RE: Proper way to reinstall the FOG Client

@Tom-Elliott oh, sorry, I didn’t notice this big yellow button in the General tab

And I can see the same button for the group, so I guess I can handle this. Thank you very much @Tom-Elliott !

@Tom-Elliott

Well, the errors I can see in the /var/log/apache2/other_vhosts_access.log are:

172.120.1.253:443 172.120.1.195 - - [09/Oct/2025:18:47:03 +0800] "POST /fog/service/Pre_Stage1.php HTTP/1.1" 500 3891 "-" "curl/8.14.1"
172.120.1.253:443 172.120.1.195 - - [09/Oct/2025:18:47:08 +0800] "POST /fog/service/Pre_Stage1.php HTTP/1.1" 500 3891 "-" "curl/8.14.1"
172.120.1.253:443 172.120.1.195 - - [09/Oct/2025:18:47:13 +0800] "POST /fog/service/Pre_Stage1.php HTTP/1.1" 500 3891 "-" "curl/8.14.1"
172.120.1.253:443 172.120.1.195 - - [09/Oct/2025:18:47:18 +0800] "POST /fog/service/Pre_Stage1.php HTTP/1.1" 500 3891 "-" "curl/8.14.1"

Regarding the /var/log/apache2/error.log are:

[Thu Oct 09 18:48:29.019424 2025] [proxy_fcgi:error] [pid 1662:tid 1662] [client 172.120.1.195:59922] AH01071: Got error 'PHP message: PHP Fatal error:  Uncaught ValueError: min(): Argument #1 ($value) must contain at least one element in /var/www/html/fog/lib/fog/image.class.php:396\nStack trace:\n#0 /var/www/html/fog/lib/fog/image.class.php(396): min()\n#1 /var/www/html/fog/lib/reg-task/taskqueue.class.php(112): Image->getStorageGroup()\n#2 /var/www/html/fog/service/Pre_Stage1.php(24): TaskQueue->checkIn()\n#3 {main}\n  thrown in /var/www/html/fog/lib/fog/image.class.php on line 396'
[Thu Oct 09 18:48:34.062774 2025] [proxy_fcgi:error] [pid 790:tid 790] [client 172.120.1.195:52762] AH01071: Got error 'PHP message: PHP Fatal error:  Uncaught ValueError: min(): Argument #1 ($value) must contain at least one element in /var/www/html/fog/lib/fog/image.class.php:396\nStack trace:\n#0 /var/www/html/fog/lib/fog/image.class.php(396): min()\n#1 /var/www/html/fog/lib/reg-task/taskqueue.class.php(112): Image->getStorageGroup()\n#2 /var/www/html/fog/service/Pre_Stage1.php(24): TaskQueue->checkIn()\n#3 {main}\n  thrown in /var/www/html/fog/lib/fog/image.class.php on line 396'
[Thu Oct 09 18:48:39.106621 2025] [proxy_fcgi:error] [pid 1461:tid 1461] [client 172.120.1.195:52776] AH01071: Got error 'PHP message: PHP Fatal error:  Uncaught ValueError: min(): Argument #1 ($value) must contain at least one element in /var/www/html/fog/lib/fog/image.class.php:396\nStack trace:\n#0 /var/www/html/fog/lib/fog/image.class.php(396): min()\n#1 /var/www/html/fog/lib/reg-task/taskqueue.class.php(112): Image->getStorageGroup()\n#2 /var/www/html/fog/service/Pre_Stage1.php(24): TaskQueue->checkIn()\n#3 {main}\n  thrown in /var/www/html/fog/lib/fog/image.class.php on line 396'

The php version the server is running is:

# php --version
PHP 8.2.29 (cli) (built: Jul  3 2025 16:16:05) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.2.29, Copyright (c) Zend Technologies
    with Zend OPcache v8.2.29, Copyright (c), by Zend Technologies

@Tom-Elliott sure, I’m forcing the task and this is causing the issue, just the ability or feature “force task” by itself doesn’t cause the issue, is just when I use it, if I let the task to be run by itself in the scheduled time or if I reboot the machine manually the capture is performed as expected.

