Creating a csv host import from a network scan

Run the following code in powershell (after editing it with your network’s subnets) to create a csv that will import all hosts on your network.

# examples, just gotta put subnets minus the final .x in a string array
# Could also be params if this was a function
$subnets = @("192.168.1", "192.168.2", "10.2.114", "192.168.0"); 
$subnets | ForEach-Object { # loop through each subnet
	for ($i=0; $i -lt 255; $i++) { # loop through 0 to 255 of the subnet
		$hn = nslookup "$_.$i"; # run nslookup on the current ip in the loop
		if ($hn[3] -ne $null -AND $hn[3] -ne "") { # does the ip have a dns entry
			$hostN = $hn[3].Replace("Name:","").Trim(); # parse the nslookup output into a fqdn host name
			$mac = getMac /S $hostN; # does the hostname have a mac addr. Can also add /U and /P for user and password if not running from a administrative account
			if ($mac -ne $null) { # was there a mac for the host?
				$macAddr = $mac[3].Split(' ')[0]; # use the first found mac address and parse it
				"$hostN,$macAddr" | Out-File C:\hosts.csv -Append -Encoding UTF8; # add the hostname,macaddress to the csv
			}
		}
	}
}

@Arrowhead-IT Scratch that, it totally worked after a restart. So if you go breaking your permissions just run the script posted and restart and violia!

Everything is working for me now! hooray for the new inits!

@Lee-Rowlett I think you are somewhat correct there. In all my testing I found that it relates to when a user first logs in it installs all the metro apps for that user including cortana. And when you do a profile copy in the system advanced settings control panel it ends up copying some of those installed apps to the default profile which causes the installation of metro apps on a new profile to fail, but there’s no error because the installs think they succeed since the files are already there.
At least I think that has some to do with it. My new script system seems to work flawlessly and it is much easier than my old way of having to change the registry everytime and such.

I would still test your theory for you, just for funzies, but I don’t actually use an unattend.xml. I don’t like sysprep. It breaks my default profile sometimes, and I’ve seen it break other things and it forces you to go back to oobe which messes with my computer naming system. I’ve kinda found it to not be necessary. Yes it resets some security id’s for activation this and that but if you are using windows enterprise volume licensing, that doesn’t cause any problems. In windows 7 I figured out the registry key to change and then just re-inputting the windows key and reactivating gave it a new sid. Windows 8 and 10 just work without issue without doing that. As for drivers, I make my images on a vm so they’re already hardware independent and I use the terminal tool devcon (included in the windows wdk 8.1, I just copy the devcon.exe over to my image vm after installing the wdk on my workstation) to uninstall all the devices in the device manager before rebooting with devcon -r remove *
It goes through the uninstalling of devices much much faster than sysprep does too.

So thank you sir for your help, but I think I got it figured out.

I created a powershell module for using the Fog API

https://www.powershellgallery.com/packages/FogApi

Install instructions are found at that link.

You can also use powershellget https://www.powershellgallery.com/packages/PowerShellGet the command Install-Module -Name FogApi;*

Importing that module will help you to set up a quick and easy and crossplatform way to manage fog from a powershell prompt.

It is structured based on the api documentation found here https://news.fogproject.org/simplified-api-documentation/
It even autocompletes the parameter options based on that documentation.

So if you read that documentation and see that you can get an ‘object’ you can then take that to the command by saying Get-FogObject -type object -CoreObject objecttype that object type validates/autocompletes to the list of available core objects found in the documentation.

If you install the module and run help Invoke-FogApi it will display a bit more verbose help and documentation on how it all works.

