- 1 Managing FOG
- 1.1 Dashboard
- 1.2 Hosts
- 1.2.1 Adding a new host
- 1.2.2 Managing Hosts
- 1.3 Groups
- 1.4 Images
- 1.5 Storage Management
- 1.6 Users
- 1.7 Tasks
- 1.7.1 Overview
- 1.7.2 General Tasks
- 1.7.3 Advanced Tasks
- 22.214.171.124 Debug
- 126.96.36.199 Capture - Unicast (Debug)
- 188.8.131.52 Send - Unicast (Debug)
- 184.108.40.206 Send - Unicast (Without Snapins)
- 220.127.116.11 Deploy All Snapins
- 18.104.22.168 Deploy Single Snapin
- 22.214.171.124 Memory Test
- 126.96.36.199 Wake Up
- 188.8.131.52 Fast Wipe
- 184.108.40.206 Normal Wipe
- 220.127.116.11 Full Wipe
- 18.104.22.168 Disk Surface Test
- 22.214.171.124 File Recovery
- 126.96.36.199 Virus Scan
- 188.8.131.52 Hardware Inventory
- 1.7.4 Scheduling
- 1.8 Setting up Printers With Fog Printer Management
- 1.9 The FOG Client Service
- 1.9.1 Overview
- 1.9.2 Module specific configuration settings
- 1.9.3 Installation
- 1.9.4 Functions and Operation
- 1.9.5 Keeping Clients up to date
- 1.9.6 FOG Tray
- 1.9.7 Troubleshooting
- 1.10 Snap-ins
- 1.10.1 Overview
- 1.10.2 Creating a Snapin / Overview
- 1.10.3 Preparing the FOG Server
- 1.10.4 Uploading the Snapin
- 1.10.5 Linking the Snapin to Hosts
- 1.11 Client Side Tasks
- 1.12 Active Directory Integration
- 1.13 FOG Reports
- 1.14 Plugins
- 1.15 Other Settings
- 1.16 Mobile Management Interface
- The FOG dashboard is the first page you are presented with after login. This page just gives you an overview of what is happening on your FOG server.
- The system overview box is the the top left hand box on this page. The information presented in this box is the current user, the server IP addresse or hostnames for your web server, tftp server and storage server (which can all be different). This section also gives you the system uptime or how long the system has been running without restart, the number of users logged into the Linux box, and lastly the system load.
- The system activity box is in the top row, the middle box. This section shows the unicast queue, or the number of unicast deploys that are currently in progress. The queue size can change and is based on the the Storage Group(s). Each storage node has a setting Max Clients making this the maximum number of hosts that this node can image to. If there are 2 nodes with a max of 10 each then your maximum queue amount is 20. However, remember the more you increase the Max Clients the slower each particular host will be to deploy the image.
- This means that after 20 hosts are receiving images (at once) the 21st will wait for one of the hosts in progress to complete before starting. The reason this was created was so that you could queue up 100 machines with different images (all unicast) and still keep the system functional. We have heard of this queue being used to re-image an entire building of computers ( ~ 1000+ ) overnight. This section updates in real time.
- It will display all the queued, running, etc... tasks and updates at the same interval as the Bandwidth graph. Also, SVN installations (and later future releases) are able to edit which type of tasks get counted towards the "queue".
- This edit can be performed by going to FOG Configuration--> FOG Settings--> General Settings --> FOG_USED_TASKS.
- The text field is numeric values (so you'll need to know which task id's are which type. This text field is a CSV setup. If you type (1,2,3,4,5) it will display all tasks of Deploy, Capture, Debug, Memtest, and Testdisk as queued/active depending on their current state. The exception to this rule, is Task Type ID 8 (multicast) in which case it takes the Jobs, not each individual host task, as a queued slot.
- The disk information box is the top, right hand section of the dashboard page. This is a semi-realtime display of the storage remaining on the storage server.
- There is also a drop-down box that can be changed to your storage nodes to monitor their Disk Information.
- If you get an error in this box, please see Dashboard Error: Permission denied...
30 Day Imaging History
- This image shows your imaging trends for the past 30 days
This menu appears at the top of every page on Fog's web UI. The icons are, from left to right:
User Management - Individual administrators of the FOG resources.
