Creating a csv host import from a network scan

Run the following code in powershell (after editing it with your network’s subnets) to create a csv that will import all hosts on your network.

# examples, just gotta put subnets minus the final .x in a string array
# Could also be params if this was a function
$subnets = @("192.168.1", "192.168.2", "10.2.114", "192.168.0"); 
$subnets | ForEach-Object { # loop through each subnet
	for ($i=0; $i -lt 255; $i++) { # loop through 0 to 255 of the subnet
		$hn = nslookup "$_.$i"; # run nslookup on the current ip in the loop
		if ($hn[3] -ne $null -AND $hn[3] -ne "") { # does the ip have a dns entry
			$hostN = $hn[3].Replace("Name:","").Trim(); # parse the nslookup output into a fqdn host name
			$mac = getMac /S $hostN; # does the hostname have a mac addr. Can also add /U and /P for user and password if not running from a administrative account
			if ($mac -ne $null) { # was there a mac for the host?
				$macAddr = $mac[3].Split(' ')[0]; # use the first found mac address and parse it
				"$hostN,$macAddr" | Out-File C:\hosts.csv -Append -Encoding UTF8; # add the hostname,macaddress to the csv
			}
		}
	}
}

@Arrowhead-IT Scratch that, it totally worked after a restart. So if you go breaking your permissions just run the script posted and restart and violia!

Everything is working for me now! hooray for the new inits!

@Lee-Rowlett I think you are somewhat correct there. In all my testing I found that it relates to when a user first logs in it installs all the metro apps for that user including cortana. And when you do a profile copy in the system advanced settings control panel it ends up copying some of those installed apps to the default profile which causes the installation of metro apps on a new profile to fail, but there’s no error because the installs think they succeed since the files are already there.
At least I think that has some to do with it. My new script system seems to work flawlessly and it is much easier than my old way of having to change the registry everytime and such.

I would still test your theory for you, just for funzies, but I don’t actually use an unattend.xml. I don’t like sysprep. It breaks my default profile sometimes, and I’ve seen it break other things and it forces you to go back to oobe which messes with my computer naming system. I’ve kinda found it to not be necessary. Yes it resets some security id’s for activation this and that but if you are using windows enterprise volume licensing, that doesn’t cause any problems. In windows 7 I figured out the registry key to change and then just re-inputting the windows key and reactivating gave it a new sid. Windows 8 and 10 just work without issue without doing that. As for drivers, I make my images on a vm so they’re already hardware independent and I use the terminal tool devcon (included in the windows wdk 8.1, I just copy the devcon.exe over to my image vm after installing the wdk on my workstation) to uninstall all the devices in the device manager before rebooting with devcon -r remove *
It goes through the uninstalling of devices much much faster than sysprep does too.

So thank you sir for your help, but I think I got it figured out.

I created a powershell module for using the Fog API

https://github.com/FOGProject/fog-community-scripts/tree/master/PowershellModules/FogApi

Install instructions are found at that link.
Edit: Discovered how easy it is to publish to PSGallery, published the module here https://www.powershellgallery.com/packages/FogApi/1.2 so it can also be installed with (if you have the latest powershell get https://www.powershellgallery.com/packages/PowerShellGet/1.6.5 ) the command Install-Module -Name FogApi;

Importing that module will help you to set up a quick and easy and crossplatform way to manage fog from a powershell prompt.

It is structured based on the api documentation found here https://news.fogproject.org/simplified-api-documentation/
It even autocompletes the parameter options based on that documentation.

So if you read that documentation and see that you can get an ‘object’ you can then take that to the command by saying Get-FogObject -type object -CoreObject objecttype that object type validates/autocompletes to the list of available core objects found in the documentation.

If you install the module and run help Invoke-FogApi it will display a bit more verbose help and documentation on how it all works.

