Client OS:      Windows
 7/18/2019 1:46 PM Client-Info Server Version: 1.5.5
 7/18/2019 1:46 PM Middleware::Response Success
 7/18/2019 1:46 PM SnapinClient Running snapin 5000 - Office 365 Offline Installation ver.07.2019.1
 7/18/2019 1:46 PM Middleware::Communication Download: http://fogserver/fog/service/snapins.file.php?mac=my_mac&taskid=24
 7/18/2019 1:46 PM SnapinClient C:\Program Files (x86)\FOG\tmp\ODT.zip
 7/18/2019 1:46 PM SnapinClient Processing SnapinPack ODT.zip
 7/18/2019 1:46 PM SnapinClient Extracting SnapinPack
 7/18/2019 1:46 PM Bus Emmiting message on channel: Notification
 7/18/2019 1:46 PM SnapinClient Starting snapin
 7/18/2019 1:46 PM SnapinClient ERROR: Could not run snapin
 7/18/2019 1:46 PM SnapinClient ERROR: The system cannot find the file specified
 7/18/2019 1:46 PM Middleware::Communication URL: http://fogserver/fog/service/snapins.checkin.php?taskid=24&exitcode=-1&mac=my_mac&newService&json
------------------------------------------------------------------------------

A troubleshooting step was to insert “ODT” in the “Snapin Pack File” args but that also failed.

Possibly interesting is that when I edit the snapin pack, sometimes the Snapin Pack Template setting toggles back to:

- please select an option -

Here are my current settings:

The command is:

[FOG_SNAPIN_PATH]\setup.exe /configure installOfficeBusRet32.xml  

Any help appreciated!