Host Management - This section houses the hosts, which are the pcs to be imaged or to extract images from.
Group Management - This section houses groups, which are similar PCS’ that need tasks done en-masse.
Image Management - This section allows you to manage the image files stored on the FOG server.
Storage Management - This section allows you to add/remove storage nodes from the FOG system.
Snap-in Management - This section provides ways to automate various post-imaging tasks, not covered in this document
Printer Management' - This section allows for management of printers, allowing you create printer objects that can later be assigned to hosts or groups.
Task Management - This section allow you to perform imaging tasks such as acquiring or deploying images.
Report Management - Reports let you pull information from the FOG database either as HTML, pdf, or csv.
Plugins - Plugins add more functionality to FOG. Must be enabled in Fog Configuration
- Video Tutorial (old version but valid instructions)
- A host in FOG is typically a computer, but it can be any network device. Hosts are used to identify a computer on the network and are used to manage the device.
Adding a new host
Method 1: Adding a new host via Full Registration
- This is the preferred method, and maybe the easiest method for getting a host into the FOG database, but it requires you to visit the host. When at the client computer, during the boot up process when you see the PXE/iPXE boot menu select Perform Full Host Registration and Inventory. During this phase you will be prompted for information about the host like hostname, operation system, image, groups, Product Key, and other information. If you enter a valid operating system and image id, you will be asked to Image Now. If desired, you can set the task and it will deploy the image on the next network boot.
- After the requested information is entered, FOG will pull a quick hardware inventory the client.
- This method of registration will register the mac address(primary wired only), serial number(if available in BIOS), Make/Model, and other Hardware information with the FOG server.
- For more information on these commands please see: Client Side Tasks
Method 2: Adding a new host via Quick Registration
- Quick registration is very much like the Full host registration, with the exception that it will not prompt you for any input, nor give you the option to image the computer directly from the registration screen. When the host is added to the FOG server, it will be named with the hosts primary mac address. This method is great for adding a lab of 30 computers to FOG quickly and easily.
- This feature is disabled by default, to enable this feature:
- Go to FOG Configuration
- Select FOG Settings
- Find section FOG Quick Registration
- Tick ON FOG_QUICKREG_AUTOPOP to ✔
- Set FOG_QUICKREG_IMG_ID to the image ID you would like to use for all newly created hosts.
- FOG_QUICKREG_OS_ID will be auto populated when "Save Changes" is selected. (OS is now associated within the image so no need to select an OS)
- Change FOG_QUICKREG_SYS_NAME to what you would like to name you new machines, where * will be replaced by a number. If you would like to zero pad numbers you can use LAB300-** which would result with LAB300-03 or LAB300-09.
- Set FOG_QUICKREG_SYS_NUMBER to the first number you would like to use.
- After each registration the computer will automatically image and the FOG_QUICKREG_SYS_NUMBER will incremented by 1.
Method 3: Manually Adding
- Video Tutorial
- Adding a new host can be done in the hosts section of FOG. Then by clicking on the "Add New Host" button on the left hand menu. At least a hostname and a MAC address must be entered in order to add the host to the FOG database.
- A host consists of the required* fields:
- Hostname* - A string used for the Windows Hostname of client, this must be less than 15 characters long.
- MAC address* - This field is used in for for a unique identifier for the host. The string must be separated by : (colon), in the format of 00:11:22:33:44:55.
- Hosts can also include, but are not required:
- IP address - Just your typical IP address, in the typical formation of X.X.X.X or 192.168.1.1.
- Description - Information for your own reference.
- Image Association - This field is a drop down box that will allow you select an image object created in the Images section.
- Operating System - Drop down box that allow you to select the primary type of operating system running on this host.
- Kernel - This is only used if you want to overwrite the default kernel used for FOG. Needs to be specified as fog/kernel/mybzImage
- Kernel Arguments - This allow you to add additional kernel arguments for booting the host (ie: vga=6, or irqpoll).
- Primary Disk - This option allows you to force a device to use during imaging if fog fails to detect the correct device node.