There are a few main functions to use that all make calling the Invoke-FogApi function a bit easier with autocompletion fun times

• For GET api calls : Get-FogObject
• For POST api calls : New-FogObject
• For PUT api calls : Update-FogObject
• For DELETE api calls : Remove-FogObject

Each of these return powershell objects. If you’re unfamiliar with powershell and powershell objects, then this is a good way to learn.
They make it so you can take information and easily find and manipulate their properties.
i.e. if you did a $hosts = Get-FogObject - type Object -CoreObject host $hosts would contain 2 properties, a count of returned objects and an array of all your fog hosts, each with all the information fog has on them. So lets say you want to see all your hosts that have a intel cpu, you can search all the hosts for where the inventory’s cpu manufacturer has ‘intel’ in its value. $intelPCs = $hosts.hosts | ? { $_.inventory.cpuman -match 'intel' } Then maybe you just want the hostids, names, and mac addresses. $intelPCList = $intelPCs | Select-Object id,name,primac; $intelPCList;

PS Objects can also easily be turned into json by piping them into a ConvertTo-Json command. Meaning that you can just change the values of an object’s properties, such as a host’s name, image, etc. And then convert that to json to use as the jsondata in any other command.

I also included a Install-FogService function in the module for good measure that downloads the latest version of the client msi installer from your server and then silently installs it. In theory, you could use Invoke-Command to run that command on remote computers (though you would also have to import the module on each computer).

There is a settings.json file that the module pulls from to get your api keys and servername. It needs to be set manually, but automatically opens in an appropriate editor for your OS if it finds that the settings are still set to default. The default settings are explanations of where to find the values on your server.

Help Info from function code Will be updated overtime, putting here as it is the help info uri listed in module manifest
Invoke-FogApi

<#
        .SYNOPSIS
           a cmdlet function for making fogAPI calls via powershell
        
        .DESCRIPTION
            Takes a few parameters with some pulled from settings.json and others are put in from the wrapper cmdlets
            Makes a call to the api of a fog server and returns the results of the call
            The returned value is an object that can then be easily filtered, processed,
             and otherwise manipulated in poweshell.
            The defaults for each setting explain how to find or a description of the property needed.
            fogApiToken = "fog API token found at https://fog-server/fog/management/index.php?node=about&sub=settings under API System";
            fogUserToken = "your fog user api token found in the user settings https://fog-server/fog/management/index.php?node=user&sub=list select your api enabled used and view the api tab";
            fogServer = "your fog server hostname or ip address to be used for created the url used in api calls default is fog-server or fogServer";
                    
        .PARAMETER serverSettings
            this variable pulls the values from settings.json and assigns the values to 
            the associated params. The defaults explain how to get the needed settings
            fogApiToken = "fog API token found at https://fog-server/fog/management/index.php?node=about&sub=settings under API System";
            fogUserToken = "your fog user api token found in the user settings https://fog-server/fog/management/index.php?node=user&sub=list select your api enabled used and view the api tab";
            fogServer = "your fog server hostname or ip address to be used for created the url used in api calls default is fog-server or fogServer";

        .PARAMETER fogApiToken
            a string of your fogApiToken gotten from the fog web ui. 
            this value is pulled from the settings.json file
        
        .PARAMETER fogUserToken
           a string of your fog user token gotten from the fog web ui in the user section.
           this value is pulled from the settings.json file
        
        .PARAMETER fogServer
            The hostname or ip address of your fogserver, 
            defaults to the default name fog-server
            this value is pulled from the settings.json file
        
        .PARAMETER uriPath
            Put in the path of the apicall that would follow http://fog-server/fog/
            i.e. 'host/1234' would access the host with an id of 1234
            This is filled by the wrapper commands using parameter validation to 
            help ensure using the proper object names for the url 
            
        .PARAMETER Method
          Defaults to 'Get' can also be Post, put, or delete, this param is handled better
          by the wrapper functions
          get is Get-fogObject
          post is New-fogObject
          delete is Remove-fogObject
          put is Update-fogObject
        
        .PARAMETER jsonData
            The jsondata string for including data in the body of a request
        
        .EXAMPLE
            #if you had the api tokens set as default values and wanted to get all hosts and info you could run this, assuming your fogserver is accessible on http://fog-server
            Invoke-FogApi;

        .Example
            #if your fogserver was named rawr and you wanted to put rename host 123 to meow
            Invoke-FogApi -fogServer "rawr" -uriPath "host/123" -Method "Put" -jsonData "{ `"name`": meow }";

        .Link
            https://news.fogproject.org/simplified-api-documentation/
        
        .NOTES
            The online version of this help takes you to the fog project api help page
            