There are a few main functions to use that all make calling the Invoke-FogApi function a bit easier with autocompletion fun times

• For GET api calls : Get-FogObject
• For POST api calls : New-FogObject
• For PUT api calls : Update-FogObject
• For DELETE api calls : Remove-FogObject

Each of these return powershell objects. If you’re unfamiliar with powershell and powershell objects, then this is a good way to learn.
They make it so you can take information and easily find and manipulate their properties.
i.e. if you did a $hosts = Get-FogObject - type Object -CoreObject host $hosts would contain 2 properties, a count of returned objects and an array of all your fog hosts, each with all the information fog has on them. So lets say you want to see all your hosts that have a intel cpu, you can search all the hosts for where the inventory’s cpu manufacturer has ‘intel’ in its value. $intelPCs = $hosts.hosts | ? { $_.inventory.cpuman -match 'intel' } Then maybe you just want the hostids, names, and mac addresses. $intelPCList = $intelPCs | Select-Object id,name,primac; $intelPCList;

PS Objects can also easily be turned into json by piping them into a ConvertTo-Json command. Meaning that you can just change the values of an object’s properties, such as a host’s name, image, etc. And then convert that to json to use as the jsondata in any other command.

I also included a Install-FogService function in the module for good measure that downloads the latest version of the client msi installer from your server and then silently installs it. In theory, you could use Invoke-Command to run that command on remote computers (though you would also have to import the module on each computer).

There is a settings.json file that the module pulls from to get your api keys and servername. It needs to be set manually, but automatically opens in an appropriate editor for your OS if it finds that the settings are still set to default. The default settings are explanations of where to find the values on your server.

Help Info from function code Will be updated overtime, putting here as it is the help info uri listed in module manifest
Invoke-FogApi

<#
        .SYNOPSIS
           a cmdlet function for making fogAPI calls via powershell
        
        .DESCRIPTION
            Takes a few parameters with some pulled from settings.json and others are put in from the wrapper cmdlets
            Makes a call to the api of a fog server and returns the results of the call
            The returned value is an object that can then be easily filtered, processed,
             and otherwise manipulated in poweshell.
            The defaults for each setting explain how to find or a description of the property needed.
            fogApiToken = "fog API token found at https://fog-server/fog/management/index.php?node=about&sub=settings under API System";
            fogUserToken = "your fog user api token found in the user settings https://fog-server/fog/management/index.php?node=user&sub=list select your api enabled used and view the api tab";
            fogServer = "your fog server hostname or ip address to be used for created the url used in api calls default is fog-server or fogServer";
                    
        .PARAMETER serverSettings
            this variable pulls the values from settings.json and assigns the values to 
            the associated params. The defaults explain how to get the needed settings
            fogApiToken = "fog API token found at https://fog-server/fog/management/index.php?node=about&sub=settings under API System";
            fogUserToken = "your fog user api token found in the user settings https://fog-server/fog/management/index.php?node=user&sub=list select your api enabled used and view the api tab";
            fogServer = "your fog server hostname or ip address to be used for created the url used in api calls default is fog-server or fogServer";

        .PARAMETER fogApiToken
            a string of your fogApiToken gotten from the fog web ui. 
            this value is pulled from the settings.json file
        
        .PARAMETER fogUserToken
           a string of your fog user token gotten from the fog web ui in the user section.
           this value is pulled from the settings.json file
        
        .PARAMETER fogServer
            The hostname or ip address of your fogserver, 
            defaults to the default name fog-server
            this value is pulled from the settings.json file
        
        .PARAMETER uriPath
            Put in the path of the apicall that would follow http://fog-server/fog/
            i.e. 'host/1234' would access the host with an id of 1234
            This is filled by the wrapper commands using parameter validation to 
            help ensure using the proper object names for the url 
            
        .PARAMETER Method
          Defaults to 'Get' can also be Post, put, or delete, this param is handled better
          by the wrapper functions
          get is Get-fogObject
          post is New-fogObject
          delete is Remove-fogObject
          put is Update-fogObject
        
        .PARAMETER jsonData
            The jsondata string for including data in the body of a request
        
        .EXAMPLE
            #if you had the api tokens set as default values and wanted to get all hosts and info you could run this, assuming your fogserver is accessible on http://fog-server
            Invoke-FogApi;

        .Example
            #if your fogserver was named rawr and you wanted to put rename host 123 to meow
            Invoke-FogApi -fogServer "rawr" -uriPath "host/123" -Method "Put" -jsonData "{ `"name`": meow }";

