@shatchett0 So it is working now on the new install?
Posts
-
RE: Unable to Capture Using Single Disk - Resizableposted in FOG Problems
-
RE: Powershell API Moduleposted in Tutorials
A patch version update has been released!
-
Fixed an issue with github actions where the release build step wasn’t committing because no user or email address was set, made the github actions bot be the author on those.
-
Fixed a typo in the Set-FogSnapins $pkglist param definition, somehow had accidentally made it just string instead of a string array which broke some of my internal scripts so i quickly patched it in case it broke anyone elses
-
As a side note, if anyone is curious as to why it jumped from xxxx.6.x to xxxx.9.x that was an accident that I didn’t notice till today… It should have been 2408.7.x. It was probably a typo or I forgot to revert it after the tests of the new build and release system. Since there were already 500+ downloads on xxxx.9.2 I’m not going to go deleting those versions and redoing them as xxxx.7.x. Apologies if anyone caught that and was confused
Release notes: https://github.com/darksidemilk/FogApi/releases/tag/2408.9.3
Full change log:
https://github.com/darksidemilk/FogApi/compare/2408.9.2...2408.9.3
PSGallery: https://www.powershellgallery.com/packages/FogApi/2408.9.3 -
-
RE: Unable to Capture Using Single Disk - Resizableposted in FOG Problems
@shatchett0 I always install with the git method as it makes updates easier, but both should work the same.
I would suggest trying the git method. I’ll have to go test the tar version and see if I get the same result, it’s odd that it’s not showing you what the latest other versions are there, might be an HTTP vs HTTPS thing, might be a firewall issue, I saw something in another forum post where someone’s firewall was blocking the search for latest versions or something like that.I would also try canceling the task, boot the host to the pxe menu, and use the check compatibility option. Make sure it shows as compatible with FOG and that all the hard drive info shows the partitions you expect.
If you just installed it should have downloaded the latest kernel and init during the install, if you click on that “DefaultMember FOG Version:” box/modal it should expand and show the kernel version.
I also just noticed that your image definition shows Windows 10 (OS ID of 9) but the error message on capture shows osid=50 which is Linux, are you sure you have the right image assigned on the host being captured? (I would also increase the compression level for Zstd to 11, but that’s just me)
-
RE: Getting a boot error. Kernel panic for block (0,0)posted in FOG Problems
@gribbler Are you able to get to the fog pxe boot menu on this host?
If so can you try theClient System Information (Compatability)option?
Mainly want to see option 4 (check fog compatibility) passes (Doing this after what @Tom-Elliott suggested)Also, if you’re building a custom ipxe.efi file to support the Marvell card, do you happen to have any other cards on this machine that you could try with the default ipxe.efi file?
Do you maybe have theFOG_KERNEL_LOGLEVELfog setting (in fog configuration->fog settings) up higher than 4? That might explain the extra output you’re seeing -
RE: Powershell API Moduleposted in Tutorials
A major version update has been released!
Added various functions and some new features. If you’re using fog 1.6 beta I added some tab complete of your server’s host names dynamically (the api in 1.6 is much faster, so there’s less overhead in making the call to list host names).
Also added a get-fogversion and various other requested features.One big and often requested thing included is a
Set-WinToBootToPxefunction that attempts to find the pxe boot entry in a windows hosts bcedit /enum {fwbootmgr} and sets it as the first boot option. I’ve used it with much success in my environment but I need feedback from other environments to make it truly universal.Another big update is pipeline support. It’s not quite yet as universal as I want, but I added things like
get-foghost -hostname somename | add-foghostmac -macaddress 00:00:00:00:00:00Release notes: https://github.com/darksidemilk/FogApi/releases/tag/2408.9.2
Full change log:
https://github.com/darksidemilk/FogApi/compare/2311.6.4...2408.9.2
PSGallery: https://www.powershellgallery.com/packages/FogApi/2408.9.2 -
RE: Unable to Capture Using Single Disk - Resizableposted in FOG Problems
@shatchett0 I’ve only ever used RHEL based linux with fog, currently using Rocky myself. If you’re more comfortable with debian then nothing wrong with that.
Which kernel did you update to? There should be some “experimental” ones from earlier this month that work great.
Also 1.5.10 not 1.5.10.1593 ?