    #>

I would suggest using the full path of the file in your batch script instead of changing the directory.
And when I say full path, I mean the true full path, not the mounted S:\ drive.
Even if S:\ is being mounted by active directory or is a mapped drive as part of your image, I would still suggest using the full network/unc path.
I would also suggest mounting it with net use and a username and password. This will ensure the system account that the Fog Service uses has access to the files you want
I would also add some logging and other error preventions.

i.e. if S:\ was mapped to \FileServer\Share …

@ECHO off

echo. Create variables to make scripting easier
set sharePath=\\FileServer\Share\Pat

echo. Mount S drive path, replace username and password with share credentials. 
echo. If share is public omit the /USER parameter and everything after it


net use %sharePath% /USER:username password

echo. make sure destination exists, create it if it doesn't
if not exist C:\temp mkdir C:\temp

echo. copy each file, add /Y to overwrite without any prompt
echo. copying tdpunt...
copy /Y %sharePath%\tdpunt.bat C:\temp\ > C:\temp\tdpunt-bat-Copy.log
echo. copying tundpt.exe...
copy /Y %sharePath%\tundpt.exe C:\temp\ > C:\temp\tundpt-exe-Copy.log

echo. Done!

exit

Use that and then see if the .log files show up after deploying the snapin.

Also, in the web gui snapin config, you should take out the /qn that does nothing.
The snapin arguments section is for custom arguments that you have in your script. Your script doesn’t do anything with the /qn and it could cause issues. The /c parameter is passed to the cmd.exe command which tells cmd.exe to open a prompt, run the command, and then close.
If you had a line in your script like this

if "%1" == "/qn" (
    echo. hey look a parameter, lets do something since it's there!
)

then the /qn would have a point.

Hope that helps a bit.

Thanks,
-JJ

New Module Version Published

Just wanted to let people know that there’s a new version of the API yay!
It’s been published to the psgallery here https://www.powershellgallery.com/packages/FogApi/1903.0.0.22 and it is awaiting a pull request to show up in the fog community scripts git.
It has new functions to help do some common tasks, particularly with snapins. Here’s a list of the current functions.

Add-FogSnapins
Set-FogObject
Get-FogAssociatedSnapins
Get-FogGroup
Get-FogHost
Get-FogHosts
Get-FogInventory
Get-FogLog
Get-FogObject
Get-FogServerSettings
Get-FogSnapins
Install-FogService
Invoke-FogApi
New-FogObject
Remove-FogObject
Remove-UsbMac
Set-FogInventory
Set-FogServerSettings
Set-FogSnapins
Start-FogSnapins
Update-FogObject

@kbramhall said:

@Tom-Elliott I attempted to go through the installer and saying no to DHCP and DNS but if failed to install tftp-server this time. Attached is the foginstall.log file.0_1450298881023_foginstall.log

I took a look at the install log and noticed this bit

../lib/redhat/functions.sh: line 1: n#: command not found

I’ve seen that before. You need to both make sure that you’re running as the root user and make sure you’re running the install script from the bin folder.
i.e. cd into where you downloaded/untarred the fog installer and then

cd bin
./installfog.sh

I figured out when making the automated update scripts that you can’t run it with the full path like
/home/fog/installFoder/bin/installfog.sh
because it use the trailing … to get to some included scripts. So you have to start the script from its happy home.

Also, what happens when you try to install the packages that failed manually?
I would try them one at a time. It looks like these ones…

yum install tftp-server
yum install xinetd
yum install vsftpd
yum install gcc
yum install gcc-c++
yum install lftp

And I just had another thought, are you sure the firewall is completely disabled? I just remembered a recent experience where a fresh install cent OS wouldn’t do internet things until I flushed the iptables.
Which if memory serves is

iptables -F
or
iptables -f

Hopefully something there helps

In the past I made a script for automating svn updates. Since sourceforge has been making a habit of crashing lately, I decided to start using the git repo instead and adjusted my script to work with git.
I figured others might benefit from it so why not share…