        .Link
            https://news.fogproject.org/simplified-api-documentation/
        
        .NOTES
            The online version of this help takes you to the fog project api help page
            
    #>

I would suggest using the full path of the file in your batch script instead of changing the directory.
And when I say full path, I mean the true full path, not the mounted S:\ drive.
Even if S:\ is being mounted by active directory or is a mapped drive as part of your image, I would still suggest using the full network/unc path.
I would also suggest mounting it with net use and a username and password. This will ensure the system account that the Fog Service uses has access to the files you want
I would also add some logging and other error preventions.

i.e. if S:\ was mapped to \FileServer\Share …

@ECHO off

echo. Create variables to make scripting easier
set sharePath=\\FileServer\Share\Pat

echo. Mount S drive path, replace username and password with share credentials. 
echo. If share is public omit the /USER parameter and everything after it


net use %sharePath% /USER:username password

echo. make sure destination exists, create it if it doesn't
if not exist C:\temp mkdir C:\temp

echo. copy each file, add /Y to overwrite without any prompt
echo. copying tdpunt...
copy /Y %sharePath%\tdpunt.bat C:\temp\ > C:\temp\tdpunt-bat-Copy.log
echo. copying tundpt.exe...
copy /Y %sharePath%\tundpt.exe C:\temp\ > C:\temp\tundpt-exe-Copy.log

echo. Done!

exit

Use that and then see if the .log files show up after deploying the snapin.

Also, in the web gui snapin config, you should take out the /qn that does nothing.
The snapin arguments section is for custom arguments that you have in your script. Your script doesn’t do anything with the /qn and it could cause issues. The /c parameter is passed to the cmd.exe command which tells cmd.exe to open a prompt, run the command, and then close.
If you had a line in your script like this

if "%1" == "/qn" (
    echo. hey look a parameter, lets do something since it's there!
)

then the /qn would have a point.

Hope that helps a bit.

Thanks,
-JJ

New Module Version Published

Just wanted to let people know that there’s a new version of the API yay!
It’s been published to the psgallery here https://www.powershellgallery.com/packages/FogApi/1903.0.0.22 and it is awaiting a pull request to show up in the fog community scripts git.
It has new functions to help do some common tasks, particularly with snapins. Here’s a list of the current functions.

Add-FogSnapins
Set-FogObject
Get-FogAssociatedSnapins
Get-FogGroup
Get-FogHost
Get-FogHosts
Get-FogInventory
Get-FogLog
Get-FogObject
Get-FogServerSettings
Get-FogSnapins
Install-FogService
Invoke-FogApi
New-FogObject
Remove-FogObject
Remove-UsbMac
Set-FogInventory
Set-FogServerSettings
Set-FogSnapins
Start-FogSnapins
Update-FogObject

In the past I made a script for automating svn updates. Since sourceforge has been making a habit of crashing lately, I decided to start using the git repo instead and adjusted my script to work with git.
I figured others might benefit from it so why not share…

#!/bin/bash
clear
# -------------------------------------------
# Fog Git Updater
# -------------------------------------------
# -------------------------------------------
# Script Purpose
# -------------------------------------------
# This script is designed to run an automated update of the latest FOG Git dev build and it's cron friendly
# -------------------------------------------
# -------------------------------------------
# Some prereqs for this script
# -------------------------------------------
# 1. Already have an existing working install/configuration of FOG 1.0 or later
#
# 2. Have git installed and setup. You can do that by doing....
# 	sudo apt-get install git
#  	mkdir /home/fog/fogInstalls/git
#	git clone https://github.com/FOGProject/fogproject.git /home/fog/fogInstalls/git
#
# 3. A script to echo the encrypted version of your sudo password, create one with this function
#	just put in your password into the following in place of your_super_secret_password (leave the quotes)
#	and then uncomment and copy paste the function into a terminal and then run it with just the name of the function pw
	# pw(){
	# 	touch /home/fog/fogInstalls/.~
	# 	ossl=`echo "your_super_secret_password" | openssl enc -des -a -e -pass pass:PASSWORD`
	# 	echo 'echo "$(echo '$ossl' | openssl enc -des -a -d -pass pass:PASSWORD)"' >> /home/fog/fogInstalls/.~
	# 	sudo chown fog.root /home/fog/fogInstalls/.~
	# 	sudo chmod 700 /home/fog/fogInstalls/.~ 
	# }
# -------------------------------------------
# -------------------------------------------
# Variables
# -------------------------------------------
# -------------------------------------------
echo "Creating Script variables..."
fogInstalls='/home/fog/fogInstalls'
gitPath="$fogInstalls/git"
backup="$fogInstalls/backups"
pw=`sh $fogInstalls/.~` 
# -------------------------------------------
# -------------------------------------------
# Functions
# -------------------------------------------
# -------------------------------------------
perms(){
	sudo chmod -R 775 $1
	sudo chown -R fog.fog $1
}

