RE: Which Linux distro(s) have been tested with FOG - What is recommended?

@wayne-workman i managed to go from 16 to 18 (server) fine… but when i tried to go 18 to 20 it all went wrong so just rolled the VM back. i will when 18 falls out of support do what Seb suggests and move the images over and the DB to a fresh install… after all my VM started life as v 14 of ubuntu so probably due a fresh install.

just to update I downloaded windows 11 23H2 from MS admin console and then made a new image with fog and deployed it and whilst for some reason the GPO that should auto encrypt the c drive doesn’t appear to be working, if I right click it and choose encrypt with BitLocker and chose allow windows to unlock the drive automatically (which is what the GPO should do) it encrypts just fine. So its definitely something new with Windows 11 24H2 I suspect its to do with secure boot being disabled.

Edit ignore the bit about the gpo not working I moved the pc to a diferent OU for testing and it simply wasn’t applied. I have since now forced windows update to install Win11 24H2 and the drive remains encrypted. so this for a while will be a workaround for our staff laptops that need to be encrypted.

I too am trying to get this working its new problem for us on Windows 11 24H2 our older win 11 images were fine so is our win 10 22H2 images.
other than trying the bcd edits in the post i have also tried below but still no joy

Tried separately and together these changes which are suggestions I came across on the net.
group policy editor -> computer config -> admin templates -> windows components -> bitlocker drive encryption -> os drives -> config TPM for UEFI.
PCR 0,2,11 Ticked (i.e. remove 4)
AND OR
group policy editor -> computer config -> admin templates -> windows components -> bitlocker drive encryption -> os drives -> Allow Secure Boot for integrity validation
Disable

Enabling some combinations in the Event log looks like the c drive is encrypting but on restart it then just goes into automatic recovery mode.
If we leave neither of these options set it doesn’t encrypt with the error message reported in this thread about the BCD Settings

These are the sort of Event logs we get (in this is with PCR 4 Removed)
Application and Service Logs > Microsoft > Windows > BitLocker-API

Before the GPO is applied lots of these

BitLocker cannot use Secure Boot for integrity because it is disabled.

After the GPO is applied . with lots of this inbetween the ones below

BitLocker cannot use Secure Boot for integrity because it is disabled in Group Policy.

BitLocker cannot use Secure Boot for integrity because it is disabled in Group Policy.
BitLocker Drive Encryption is using software-based encryption to protect volume C:.

The identification field was changed.
Identification GUID: {ID}

A BitLocker key protector was created.
Protector GUID: {ID}
Identification GUID: {ID}


BitLocker encryption was started for volume C: using XTS-AES 128 algorithm.

Device Encryption initialized automatically for volume C:.

BitLocker Drive Encryption recovery information was backed up successfully to Active Directory Domain Services.
Protector GUID: {ID}
Identification GUID: {ID}

A BitLocker key protector was created.
Protector GUID: {ID}
Identification GUID: {ID}

BitLocker was resumed for volume C:.

BitLocker successfully sealed a key to the TPM.
PCRs measured include [0,2,11].
The source for these PCRs was: Group Policy.

BitLocker was resumed for volume C:.

And in windows no padlock on the c drive… restart (even after being idle for 30 mins) no adds to the event log either… Windows Automatic repair.

Just to add I have tried it with and without the recovery partition on the end.

@sebastian-roth this has worked for me with a brand new HP 440 G8

@wayne-workman i managed to go from 16 to 18 (server) fine… but when i tried to go 18 to 20 it all went wrong so just rolled the VM back. i will when 18 falls out of support do what Seb suggests and move the images over and the DB to a fresh install… after all my VM started life as v 14 of ubuntu so probably due a fresh install.

@Gordon-Taylor ignore me… ive just reinstalled fog and mine is fine now… the mysql bug as mentioned at the begining of the thread

i think this is the same error as mine that started yesterday and it happened after i did a apt-get upgrade… i noticed at the end of the upgrade i has these lines:

NOTICE: Not enabling PHP 7.1 FPM by default.
NOTICE: To enable PHP 7.1 FPM in Apache2 do:
NOTICE: a2enmod proxy_fcgi setenvif
NOTICE: a2enconf php7.1-fpm
NOTICE: You are seeing this message because you have apache2 package installed.

ive just switched my fog server off as its stoping the workstations to boot and i cant stay late to troubleshoot it today… but i can tomorrow…

my fog server (1.5.5.3) runs in a hyper-v VM and the /images are mounted on a separate disk to the VHDX that contains the ubuntu OS so i will easily be able to back it up before i try doing the release update… but I’m just looking for any pointers or anything i may need to do once i got the Ubuntu up to the next LTS. I’m just conscious 14 is only in support till this April. Also should i go on and and go up to the 18 LTS?

Super that did work… thanks guys

I’m about to clock off i have a meeting this evening so i cant stay late today but if we cant work it out tomorrow then a team view would be fine…

about 450 ish hosts