#!/bin/bash
clear
# -------------------------------------------
# Fog Git Updater
# -------------------------------------------
# -------------------------------------------
# Script Purpose
# -------------------------------------------
# This script is designed to run an automated update of the latest FOG Git dev build and it's cron friendly
# -------------------------------------------
# -------------------------------------------
# Some prereqs for this script
# -------------------------------------------
# 1. Already have an existing working install/configuration of FOG 1.0 or later
#
# 2. Have git installed and setup. You can do that by doing....
# 	sudo apt-get install git
#  	mkdir /home/fog/fogInstalls/git
#	git clone https://github.com/FOGProject/fogproject.git /home/fog/fogInstalls/git
#
# 3. A script to echo the encrypted version of your sudo password, create one with this function
#	just put in your password into the following in place of your_super_secret_password (leave the quotes)
#	and then uncomment and copy paste the function into a terminal and then run it with just the name of the function pw
	# pw(){
	# 	touch /home/fog/fogInstalls/.~
	# 	ossl=`echo "your_super_secret_password" | openssl enc -des -a -e -pass pass:PASSWORD`
	# 	echo 'echo "$(echo '$ossl' | openssl enc -des -a -d -pass pass:PASSWORD)"' >> /home/fog/fogInstalls/.~
	# 	sudo chown fog.root /home/fog/fogInstalls/.~
	# 	sudo chmod 700 /home/fog/fogInstalls/.~ 
	# }
# -------------------------------------------
# -------------------------------------------
# Variables
# -------------------------------------------
# -------------------------------------------
echo "Creating Script variables..."
fogInstalls='/home/fog/fogInstalls'
gitPath="$fogInstalls/git"
backup="$fogInstalls/backups"
pw=`sh $fogInstalls/.~` 
# -------------------------------------------
# -------------------------------------------
# Functions
# -------------------------------------------
# -------------------------------------------
perms(){
	sudo chmod -R 775 $1
	sudo chown -R fog.fog $1
}

srvUpdate(){
	# Enter sudo mode aand do some quick server maintenance update fun times
	# First, enter sudo mode by echoing the output of decrypting your encrypted password and pipe that into an apt-get update
	#	Don't worry, it doesn't output the password into the terminal
	#	Now that the password is in once the terminal will keep it stored for the next bunch of sudo commands
	echo "Running Sever updates!..."
	echo $pw | sudo -S apt-get update -y
	sudo apt-get upgrade -y # install any upgrades you just downloaded
}

backupConfig(){
	# Backup custom config and other files
	# Copy the latest versions of any files you've changed that will be overwritten by the update and backup the database just in case.
	# For example you may want to back up...
	# Config.php
	# 	To be on the safe side your config file in the /opt folder that has may have a corrected webroot for ubuntu 14.04 and may have stored encrypted credentials (i.e mysql)
	# 		I think that the installer uses this file and keeps it anyway, but I like to be careful
	# Exports file
	#	Because this runs the installer with a yes pipe, it ends up telling it that the image path is "y",
	# 		simply backing up and restoring your current one avoids the issue of fog not finding your precious images. 
	# Custom pxe boot background
	# 	If you have a custom background for the pxe menu, the bg.png file
	# Mysql database dump
	#	It would be rather troublesome if something went horribly wrong in the update and your database goes kaboom, it's unlikely but backups are a good thing 
	# Just a note, It's a good policy to also have backups of these outside of your server, which you could add to this script with an scp command or something like that
	# -------------------------------------------
	echo "make sure backup dir exists..."
	if [ ! -d $backup ]; then
		mkdir $backup
	fi
	echo "Dumping the database..."
	mysqldump -u root --all-databases --events > $backup/DatabaseBeforeLastUpdate.sql #backup database
	echo "Backing up config and custom files..."
	echo "config.php..."
	sudo cp /opt/fog/service/etc/config.php $backup/config.php
	echo "fog settings..."
	sudo cp /opt/fog/.fogsettings $backup/.fogsettings
	echo "nfs exports..."
	sudo cp /etc/exports $backup/exports
	echo "custom pxe background..."
	sudo cp /var/www/html/fog/service/ipxe/bg.png $backup/bg.png 
}

gitP(){
        perms $gitPath
	echo "git pull...."
	cd $gitPath
	git pull
}

updateFOG(){
	echo "running FOG installer..."
	cd $gitPath/bin
	sudo bash installfog.sh -Y
}