- This page also allows for configuration of Active Directory integration, but this topic will be covered later. When all settings are added, click on the "Add" button.
Method 4: Importing Host Information
- When getting started with FOG, you need to enter the host information for the devices on your network. We understand this can be a long difficult process, so in order to make this process easier we created a page that allows you to import most of the host information from a CSV file.
- The CSV file that is imported to FOG must be in the following format, and the file should not have a header row.
MAC Address,Host name,IP Address,Description,OSID,ImageID
- The MAC Address (required*) is the NIC's MAC address seperated by : (colon).
- The Host name (required*) is the computer's Host name (must be less than 15 characters, should not include underscores, according to | Network Working Group ).
- The IP Address (Can be left as blank)is the computer's IP address (format x.x.x.x). This field is NOT currently used by FOG
- The 'Description (Can be left as blank)is any text description you would like associated with the computer.
- The OSID (required*)is the number representing the operating system. It can be found in the table "supportedOS" in the field osID.
- The ImageID(required*) is the number representing the images file linked to this image. The image definition must already exist and this number can be found in the table "images" in the field imageID.
- The file must be saved as a CSV without a header row.
00:00:02:AF:00:E0:01:0F,adminoff1,10.0.1.150,Main admin office computer,5,14 00:00:02:AF:00:E0:01:04,adminoff2,,admin office 2 computer,5,13 00:00:02:AF:00:E0:01:02,adminoff3,,,5,12
Importing the File
- After the file is prepared and saved, you will need to log into the FOG Management Portal.
- Then click on the Hosts icon .
- On the left-hand menu, click on Import Hosts.
- Browse for your file, then click "Upload CSV".
- Once hosts have been added to the FOG database you can modify or delete them. Finding a host which you wish to edit can be done in two ways, the first is by listing all the hosts that exist. This is done by clicking on the "List All Hosts" button. The second way to locate a host is to use the search function. To search for hosts click on the "New Search" button, if you would like to search for all hosts you can enter a "*" or "%". The search function will search in the host's name, description, IP and MAC address.
- Once a host is located, it can be edited by clicking on the edit button or on the Host Name itself. Clicking on the edit button will display all the properties that were shown during host creation with the addition of snapin, printers, active directory, service settings, hardware, virus history, and login information.
- The entire host object can be removed from the FOG system by clicking on the delete option at the bottom of the Host Menu.
Multiple MAC Address Support
- When FOG first registers your HOST computer it uses the first connected Ethernet cable and defaults it to the Primary MAC Address. Once the FOG Client is installed and reporting data back to the FOG server it may register other additional MAC addresses, such as wireless and other wired connections. Also, an additional MAC can also be added directly under the Host definition.
- These new MAC Addresses will need to be approved before FOG will take advantage of them.
- Fog Configuration--> MAC Address List At this location you can also "Update Current Listings" giving updated information on the MAC Addresses and their manufactures, listing it under the Host.
- Host Status displays an indicator icon next to the host within the FOG UI showing the status of the machine. This function executes a ping based on the host's name. So in order for this to work you must have an internal DNS server that is tied in with your DHCP server, so that when a DHCP address is given out, the DNS server is notified with the new IP. If that is setup correctly, you must make sure your FOG server is able to ping a host from the command line using:
- If the server isn't able to ping the client, then the status of the host in the UI with always show as unreachable. If you can ping the client using the FQDN, like
#Replace forproject.org with your domain suffix ping somehostname.fogproject.org
- Then you will need to adjust the DNS Search domains: setting on your sever. After making this change you will need to restart the apache server for it to take affect.
- If after this, you still can't ping your clients, the problem may be due to a firewall issue with the clients. In this case, client specific configuration changes might be needed.
- With an increase in Hosts(250+) this "ping" will delay the loading of the List All Hosts page. Disabling this feature will help in loading this page.
Creating Host Groups
- FOG allows you to create groups of hosts which then allows you to take action on a whole grouping of hosts. Hosts can be created either on the "List All Hosts" section or by doing a search for hosts. To create a group select the computer you would like to be member of the group by placing a check in the box next to the hostname, or by clicking the check all button in the title row. After the hosts are selected scroll to the bottom of the screen and then enter a name in the create to group box or select a group to add the hosts to. Then click on the "Process Group Changes" button.