You should update to at least the latest stable version. I can help with that if you need it. -
RE: Unable to Capture Using Single Disk - Resizableposted in FOG Problems
@shatchett0 Got into your fog configuration and check what version of fog you’re on.
Your picture shows the init version, we have newer inits and kernels that might make a difference.
Updating fog and the kernels is fairly easy.Can you take a screenshot of the image settings you’re trying to capture for? There could be somethign else off there.
-
RE: FOG 1.5.10. install problemposted in FOG Problems
@kalmarteve How did you delete the old FOG? It looks like the web server folder still exists and the database probably still exists.
This wiki article outlines a method for fully removing FOG if you’re looking for a fresh install.
https://wiki.fogproject.org/wiki/index.php/Uninstall_FOG
If you have a backup you can restore too, you should also be able to just do an in-place upgrade.
-
RE: Problem Firewall Proxmoxposted in General Problems
@FCCL-Vandoeuvre what are you doing or. Trying to do when you get the sshd lock error?
Where are you seeing the error exactly? -
RE: Adapt MBR images to GPTposted in General
@oscarvc https://learn.microsoft.com/en-us/windows-server/storage/disk-management/change-an-mbr-disk-into-a-gpt-disk
This might help? Not sure you can convert the actual image files on fog without a recapture, that would be difficult if not impossible. But you could automate a conversion to gpt after imaging perhaps -
RE: How to use unattended script to complete oobe without loading a new imageposted in General
@rogerdodger wait, I just read this bit, not reimaging it makes it difficult. You still could use snapins and the fog client, but fully automating it would require reimaging.
-
RE: How to use unattended script to complete oobe without loading a new imageposted in General
@rogerdodger If all your SD card is doing is running ppkg files, those can be applied with powershell in a snapin, in some instances you can embed such in the image but usually best to do it after, during we’ll provisioning.
So you can probably make a simple snapin that uses powershell and the install-provisioningpackage command that references each ppkg file which you upload as the snapin file. There are some other ways you can go about it, it won’t work out of the box, but you can build a pretty robust automation solution with fog at the core.
You could also embed the ppkgs or a script that downloads the most up to date version from an internal source and have it as part of a setupcomplete.cmd or synchronous commands in an unattend xml
I’m on a phone at the moment, but if you want to go down this road I will gladly help you get started
-
RE: fog install ubuntu problemposted in General Problems
@theyikes Why do you need to reset it to the original installation state repeatedly?
How to do that is in the wiki here https://wiki.fogproject.org/wiki/index.php/Uninstall_FOG (that doc isn’t yet migrated to the new docs site)I’m not sure why you’re wanting to start the server side fresh though.
The general idea is
- Create Fog Server on a linux vm/machine that has enough storage for the OS images (not isos, captures of install states)
- Setup a different VM with the OS as ‘golden image’ (With windows you need to utilize sysprep)
- Register that VM as a host in FOG and capture the image.
- Deploy the image to as many other hosts as you desire
See also :
https://docs.fogproject.org/en/latest/capture-an-image
https://docs.fogproject.org/en/latest/deploy-an-image
https://docs.fogproject.org/en/latest/intro -
RE: Scheduled Tasks - New Image with Task/current-Dateposted in Feature Request
@Tom-Elliott @paranoid64
Just to offer another use case for this, if I’m understanding it right. We currently maintain a ‘prev’ version of our image as a separate image.
The idea being if something is wrong with the new ‘stable’ image we can quickly revert to using the ‘prev’ image and continue on.
If when capturing it automatically kept the previous version, we wouldn’t need to manually do that. We don’t actually capture to the prev image, we just created the image definition and manually do a copy of the image on the server before capturing a new stable version.
We typically align this with the windows YYH2 releases.We could probably do away with our prev image step if the stable image had an automatic history. I mean sure we have snapshot backups of our fog server too if we need it, but it’s always nice to have it at the file level for a quicker restore.
I could see other users wanting that built-in backup copy. But even still I would make it an optional setting to turn on and off, not everyone will have the storage space for 2-3 versions of their image.
-
RE: FOG Post Install, Sysprep, unattend fileposted in General
@HorizonG Short answer to both, yes.
There’s a bit of work to do to make it work but you can.
The first thing to know to help in full is what phase of sysprep you captured at?If you captured right after the generalize phase (best practice) and specialize is what starts you can indeed update the unattend file dynamically with computer name, domain, ou, etc.