restoreConfig(){
	# Restore backed up files
	# Restore the backed up files to their proper places and make sure they're formatted correct too.
	echo "restoring custom pxe background..."
	sudo cp $backup/bg.png /var/www/html/fog/service/ipxe # Restore Custom Background 
	# I found that I needed to do this in some configurations, but it may no longer be neccesarry...
	echo "Creating undionly for iPxe boot in ipxe folder, just in case..." 
	sudo cp /tftpboot/undionly.kpxe /tftpboot/undionly.0 # backup original then rename undionly 
	sudo cp /tftpboot/undionly.0 /var/www/html/fog/service/ipxe/undionly.0
	sudo cp /var/www/html/fog/service/ipxe/undionly.0 /var/www/html/fog/service/ipxe/undionly.kpxe
}

fixPerms(){
	echo "Changing Permissions of webroot..."
	perms '/var/www/html/fog'
	echo "Changing permissions of images...."
	perms '/images'
	echo "Changing permissions of tftpboot...."
	perms '/tftpboot'
}

# -------------------------------------------
# -------------------------------------------
# Run the script
# -------------------------------------------
# -------------------------------------------
srvUpdate
backupConfig
gitP
updateFOG
restoreConfig
fixPerms
echo "Done!"

@anthonyglamis Fogcrypt is essentially obsolete, yes. You can still put the fogcrypt output into the legacy input but I find the new auto-encrypt to work better. But yes I’m pretty sure that the fogcrypt tool is still there

I hadn’t noticed that the hashes were different before, so I checked mine and they are different. I haven’t had any problems though, so I would say it shouldn’t be an issue.

@george1421 I see that in the code but this is a method I use to get past dhcp on the daily. I think it’s going out to dhcp just to make sure the machine has an ip address and is on the network and then connects to the tftp server. But since it already has the efi boot file it’s not using dhcp to try to go find it, which is the part I believe he needs to skip. But if my thought doesn’t work then the default.ipxe method you outlined is worth a shot.

I would add to your method that in the case that file isn’t seen (like if it’s a super picky uefi bios) you could create a efi partition instead of fat32 with diskpart But I would bet your method there would work.

You could also use something like refind or grub2win on a usb and embed the ipxe.efi file and set it as a boot option. This would completely skip the dhcp portion of the pxe boot as you’ll arleady have the pxe file and it should skip straight to booting to the fog tftp server.

You could also include adding your chosen boot loader to your devices as part of your provisioning process (setupcomplete/firstlogoncommands etc.) so that you wouldn’t require pxe booting or a special usb to re-image a computer once deployed.

An easy way to test if booting straight to the ipxe.efi file would work is if your devices support either a built-in uefi shell or have the ability to choose a boot file in the bios settings. In that case you can just get a normal usb and simply put that ipxe.efi file on it (located on your fog server at /var/www/fog/service/ipxe/ipxe.efi I believe or it may be at /tftp or both). If all of that sounded complicated let me know the model of the computers and I’ll see if I can figure out if they have that capability.

There’s also the dnsmasq option which sets up a sort of proxy dhcp but it’s been a long time since I had to do that, but it makes it work as if you had the dhcp options set up. The only issue you might run into is if your dhcp server is on a faster network connection than your fog server, the dhcp server will beat your fog server to to responding to the dhcp requests.

Another thought, if the reason you can’t change the dhcp options is because it’s currently pointing to wds, you could also see if you’d be allowed to add policies to the dhcp server that would check for the specific devices and then boot just them to the fog server. Some example of this can be found in this wiki article https://wiki.fogproject.org/wiki/index.php?title=BIOS_and_UEFI_Co-Existence but you would have to do more research to find a way for the policies to detect the specific devices.

I will gladly go into more detail on any of these options if you want to give one a try.

@Sebastian-Roth I updated and imaged a computer. It didn’t happen during imaging again, yay!

However, I just saw another host that was imaged back in February come up as pending for no apparent reason. It still has its image history, inventory, membership, snapin history, login history, etc. It is missing its assigned image (it was assigned before the image’s display name was changed) and it is missing its active directory OU settings. I have not taken it out of pending in case there’s something more to look at for debugging purposes. I’m working remotely at the moment and it seems the computer is turned off, otherwise I’d grab the fog.log in case there’s something in there that hasn’t been truncated that might help.