- Groups in FOG are used to organize your hosts into real world logical clusters. This is intended to ease management of the computers. A single host can be a member of infinitely many groups, so if a computer happens to be a member of the group called "Third Floor", it could also be a member of "Math Department", or "Dell PCs." Groups make using FOG possible for organizations with a very large number of PC's.
- Groups are created in two sections:
- Group Management --> Create New Group
- Hosts section of FOG based on searches, for information on how to create groups, please see Creating Host Groups.
- After a group has been created, it can be managed from the groups section of FOG. Locating groups is very similar to locating hosts, you can either list all groups or you can search for groups. When searching for groups your search criteria is matched against the group name or the group description. Once a group is located it can be modified by clicking on the "Edit" button on the right hand side of the table or the Title of the group itself.
- Under the section "Modify Group [Groupname]" there are options to change the group name, group description, group product key, or to delete the group. If you wish to update the group name or the group description make your change then click on the "Update" button within that section. If you would like to remove the group then simply click on the "Delete" button within this section.
- As a reminder, when saving or updating settings for hosts Fog uses the last to save option. If you set all the hosts in this group to have Image A and then change Host A in that group to be Image B. The group settings will not override the settings for Host A, unless you go back to the group and set all hosts back to Image A.
Group Basic Tasks
- This section will allow you to start a task on this group of hosts. From this section you can start any task to all hosts within the group. Multi-Cast is also available from here. Please review Fundamental Concepts to determine the required deploy task.
Group Membership Setup
- This page allows you to view/add/delete membership of the group. This section will list all of the members of the group and give you the option to remove members from the group.
Group Image Associations
- The groups page also allows you to update the image association for all the members of the group. This can be done in the "Image Association for [groupname]" section. Select the image association from the drop-down box and select "Update Images" and then all your host objects for that group will be modified.
- You can add or remove snapins to all hosts in a group, but because the nature of groups, it is not possible to see what snapins are currently associated with a group. This is because the snapins are not directly associated with the group, the are associated with the host and it is possible for all members of the groups to have different snapins linked with each host. What fog does allow you to do is batch add a snapin to all the hosts within a group. At the same time you can batch remove a snapin from all the hosts within a group. This functions can be done via the Add Snapins and Remove Snapins button in the Group Menu.
Group Service Settings
- The Service Settings page allows you to enable or disable certain service modules on all hosts in the group, as well as change some service settings for group such as screen resolution, and auto log off settings.
Group Active Directory Setup
- Active Directory integration settings can also be distributed to all members of a group via this page. The section "Modify AD information for [groupname]" allows you to do so. This section provides the same options as the host screen but allows you to mass update all of your hosts.
- The Printers page allows you to add or remove printer associations to all hosts within the group. This page also allows you to set the management level all hosts within the group.
Group Membership Information
- The most important thing to remember about groups in FOG is that they do not contain their own properties. When you make changes to a group, you are really make changes to every host object within the group. For example, if you change the OS association for a group, then go back to the one of the host objects that is a member of that group, it will have the new OS association on that object.
- Image objects in FOG are the representation of the physical files that contain the disk or partition images that are saved on the FOG server.
Creating Images Objects
- Image objects in FOG are created in the Images section of the FOG management portal. To create a new image click on the "New Image" button on the left hand menu. An image object requires a name and a image file path.
- When creating images you have a few choices in how you want that image to 'act'. The possible partition types include:
Single Disk - Resizable Multiple Partition Image - Single Disk (Not Resizable) Multiple Partition Image - All Disks (Not Resizable) Raw Image (Sector By Sector, DD, Slow)
- Single Disk - Resizable
This is the detault choice used by FOG as it works in most cases and allows for deployment to smaller size disks as well. It takes a copy of every partition on the disk, and resizes partitions that has excessive free space to a smaller size where possible. Each resizable partition will go through a "Resizing filesystem" process for each partition that is to be resized. This process can take some time depending on how severe disk fragmentation is. The partitions that are shrank will be shrunk down to only 2GB of free space on their partition. This allows an image taken from a 6TB drive with only 20GB of used space to be deployable to a drive with a total capacity of 25GB roughly. When the partitions are laid onto the destination drive, all resized partitions are intelligently expanded to utilize the entire drive.