You can only effect the phases that haven’t happened yet. So you can add things to the specialize and oobe phases. Specialize does things before windows fully loads, it’s essentially a winpe environment, and oobe is the full windows where you can have a setupcomplete run. I have it kick off a series of powershell scripts (essentially).Windows also moves the unattend file around across the phases, when I update the unattend file in a post install script I just update it in all these places. i.e. in the context of fog having mounted
at /ntfs
"/ntfs/Windows/System32/Sysprep/Unattend.xml" "/ntfs/Windows/Panther/unattend.xml" "/ntfs/Windows/Panther/Unattend.xml"I also have one at C:\Unattend.xml you’ll see in my example below.
Also note that it’s case sensitive, which is why I have 2 in the same spot as I’ve seen it both ways.
I don’t have time to dig into too much detail right now but here’s an example of injecting some stuff into the unattend files. I also included my bit where I can just patch in an updated Unattend.xml file, though this wouldn’t scale for every host I just use it for another option before recapturing a whole image to test an unattend change.
One very important bit for this to work as it does in the example is I have this bit in my specialize phase, which I replace with computername and AD info, replace NETBIOSDOMAINNAME with your short domain name that you use for this format logon string
domain\username<component name="Microsoft-Windows-UnattendedJoin" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <Identification> <JoinWorkgroup>NETBIOSDOMAINNAME</JoinWorkgroup> </Identification> </component>I also have
<ComputerName></ComputerName>in the specialize phase under my"Microsoft-Windows-Shell-Setup"component i.e. the end of this has that. I took out my company info from this example, you don’t need all of this the same, just a contextual example. The product key is the GVLK for windows 10/11 publicly available.<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <DesktopOptimization> <GoToDesktopOnSignIn>true</GoToDesktopOnSignIn> <ShowWindowsStoreAppsOnTaskbar>true</ShowWindowsStoreAppsOnTaskbar> </DesktopOptimization> <BluetoothTaskbarIconEnabled>true</BluetoothTaskbarIconEnabled> <ConvertibleSlateModePromptPreference>1</ConvertibleSlateModePromptPreference> <CopyProfile>false</CopyProfile> <DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet> <EnableStartMenu>true</EnableStartMenu> <OEMName>Company Name</OEMName> <RegisteredOrganization>Company Name</RegisteredOrganization> <ShowPowerButtonOnStartScreen>true</ShowPowerButtonOnStartScreen> <RegisteredOwner>Company Name</RegisteredOwner> <SignInMode>2</SignInMode> <TimeZone>Mountain Standard Time</TimeZone> <OEMInformation> <SupportURL>http://helpme.company.tld</SupportURL> <Logo>C:\img\company-logo.bmp</Logo> <SupportPhone>555-5555</SupportPhone> <SupportProvider>String that shows up in sys info</SupportProvider> <Manufacturer>string that shows up in sys info</Manufacturer> </OEMInformation> <Themes> <BrandIcon>C:\img\company-logo.png</BrandIcon> <ThemeName>Company Theme</ThemeName> <DesktopBackground>%WINDIR%\web\Wallpaper\some-injected-background.jpg</DesktopBackground> <WindowColor>Automatic</WindowColor> <DefaultThemesOff>false</DefaultThemesOff> </Themes> <DoNotCleanTaskBar>true</DoNotCleanTaskBar> <AutoLogon> <Password> <Value>supersecretencryptedpassword</Value> <PlainText>false</PlainText> </Password> <Enabled>true</Enabled> <Username>Administrator</Username> <LogonCount>99</LogonCount> </AutoLogon> <ProductKey>NPPR9-FWDCX-D2C8J-H872K-2YT43</ProductKey> <ComputerName></ComputerName> </component>The fog post download examples. I also do something with the device form setting but I tried to just take that out for this example. Device form is mildly helpful for configuring the tablet vs desktop user experience if you have a mix of such devices.