srvUpdate(){
	# Enter sudo mode aand do some quick server maintenance update fun times
	# First, enter sudo mode by echoing the output of decrypting your encrypted password and pipe that into an apt-get update
	#	Don't worry, it doesn't output the password into the terminal
	#	Now that the password is in once the terminal will keep it stored for the next bunch of sudo commands
	echo "Running Sever updates!..."
	echo $pw | sudo -S apt-get update -y
	sudo apt-get upgrade -y # install any upgrades you just downloaded
}

backupConfig(){
	# Backup custom config and other files
	# Copy the latest versions of any files you've changed that will be overwritten by the update and backup the database just in case.
	# For example you may want to back up...
	# Config.php
	# 	To be on the safe side your config file in the /opt folder that has may have a corrected webroot for ubuntu 14.04 and may have stored encrypted credentials (i.e mysql)
	# 		I think that the installer uses this file and keeps it anyway, but I like to be careful
	# Exports file
	#	Because this runs the installer with a yes pipe, it ends up telling it that the image path is "y",
	# 		simply backing up and restoring your current one avoids the issue of fog not finding your precious images. 
	# Custom pxe boot background
	# 	If you have a custom background for the pxe menu, the bg.png file
	# Mysql database dump
	#	It would be rather troublesome if something went horribly wrong in the update and your database goes kaboom, it's unlikely but backups are a good thing 
	# Just a note, It's a good policy to also have backups of these outside of your server, which you could add to this script with an scp command or something like that
	# -------------------------------------------
	echo "make sure backup dir exists..."
	if [ ! -d $backup ]; then
		mkdir $backup
	fi
	echo "Dumping the database..."
	mysqldump -u root --all-databases --events > $backup/DatabaseBeforeLastUpdate.sql #backup database
	echo "Backing up config and custom files..."
	echo "config.php..."
	sudo cp /opt/fog/service/etc/config.php $backup/config.php
	echo "fog settings..."
	sudo cp /opt/fog/.fogsettings $backup/.fogsettings
	echo "nfs exports..."
	sudo cp /etc/exports $backup/exports
	echo "custom pxe background..."
	sudo cp /var/www/html/fog/service/ipxe/bg.png $backup/bg.png 
}

gitP(){
        perms $gitPath
	echo "git pull...."
	cd $gitPath
	git pull
}

updateFOG(){
	echo "running FOG installer..."
	cd $gitPath/bin
	sudo bash installfog.sh -Y
}

restoreConfig(){
	# Restore backed up files
	# Restore the backed up files to their proper places and make sure they're formatted correct too.
	echo "restoring custom pxe background..."
	sudo cp $backup/bg.png /var/www/html/fog/service/ipxe # Restore Custom Background 
	# I found that I needed to do this in some configurations, but it may no longer be neccesarry...
	echo "Creating undionly for iPxe boot in ipxe folder, just in case..." 
	sudo cp /tftpboot/undionly.kpxe /tftpboot/undionly.0 # backup original then rename undionly 
	sudo cp /tftpboot/undionly.0 /var/www/html/fog/service/ipxe/undionly.0
	sudo cp /var/www/html/fog/service/ipxe/undionly.0 /var/www/html/fog/service/ipxe/undionly.kpxe
}

fixPerms(){
	echo "Changing Permissions of webroot..."
	perms '/var/www/html/fog'
	echo "Changing permissions of images...."
	perms '/images'
	echo "Changing permissions of tftpboot...."
	perms '/tftpboot'
}