- Multiple Partition Image - Single Disk (Not Resizable)
If you don't need to deploy to a smaller size disk you might consider using this image type as it's less likely to cause an issue and image size on the server is still as small as with resizable image type. Single Disk will back up all the supported partitions on the first disk drive detected by FOG, but the partitions are NOT resized by FOG. This means that the image must be restored to a disk of the same or larger capacity. It is possible to backup NTFS drives with vendor specific 'restore' partitions with this type of image. As well it is possible to capture Linux systems with this type of image given the following criteria:
1.) There is a Grub boot loader present. 2.) LVM is not used. 3.) The partitions include ext2, ext3, ext4, reiserfs, and/or swap. 4.) The swap partition should be moved out of the extended partition
- Multiple Partition Image - All Disks (Not Resizable)
This is what you should pick when you want all partitions from multiple disks to be captured. The partitions are NOT resizable by FOG. If you only wanted a particular partition captured or drive captured in a multi-drive system, you can define the disk or partition you want within a "Single Disk - Resizable" or "Multiple Partition Image - Single Disk (Not Resizable)" type image. This is done through the host's "General" area, in the "Host Primary Disk" field.
- Raw Image (Sector By Sector, DD, Slow)
This should always be the last resort. This takes an absolute exact copy of an entire disk and does not compress the data. If you take an image from a 6TB disk, the resultant image will be 6TB in size. This image type also takes a significant amount of time to capture and deploy.
All of these images can be deployed using multi-cast or unicast to clients.
Adding Existing Image Objects
- To restore an image to the FOG database:
- Create a new Image definition through the management browser
- Specify image name (SampleXPImage)
- Specify storage group (default)
- Specify image file path (SampleXPImage)
- Specify image type
- Log into the box hosting FOG, and move/rename your image to match browser input
- Create hierarchy if necessary. FOG, by default, puts images in /images/, so for the above example, you would need to create a folder structure like so: /images/SampleXPImage
- Drop your image file into the folder (be sure it's named the same as image name above)
- The Storage Manager introduces the concept of Storage Groups. Basically, a storage group is a group of NFS servers that share images and share the load of computers being imaged. Any member of a storage group is referred to as a Storage Node. You may have as many storage groups as you wish and as many storage nodes within those groups as you wish. In each storage group, there is one storage node which is designated as the Master of that group. Basically, this Master node is the node where all image captures go, this node handles multicasting tasks for the group, and is the image replicator the for the group. This means that whatever images are stored on this node are what gets distributed to the entire group.
- What this new system of storage management gives us is a distributed model for FOG which allows for more unicast transfers at a single time. We also gain data redundancy. We also take stress off of the main FOG server.
- Below is a brief overview of Storage Groups
- This image shows a single Storage Group and the flow of data within the group. The queue size of the system is the sum of the queue size of all the storage nodes within the system. So if you have 4 nodes each with a queue size of 10, then the queue size of the system is 40, which means 40 clients can be imaged (unicast) at one time.
- This image shows that it is possible to have multiple storage groups on your network, which are isolated from each other. This image also demonstrates, that captures always go to the master node and multicast session always send data from the master node. Images are pushed out from the master node of the group to all other members of the group.
- Key Benefits
- Increased throughput
- Redundant Storage
- Also see Storage Nodes for tutorials.
Adding a Storage Node
- Definition: Storage Nodes provide extra NFS/FTP storage space which increases available throughput and redundancy within a network. They do not provide PXE, TFTP, or DHCP services at secondary sites. To enable additional PXE and TFTP services at secondary sites see this section: #Including multiple PXE / TFTP servers
- Video Tutorial: http://www.youtube.com/watch?v=X72WthDGwsw&fmt=18 (old video but still valid infomation)
- To add an additional storage node to the network, the computer should be prepared in the same way the main FOG server would be prepared (disable firewall, SELinux, etc). You can also safely mix operating systems for the nodes of you storage group, some nodes can be running fedora, and some can be running Ubuntu. It is important to update your storage nodes when you upgrade to a new version of FOG. Installation of a storage node is done with the same installer for a normal FOG server. Installation can be started by running the installer script, the steps are detailed below.