unattends=("/ntfs/Unattend.xml" "/ntfs/Windows/System32/Sysprep/Unattend.xml" "/ntfs/Windows/Panther/unattend.xml" "/ntfs/Windows/Panther/Unattend.xml") for unattend in ${unattends[@]}; do [[ ! -f $unattend ]] && break #as a failsafe, reload the funcs.sh from fog . /usr/share/fog/lib/funcs.sh dots "Preparing Sysprep File at $unattend" #update unattend files if an Unattend.xml file is present to replace current file if [[ -f "/images/drivers/Unattend.xml" ]]; then echo -en "\n\nUnattend.xml patch file detected, updating the Unattend.xml file baseline\n\n"; echo -en "\n\nUnattend.xml patch file detected, updating the Unattend.xml file baseline\n\n" >> $updateUnattendLog rsync -aqzz "/images/drivers/Unattend.xml" $unattend; else echo -en "\n\nNo Unattend.xml patch file detected, skipping update of unattend.xml file baseline and just updating contents\n\n"; echo -en "\n\nNo Unattend.xml patch file detected, skipping update of unattend.xml file baseline and just updating contents\n\n" >> $updateUnattendLog fi #echo "File update Done" debugPause if [[ $adon=="1" ]]; then cp $unattend $unattend.old domainJoinStr="<JoinDomain></JoinDomain>\n\t\t<MachineObjectOU></MachineObjectOU>\n\t\t<Credentials>\n\t\t\t<Domain></Domain>\n\t\t\t<Password></Password>\n\t\t\t<Username></Username>\n\t\t</Credentials>" echo -en "\n\nInjecting Unattend Join fields into unattend for Dynamic update....\n" echo -en "\n\nInjecting Unattend Join fields into unattend for Dynamic update....\n" >> $updateUnattendLog # get the value of the workgroup to set as the netbios domain for the domain login netbiosdomain=`sed -n '/JoinWorkgroup/{s/.*<JoinWorkgroup>//;s/<\/JoinWorkgroup.*//;p;}' $unattend` #replace the workgroup join string with the domain tags to be updated sed -i -e "s|<JoinWorkgroup>${netbiosdomain}</JoinWorkgroup>|${domainJoinStr}|g" $unattend >/dev/null 2>&1 echo -en "\n\nSetting Dynamic Unattend fields - \n\nComputer Name: ${hostname}\nJoining Domain: ${addomain}\nWill be in OU: ${adou}\n" echo -en "\n\nSetting Dynamic Unattend fields - \n\nComputer Name: ${hostname}\nJoining Domain: ${addomain}\nWill be in OU: ${adou}\n" >> $updateUnattendLog sed -i \ -e "s|<ComputerName></ComputerName>|<ComputerName>${hostname}</ComputerName>|g" \ -e "s|<Name>\*</Name>|<Name>${hostname}</Name>|g" \ -e "s|<Password></Password>|<Password>${adpass}</Password>|g" \ -e "s|<Username></Username>|<Username>${aduser}</Username>|g" \ -e "s|<Domain></Domain>|<Domain>${netbiosdomain}</Domain>|g" \ -e "s|<MachineObjectOU></MachineObjectOU>|<MachineObjectOU>${adou}</MachineObjectOU>|g" \ -e "s|<JoinDomain></JoinDomain>|<JoinDomain>${addomain}</JoinDomain>|g" $unattend >/dev/null 2>&1 if [[ ! $? -eq 0 ]]; then echo -en "\n\nFailed to update user, pass, ou, and domain setter, set just computername and deviceform instead and using simplified unattend file\n" echo -en "\n\nFailed to update user, pass, ou, and domain setter, set just computername and deviceform instead and using simplified unattend file\n" >> $updateUnattendLog echo -en "\n\Restoring unattend file from before domain join attempt\n" echo -en "\n\Restoring unattend file from before domain join attempt\n" >> $updateUnattendLog mv $unattend.old $unattend -f echo -en "\n\nSetting Dynamic Unattend fields - \n\nDeviceForm: ${DeviceForm}\nComputer Name: ${hostname}" echo -en "\n\nSetting Dynamic Unattend fields - \n\nDeviceForm: ${DeviceForm}\nComputer Name: ${hostname}" >> $updateUnattendLog debugPause sed -i \ -e "s|<ComputerName></ComputerName>|<ComputerName>${hostname}</ComputerName>|g" \ -e "s|<Name>\*</Name>|<Name>${hostname}</Name>|g" $unattend >/dev/null 2>&1 if [[ ! $? -eq 0 ]]; then echo -en "\nFailed again after using failsafe unattend\n" echo -en "\nFailed again after using failsafe unattend\n" >> $updateUnattendLog debugPause handleError "Failed to update user, pass, ou, and domain setter and then failed the failsafe with no domain" fi else echo -en "\n\nRemoving Workgroup join section and backup unattend as adding domain join was a success...\n" echo -en "\n\nRemoving Workgroup join section and backup unattend as adding domain join was a success...