I just figured out that sending stuff out with the image doesn’t work as well as one would like. None of the fog hosts seem to be working and the like. I try to make it grab the new image off one of the clients and it doesn’t actually grab them.

What do you mean by this? Do you see anything in the C:\fog.log on the clients? Or are you saying that they aren’t imaging correctly?

For that example snapin, if you’re just wanting that file to show up in C:\users a simple snapin pack. I’d take a look at the link @george1421 gave on snapinpacks and make a zip with a script that copies that file to C:\users.

As a simpler test you could create a powershell or batch script that just makes a hello world text file and see if that works.

i.e. powershell

"Hello World!" | Out-File -encoding oem -filePath C:\users\public\Desktop\hello.txt -force;

So put that into a file called hello.ps1 and make a new snapin with the Powershell template and upload the simple script. The snapin read-only command at the bottom should look like this
powershell.exe -ExecutionPolicy Bypass -NoProfile -File hello.ps1
Then add it to a host and deploy it as a single snapin task and see if it works.
You can deploy it then if you have access to the host you can run this in powershell to open up a dynamic version of the fog log to watch what’s happening on the client

cat C:\fog.log -wait

##cat is an alias for get-content. You can also do this with Get-FogLog if you install the FogApi powershell module

@Sebastian-Roth I updated to the RC2 from the master branch. Gonna be imaging a machine (well a virtual machine) shortly. I’ll let you know how it goes

@Sebastian-Roth I will give that a go and see if it that eradicates the issue. I haven’t seen it happen since I fixed all the snapin hashes and updated the client, but I’ve also only imaged one computer since then.

@swadsworth here’s a link to the location plugin tutorial https://wiki.fogproject.org/wiki/index.php?title=Location_Plugin

@swadsworth What I’m getting at (I tend to ramble and want to share all the details) is that if you’re using a vpn, you shouldn’t need to do anything special compared to a normal setup.

But then I just thought about it a bit more.
You’re running the fog server on a computer in your house, so it will need to go through the vpn to get to the network and then through the vpn to get to all the other computers. This could get hinky, but hey test it first, could be fine. What I would do is, assuming you have a central office/site where the vpn/main network is hosted, setup the fog server on a virtual or physical machine there. But since you’re doing the imaging at your house, setup that device as a node so the imaging can happen theoretically locally.

So if all worked nicely an imaging device would follow this path

---

pxeBoot ->

find configured tftp server (central fog server) ->

download ipxe.efi boot file ->

boot to central fog ->

start image task (through pxe menu or automatically here if already queued) ->

image task connects to local storage node (will require configuring the node priority) ->

Imaging then happens within local network (hopefully, it may still be trying to traverse the vpn to get to the node)

---

However if that doesn’t work as expected and instead still goes over the vpn, then keeping your fog server and devices being imaged on the same local network is better. So for snapin deploying, it would make more sense to have that server on the same network the vpn is on, so that all the clients just go through a vpn -> main network -> fog server and then back again path rather then a vpn -> main network -> vpn -> fog server and then back again path. Your best imaging experience would be all on the same network, but fog client stuff you want to do can work over vpn.

If it gets super complicated, a semi-simple solution would be to just set up 2 fog servers. 1 that you already have that you just use for imaging devices before putting them on the network, then a central fog server on the main network you use for the fog client management. You could just embed a fog client connected to the central server in the image to simplify that part.

I’m sure there’s someone else that has done something similar to what you’re trying to do. There’s a location plugin for example that helps with connecting servers at different sites, I don’t have any experience with it though. I will gladly be of as much help as I can through here as this sounds like a fun setup. But others with more experience with remote locations may need to chime in.

So in my second test to see if this happened again it didn’t happen again. The second surface go 2 I’m imaging got past the part the other one magically became pending.

So there were 2 differences one or both of which fixed the problem

• Manually Re-uploaded the file for the snapin that had a mismatch hash error
• Fog Client 0.12.0 was used instead of 0.11.19

I need to image another different device before I can be really sure.

So now I’m wondering why the new 0.12.0 fog client isn’t being auto updated to on all my clients through the client updater? As I recall from past updates, simply updating the installer on the fog server side should get all the clients to update. Am I forgetting a step? @Sebastian-Roth maybe you have some insights.
I can deploy it through my own software deployment tools if I must.