- Surprisingly enough some users have actually gotten a Windows Storage node to work properly. See Windows_Storage_Node for more information on this.
Installing the Node
- To Install a node:
- Run the installation script, ./installfog.sh
- Select your operating system.
- When prompted for Server Installation Mode, select S, for storage node.
- Enter the IP address of the storage node.
- Confirm you interface
- Then you will need to enter the IP address or host name of the node running the FOG database
- Then you will be prompted for a username (typically fogstorage)
- and a password that is located on the FOG server, that will allow the storage node to access the main FOG server's database. This information is located in the FOG management portal for convenience (on the main for server). It can be accessed via Other Information -> FOG settings -> section FOG Storage Nodes.
- You will then be prompted to confirm your installation settings, if they are correct press Y end hit Enter.
- When installation completes, the install will produce a username and password that will be needed to add the storage node to the FOG management portal. Username is "fog", password is in /opt/fog/.fogsettings
Adding the Node to the Management Portal
- To Add a Node
- Log into the FOG Management Portal
- Navigate to the Storage Management section.
- Click on Add Storage Nodes.
- For the Storage Node Name, enter any alpha numeric string to represent the storage node.
- Enter any description you wish
- Enter the IP address of the storage node you are adding. This must be the IP address of the node, DO NOT use a hostname here or the node will not function correctly.
- Enter the maximum number of unicast clients you would like this node to handle at one time. The value that we recommend is 10.
- Is Master Node is a very dangerous settings, but for right now leave it unchecked, for more details please see: #Master Node Status.
- Next, select the storage group you would like this member to be a part of, in our example we will pick Default
- Next, specify the image location on the storage node, typically /images/, your image location should always end with a /.
- Next, you will want to check the box, to enable the node.
- The last two fields take the username and password that are generated during the installation of the storage node. username is "fog", password is in /opt/fog/.fogsettings
- Then click Add to have the node join the storage group.
Monitoring The Master Node
- On all storage nodes there is a new service (as of version 0.24) called FOGImageReplicator which is a very basic script which, if the node is the master, copies all of its images to all other nodes in the storage group. The coping is done every ten minutes by default, which means your images are NOT instantly duplicated to all nodes.
- If you would like to view the status of the image replication, you can do so on the storage node by switching to tty3, by typing ctl + alt + f3. Output is also logged to a file in the /opt/fog/log directory.
- FOGImageReplicator logs are also located in Fog Configuration --> Log Viewer --> FILE: [Select Image Replicator]
Master Node Status
- The Master Node (could be the server or a particular node) in a storage group is the node that distributes images files to all other nodes in the storage group.
- If you have all your images distributed across 3 nodes in a storage group, if you add a new storage node that has no images stored on it, making that node master will cause it to take over and push it's image store of nothing to all other nodes, wiping out all of your images. So it is important to be very careful and backup your images when you change a node's master status.
- Notes - You can have many storage nodes in a storage group. You can have one master storage node in a storage group. You can not have more than one master storage node in a storage group. You must have one master storage node for replication to take place to other nodes in the group. If a master storage node is set, all captures first go to the master storage node of the storage group the image is assigned to; and are then replicated to other storage nodes.
Including multiple PXE / TFTP servers
- A traditional Master Storage Node, as described above only provides File Storage redundancy. While this can help increase multicast throughput on a single network, all the machines under FOG management must be within the same subnet/VLAN so that DHCP broadcast requests can be directed to the Main server. (see note below)
'''Note:''' depending on the network, it may be possible to configure [http://en.wikipedia.org/wiki/UDP_Helper_Address iphelper] to forward packets to the Main FOG server
- The following instructions are intended to help configure additional Storage Nodes to operate independently on separate networks, while still syncing with and taking commands from a single Main FOG server.
- Click here for instructions on setting up multiple PXE / TFTP servers
- FOG has only two levels of users, regular users and mobile users. Regular users have access to the mobile portal and the full management portal. Mobile users have access to only the mobile management portal and Quick Image functions.