Let me check the apache logs when this issue arises.

@Tom-Elliott Thank you for your reply … Could you provide more info on how to do this with a group? I’ve created a new group but can’t find any feature like “resetting the encryption data” anywhere, I’ve been looking into the HOST features and cannot find anything like that there either.

Thank you again

Unfortunately I had to reinstall FOG recreating the CA cert so … I’m forced to reinstall the clients in all my machines, the thing is … I’ve noticed when I reinstall the client I can see authentication problems due to the token.dat file … The only way I found to fix this problem is by deleting the HOST in the FOG web UI and letting the client to recreate it to be approved in the web UI. Is there a clean/proper way to reinstall the client (to refresh the CA) without having this issue?

Thank you very much guys

Ok, definitely I think I’ve found the issue. Apparently the problem is caused by this feature of forcing the task,

if I let the client to restart the machine at the time the task is scheduled or if I restart manually the machine … this problem doesn’t arise.

Why do you this this feature is causing these attempts to check in to fail?

Hi everyone, I’m trying to upgrade my FOG server instance, but particularly I also need to recreate my CA and server cert, so what I’ve tried is:

• git fetch --all in my fogproject clone of the github repo
• git merge (over the stable branch, ofc)
• then I’ve run bin/installfog.sh -C -K

All seems to work properly, I can even register HOSTs without problem, but … When I try to capture an image of some HOST I just can see a lot of

* Attempting to check in............................Failed

I’ve been searching for similar issues in the forum and I saw a few posts, of course I’ve checked my FOG_WEB_ROOT is properly set to /fog and indeed it is. In fact, I’ve not touched this setting and before upgrading it was working properly, so I’m not sure what could be happening in the upgrade process.

Thank you very much guys.

@Tom-Elliott said in Fog iPXE Menu no input:

Either way, similar to the post about bisect, below, might help us out as well.

I’d need more details, some article or document on how to perform this bisect, but I’m interested in contributing, sure

@Tom-Elliott said in Fog iPXE Menu no input:

@jfernandz next-server comes from the dhcp server option 66 (I think that’s what it is in Windows DHCP at least?)

That said, often when next-server is empty it’s usually because there’s multiple dhcp servers trying to tell the same single client their next-server and it doesn’t know which one to use, so it just goes blank. That’s not to say it couldn’t be a firmware issue, but just expressing my past experiences.

Hmm … my problem isn’t an empty value for next-server, rather … it comes with an IP, but its the DNS server IP address! …

Regarding the keyboard issue … we are working with Dell Precission 3930 Rack machines, but we also have in the same cluster a couple of Dell Precission 7960 Rack machines where I didn’t tested, I can say a couple of days ago, we upgraded the BIOS of the 3930 which are the ones I can detect this issue, that’s why I was guessing this could be a problem between iPXE and upgraded firmware

I’m experiencing the same problem with keyboard input, in fact the keyboard input doesn’t work either till the OS boots, it doesn’t work in Grub, I feel like if iPXE were having a kind of issue with the firmware.

Also I’ve noticed … I’ve had to replace ${next-server} in the ipxescripts files with the actual FOG Server IP as it seems iPXE isn’t able to retrieve this value from the DHCP service in the FOG Server. Not sure if the firmware issues could be causing this also.

@Tom-Elliott Well, sure about the bitlocker point. Regarding the LUKS point I wasn’t actually asking if it’s technically possible, but rather if this feature is currently implemented (partclone/partimage asking your for the LUKS passphrase)

Regarding this point … Now I’m thinking in cryptsetup and LUKS. I’ve noticed CloneZilla is able to ask you for a LUKS volume passphrase to decrypt it before taking the image, may FOG do the same? Apparently with default options FOG just takes the image in raw format, but is there some way to make FOG act like CloneZilla?

Thanks again and sorry for bringing up this topic again.