# -------------------------------------------
# -------------------------------------------
# Run the script
# -------------------------------------------
# -------------------------------------------
srvUpdate
backupConfig
gitP
updateFOG
restoreConfig
fixPerms
echo "Done!"

@anthonyglamis Fogcrypt is essentially obsolete, yes. You can still put the fogcrypt output into the legacy input but I find the new auto-encrypt to work better. But yes I’m pretty sure that the fogcrypt tool is still there

I hadn’t noticed that the hashes were different before, so I checked mine and they are different. I haven’t had any problems though, so I would say it shouldn’t be an issue.

I just finished working with @Tom-Elliott we got it working. It was a simple fix.
It’s in the latest fog update now. So nvme drives work with fog 100% now right out of the box. Awesome like a possum!

@gaptoothgonni Well darn, have you tried booting with snponly.efi instead of ipxe.efi? It wouldn’t make a ton of sense if that worked but something else to try.
If it’s booting to the wim though, it should just be getting the drivers from the wim unless ipxe somehow changes how they’re presented, which I don’t think it does but that’s also the only difference between where it’s working. Might be worth looking at https://github.com/ipxe/ipxe/discussions and seeing if anyone has had similar issues. Since you’re just using FOG to create the ipxe boot menu, it’s not likely anything within FOG that’s causing this. You could try ipxe’s pre-built boot files, though they won’t have the embedded fog stuff https://boot.ipxe.org/ but maybe will make a difference. There’s other ipxe efi files you can try too, or try an older one ( I think we still include some legacy ones in /tftpboot)

@pilipp_edv That should be enough I imagine, thanks for being thorough. I’ll take a look at the kernel config when I get a chance.

@pilipp_edv
Glad you got it figure out.
In case you aren’t aware, you can download that bzImage as a different name like bzImage-mmc and use that case sensitive name in the Host Kernel field on any host you have with the mmc and your other hosts can use the default latest.

Would you be willing to share more info on the make/model of these computers and or the make/model of the mmc controller and such? Although it could just be down to what driver versions are included by linux at the kernel level with different versions of the kernel, we can also check if there was a config change in what we include in the kernel between then and now that could have caused this.

@chunter2 Ah, yes that would do it.
That just becomes the default value when creating new hosts.
If you set it via a group, it will update those values on all hosts in a given group, but it doesn’t do that dynamically/perpetually.

@ramone As far as I am aware, no one ever volunteered to take up the docker image maintenance. It’s essentially dead.
I think it’s possible in theory, you would just need volumes for the fog directories that need to be static between updates like the database and images, though there would surely be other fun issues with ports to work out. I personally see the desire for it if you’re in an environment where you already have lots of containers as a standard in your infrastructure, but I like having it just on its own server.
Is it not an option to start with a docker image that doesn’t already have a database on the default port? Or are you saying the docker host already has a database on said port?
I’m also sure we could figure out using an external database as storagenodes already connect to an external database. I would think that using docker for adding storage nodes might make some sense as you could put them all on one server and use volumes to mount disks from different sources.
However, the more virtualization and containerization you add, the more complication arises. Already once just on a virtual server you may not be able to use multi-cast imaging unless you’re able to add igmp snooping in your virtual networking. I don’t know if containers have that same limitation or other limitations that could be introduced.

This isn’t really a great answer I realize, and I apologize for that, but there’s a lot to consider with changing infrastructure.

Anyway, something you might try is to create a /opt/fog/.fogsettings file before installing and put in these settings

snmysqlpass='password'
snmysqlhost='remoteHost'
snmysqluser='fogmaster'
mysqldbname='fog'

Then try the installer, no idea if it would work, but something to try as far as using an external database.