- All accounts are created under the "Users" section of the FOG portal. To create a new account click on the "New User" button on the left hand side of the page. All accounts must have a unique username, and a password. After filling in the required information click on the "Create User" button.
- FOG accounts can be modified from within the users section. First you must locate the account you wish to modify by clicking on the "List all Users" button on the left hand side of the page. When a user is located, click on the edit button on the right hand side of the table.
- Tasks are all the actions that you can take on a computer, and in FOG there a numerous tasks that can be done including:
- Deploy (Unicast)
- Capture (Unicast)
- Deploy - Multicast
- Memory Test
- Test Disk
- Disk Surface Test
- Recover (File Recovery)
- Hardware Inventory
- Password Reset
- Deploy All Snapins
- Deploy Single Snapin
- Deploy - Debug (Unicast)
- Capture - Debug (Unicast)
- Deploy - Without Snapins (Unicast)
- Fast Wipe
- Normal Wipe
- Full Wipe
- Virus Scan
- Virus Scan - Quarantine
In the tasks section of FOG you can perform tasks on single hosts or groups of hosts. This section also allows you to monitor selective tasks, and stop/cancel tasks.
The general/common Tasks in FOG include unicast image capture, and unicast image send, as well as a multicast image send. In FOG, sending an image to the server is considered an image capture, and deploying an image to the client is called a send. Both of these tasks can be started directly from the search, list all hosts, and list all groups pages.
To perform a simple image capture, click on the upward facing arrow next to the host. Captures are only possible on a host, not a group. Capturing an image will also overwrite any image file that may already exist for that host without any notification or confirmation.
Please note that capturing images of Windows Vista and Windows 7 requires special command to be run on the clients prior to image capture. Please see What do I have to do to an image before capturing? for more details.
For a video demonstration of an image capture, please see: http://www.youtube.com/watch?v=jPPZr0abVfg&fmt=18
To perform a simple image send, click on the downward facing arrow next to the host. An image send can be done on a host or a group. When sending an image to multiple computers FOG works in queue mode, which means that it will only send to 10 (by default) computers at one time. This is done to keep the server from being overworked. As soon as the a machine finishes, another from the queue joins.
To perform a multicast image send you must search for a group of hosts on the "Task Management" page. Multicast tasks can only be performed on a group of hosts. Multicast tasks will send to all the computers in the group at once, and the task will not start sending until all members of the group have connected with the server. After starting a multicast task, status can be view by clicking on [ctl]+[alt]+f2. A log is also kept for multicast transfers which is stored at /opt/fog/log.
The advanced Tasks in FOG include everything that is not a simple capture, simple deploy or mutlicast deploy.
Debug mode boots the linux image to a bash prompt and allows the user to issue all commands by hand.
Capture - Unicast (Debug)
Does the same thing that debug mode does, with the exception that the environment is setup to capture the image. To start the imaging process just type:
Send - Unicast (Debug)
Does the same thing that debug mode does, with the exception that the environment is setup to send the image. To start the imaging process just type:
Send - Unicast (Without Snapins)
This task does a normal send task with the exception that if any snapins are associated with the host, they are not deployed to the host.
Deploy All Snapins
This task will send all the snapins associated with a host to the host without imaging it.
Deploy Single Snapin
This task will send a single snapin that is associated with the host to the host without imaging it. (Note: The snapin must be associated with the host already)
Boots to Memtest86, a memory testing tool. This a task will not exit with out user intervention at the client side. The task must also be manually stopped via the management front end.
Wakes up host or group of hosts using Wake-on-Lan.
This task does a quick and dirty wipe of the drive. This task writes zeros to the first ~40MB of the disk. This task should NOT be used if you don't want your data to be recoverable.
This tasks writes random data to the entire surface area of the disk.
This tasks writes random data, multiple times to the entire surface of the disk.
Disk Surface Test
This task will look for bad blocks on the hard disk and report them back to the client console.
This task will load an application that can be used to recover lost files from the hard disk.