First of all, sorry for resurrecting this old thread. However … I was experiencing this issue with HP machines with BIOS U62 Ver.01.01.21 07/01/2024.

The only way I was able to workaround the issue is by using refind binaries from FOG 1.5.5 as @PeterL says in their answer:

@PeterL said in REFInd-Initializing - hangs:

Your issue with rEFInd is because of HPs EFI.
I have exactly the same issue with ProDesk 400 for quite some time.
The workaround to get those systems booting via rEFInd was a downgrade of the rEFInd binaries.

For me a downgrade to rEFInd out of the FOG 1.5.5 package did the trick.

FOG 1.5.5

Path in the ZIP archive: fogproject-1.5.5.zip\fogproject-1.5.5\packages\web\service\ipxe\refind.efi

The binary is dated 15.11.2018

On a Debian system place the file in /var/www/html/fog/service/ipxe
Once as “refind.efi” and a second time as “refind_x64.efi”.

But I’ve tried with latest rEFInd version from sourceforge as @george1421 points in their answer

@george1421 said in REFInd-Initializing - hangs:

@peterl FWIW the refind files can be located here: https://sourceforge.net/projects/refind/files/

For a very log time FOG shipped with 0.11.0 version of refind. This was a very stable, but old release. Based on the image date you referenced that must be the 0.11.4 release of refind. You might also want to try 0.13.2 (newest at the time of writing). To see if the very latest version of refind works for you.

but even this latest version isn’t able to boot the EFI partition from the internal disk. So weird, not sure how may I help to diagnose this issue for rEFInd project … but I’d like to help. Can’t find a way to increase verbosity for rEFInd despite I’ve tried some config directives in refind.conf

Thank you for this helpful post guys

@george1421 oh, that will be our best alternative for now, sure Anyway I was just trying to think in some possible feature FOG client could implement regarding this, maybe I’ll be willing in the future to contribute to the project though not sure right now if Suspend-Bitlocker will require some kind of authentication

@george1421 than you for your answer, you’re always willing to help

What about the point of implementing, for example, Suspend-BitLocker in the FOG client side?

The TPM point is a good one, but … almost all machines we work with have an “easily” accessible/replaceable TPM hardware module, could just we restore some disk image in a new machine with the TPM of the old one? Would this work?

I’ve noticed available tools for image managin (partclone and partimage) aren’t able to take an image of a disk with BitLocker enabled, I’ve seen that you could use manage-bde in CMD or Disable-BitLocker/Suspend-BitLocker to disable temporarily BitLocker and take the image. However I’m wondering if this process might be automated by the FOG client or I could provide FOG my BitLocker recovery key to make this process of take images of encrypted disk more automatic.

Thank you very much

Not sure why setting the LDAP plugin manually I couldn’t get it working … but I exported the plugin config from an old FOG instance and imported it in the new one and it worked, so I think you can mark this as solved

I’ve noticed for my purpose I should use the LDAP plugin, however, and despite I think I’ve set it properly … I can’t login as the user I’d like.

How might I debug this? Is there some specific log for this?

Hi everyone, I’m interested in connecting FOG to my DC (Active Directory) to be able to login in the FOG web UI using user/credentials from my AD (and just this), However … not sure if this section (Active Directory Defaults) in FOG Configuration -> FOG Settings is actually for this purpose … or this is intended for a different purpose (as I can see in here).

According to the link I pasted “FOG has the ability to register a host with Active Directory, in a limited sense.”, but I’m not interested in this feature, just the point I’ve talked about (FOG web UI login using my AD users), Is this even possible?

Thank you all!!

So … do you mean when you use the firmware’s boot menu and choose the deployed OS bootloader … it won’t boot?

I’m guessing you’re probably confused because of you had to set the PXE as first boot option … so every time the PC boots … It will fetch FOG through PXE. You can of course set again as first boot option your OS … but that would mean FOG wouldn’t boot first … so when you create a task to take an image … this won’t be done till you boot FOG from PXE manually or set again PXE as first boot option.

In the end … that’s how FOG works