@gaptoothgonni So while this can be done, FOG is designed to capture an image from where windows is already installed and sysprep’d, not to boot to a wim. Of course it can be done, but I just wanted to make sure that’s clarified.

All that said, doing it that way may or may not get past your problem, because it may just be a client pc bios setting.
If you manually boot to that iso on a usb on that pc, does it see the disks?
That message generally means it’s missing the storage driver.
Does the host you’re trying to deploy to have VMD/RAID enabled in the bios settings?
It is possible, and not even that hard if you’re already customizing the iso, to add the storage driver to the wim. I’ve never used NTLite, but in powershell you can mount the wim of the image with Mount-WindowsImage and use Add-WindowsDriver to add the inf you need to that image. You probably need to mount the boot.wim and setup.wim images and add it there too as you’re booting to the boot.wim and using winpe. This page might also be helpful https://learn.microsoft.com/en-us/windows/deployment/update/media-dynamic-update#update-windows-installation-media

I would also say, if you’re going this route, to consider making a autounattend.xml if NTLite doesn’t do that, as it can automate the install of windows and then have it kick things off into provisioning. We customize an iso like this and use it to create and capture our base image in FOG.

I got a little off topic there, TL;DR
Make sure the disks are seen if you boot to the iso manually, if they are not, then adjust the bios/uefi settings to use AHCI mode for disks as it works universally. If the disks are seen when manually booting, then something else is causing it not to see the local hardware.

@chunter2 It does look like you’re on an older version of fog. Updating to the latest stable, dev-branch, or my favorite working-1.6 version may help.

But also, are you saying that you joined the domain, then unjoined and then captured an image of that? Generally you don’t want to join the domain where you’re capturing, it’s much cleaner if it’s never joined the domain.
Or are you saying you’re trying to re-join the domain on a normal host? This could be an issue on the host’s settings in fog, could that have been changed on accident? Maybe autofill from a password manager changed the domain and or domain join password?

Another Release(s)! 2506.9.22
https://github.com/darksidemilk/FogApi/releases/tag/2506.9.22

2506.9.19-22 are a slew of releases where I kept finding issues in broader tests right after I released each version. So apologies for the over-releasing there.

• Fixed send-fogimage to work with more use cases and utilize more parameters available to scheduled tasks like bypassbitlocker. Also simplified the parameter sets to avoid errors when using the command with different parameter sets.
• Also added links to PSGallery and chocolatey in each github release going forward.

Full Release Note History: https://fogapi.readthedocs.io/en/latest/ReleaseNotes/
Powershell Gallery Listing for this version: https://www.powershellgallery.com/packages/FogApi/2506.9.22
Chocolatey Package Listing for this version (may take 1-60 days from release to be approved by chocolatey moderators): https://community.chocolatey.org/packages/FogApi/2506.9.22

@Ced58 I use this model. It’s best to get either the official Lenovo usb c ethernet adapter or the proprietary Lenovo adapter for the special ethernet port on these. Also in the bios there’s a Mac pass through option that you want to set to internal or second Mac address. With the latest version of fog and kernel it should see that internal mac even if you share an adapter for imaging multiple of that device.

@joshua_mchugh George’s mention of using a post install script to do it is more advanced but very worth the effort. Having it domain joined via sysprep specialize simplifies things in the long run.
That being said, you’re probably misunderstooding groups, because they’re a little confusing. Groups in Fog do not dynamically update the OU of the host members, but it can be used to set the OU in bulk on members. There is a plugin to change the behavior of groups if you want, but I’d try it the normal way first.
But if you set the OU on the host, then when it joins the domain via the fog client, it will be in that OU. It will not move a host to a different OU, unless you do something like manually leave the domain and change the computer name and then the fog service will rename the computer back to what it is in fog and then join the domain in the set OU.

I personally use a post install script now that grabs the OU from to host and Injects that into my unattend file. I believe I’ve posted some examples in the past. If I remember tomorrow when I’m at a computer and not a phone, I’ll link them.