\n" >> $updateUnattendLog rm -f $unattend.old sed -i "/<JoinWorkgroup>/d" $unattend >/dev/null 2>&1 sed -i "/<MachinePassword>/d" $unattend >/dev/null 2>&1 if [[ ! $? -eq 0 ]]; then echo "Failed" debugPause handleError "Failed to remove the Workgroup setter" fi fi echo -en "\n\nDone updating $unattend\n" echo -en "\n\nDone updating $unattend\n" >> $updateUnattendLog debugPause else echo -en "\n\nNo domain to join variable present, just setting deviceform and computer name and using simplified unattend file\n" echo -en "\n\nNo domain to join variable present, just setting deviceform and computer name and using simplified unattend file\n" >> $updateUnattendLog echo -en "\n\nSetting Dynamic Unattend fields - \n\nDeviceForm: ${DeviceForm}\nComputer Name: ${hostname}" echo -en "\n\nSetting Dynamic Unattend fields - \n\nDeviceForm: ${DeviceForm}\nComputer Name: ${hostname}" >> $updateUnattendLog debugPause sed -i \ -e "s|<ComputerName></ComputerName>|<ComputerName>${hostname}</ComputerName>|g" \ -e "s|<Name>\*</Name>|<Name>${hostname}</Name>|g" $unattend >/dev/null 2>&1 if [[ ! $? -eq 0 ]]; then echo "Failed" debugPause handleError "Failed to set workgroup join fields" fi fi done -
RE: 1.6.0-alpha.1377 not showing available images on hostposted in Bug Reports
@Tom-Elliott @sideone @MatMurdock
I can confirm this is fixed in the latest
-
RE: 1.6.0-alpha.1377 not showing available images on hostposted in Bug Reports
@sideone @MatMurdock @Tom-Elliott
I just tested this and I’m getting the same thing too. This was working previously, we’ll work it out. -
RE: 1.6.0-alpha.1377 not showing available images on hostposted in Bug Reports
First I would ask you to check the php error log
cat /var/log/php-fpm/www-error.log
And post any relevant errors or warnings occurring at the same time this happens.Then 2 things I would try
I’d start with trying ipxe.efi instead of snponly.efi. I don’t remember if the kernel is loaded at that point so a different pxe boot file could help.
The other thing to do is update the kernel and Init to the latest “experimental” versions. There’s a wizard to do it in the gui for both under the configuration menu. Then give it another go.
-
RE: Restrict access to web management UI?posted in General Problems
@fogcloud Pxe boot has to get to the boot.php file. It does this over port 80 or 443 if you have https enforced. When you enforce https ipxe is compiled with the fog ca and the certificate generated by said ca as trusted certs within your local version of ipxe.
I’m not quite sure what you mean by restricting access only to the web UI. Do you mean close all other ports? Because that will likely break tftp and nfs as they use other ports and imaging and pxe boot will be broken. ipxe itself will be fine if you’ve booted to it outside of native pxe boot where the ipxe boot file (i.e. ipxe.efi or snponly.efi) is downloaded via tftp. ipxe then downloads the boot.php file from the fog web server and boots to it to get to the fog pxe menu. -
RE: Group Management Settings not savingposted in FOG Problems
@MatMurdock You can also do a full host registration and that allows you to set the group and the snapin associations at registration and kick off the image from there.
I use the API powershell module (see my signature) and have created custom functions and powershell tools to manage most my assignments. That takes a bit more work to get setup at scale but gives you more customization options.
Starting fresh, well depends on how fresh, the best answer depends on how you’re going to use Fog. Like if these are all brand new computers that aren’t in any other system yet, then doing quick reg on them all might be best.
I myself do full registration and inventory for new hosts. If all your computers already exist on the network or in Active Directory you could get the host information and import. Many moons ago I made this host scanner example https://forums.fogproject.org/topic/9560/creating-a-csv-host-import-from-a-network-scan?_=1721413305258 that will create a csv of all hosts and their macs on your network in the provided subnets.
If you can get them all in before hand, then mass-setting the snapins would be much easier.