This task will update and load ClamAV and scan the partition for viruses. It will either scan and report or scan and quarantine files, it will also report back to the management portal with the results of the scan.
The hardware inventory task will execute the same task as the fog.reginput client side task. Since the host is already registered, all it will do is update the computers inventory and restart. It is visioned that this task could be run on a regular interval on a group of all computers in your network, or some sub group of computers in your network. Then on the next reboot of those computers an inventory would be performed.
As of version 0.27 of FOG, select tasks can be scheduled using a static date/time combination or using a cron style repetitive task scheduling. Task scheduling can be performed on either single hosts, or on groups of computers. One thing to note about task scheduling that isn't intuitive is that it requires an image to be associated with the host, even for non-image based tasks! The reason for this is because tasks are only run on the master storage node associated with that host, and the only way to tie a storage node to a host is via an image. We did this to prevent multiple storage nodes to try running the same task for a specific host.
Single Execution Scheduling
Single task execution will run a task at a single date and time, then the task will be discarded. To scheduled a single execution task, you would go to the tasks section of fog, then select the host or group you would like to schedule the task, then select the task you would like to schedule. You will then be presented with the screen show below.
To schedule a single execution task, click on white text box below "Schedule Single Task Execution?" and a pop up calendar will load and allow you to select your date and time for the task. Click on the date to close the calendar, then start you task.
Cron Style Task Scheduling
Cron style task execution allows you to do complex repetitive task scheduling. After a cron task executes, it is not removed, as single executions tasks are. Cron style tasks, as the name suggests are similar to the Linux cron task scheduler format. Cron style tasks are created as single execution tasks are, except when presented with scheduling options, select the option "Schedule Cron Style Task Execution". Below that check box are a series of text boxes including:
min -> Minute [00-59] hour -> Hour [00-23] dom -> Day of Month [01-31] month -> Month [01-12] dow -> Day of Week [01-07] (Sunday ==> 0, Saturday ==> 6)
To give an example of how this works, if you wanted a capture task to run at 10:00pm everyday you would enter the following:
0 22 * * *
This basically says run the task a 0 minutes into the hour, on the 22nd hour (10:00pm), on every day of the month, on every month of the year, on every day of the week.
To take this example further, lets say you only wanted to capture the image every other day, we could do this by adding:
0 22 */2 * *
The */2 now tells the scheduler to only run on even days of the month.
We could even ask the scheduler to only do a backup on even weekdays by adding:
0 22 */2 * 1-5
The 1-5 we just added says only run on days 1 through 5, which relate to Monday - Friday.
Now we will ask the scheduler to only backup in the month of February.
0 22 */2 2 1-5
Another basic example could be if you wanted to run an inventory update on the first of every month you could use:
30 1 1 * *
This task would then run at 1:30 on the 1st of every month.
The FOG scheduler doesn't support 100% of the operations that cron supports, below are the operations that are supported:
4 - Listing a static number 4,5,6,7 - Listing a group of numbers 4-7 - ranges of numbers 4-7,10 - ranges and lists */5 - * divided by a number * - Wildcard
For more information on cron please see http://en.wikipedia.org/wiki/Cron
Setting up Printers With Fog Printer Management
Relates to FOG Version 0.12 or higher.
Setting of the default printer will only work if the fog tray icon is running.
The printers section of FOG allows you to create printer definitions that you can later associate with hosts. The FOG service looks at these associations and during service it will attempt to install any printers listed. This service has three settings which define how the printers are managed, printer management can be set to:
- No Printer Management
- Add Only
- Add and Remove
All hosts default to No Printer Management which means that the FOG service does nothing to the hosts printers. Add Only does as the name implies, and will only add printers to the host machine, it will not remove any existing printers that may be installed. Add and Remove will take full control of the hosts printing system and only allow for the printers that are specified by the FOG management console to exist on the host.
Adding New Printers
In order for the printer to be added to the host computer, the printer drivers must be stored in a public area, or included on the host computer. This public area can be a Novell Network share where public has read-only access, a Windows share that is public read-only to everyone, or a Samba share (possibly residing on the FOG server) that is public read-only to everyone. This share must be accessible via a UNC path as the service may attempt to install the printers before drive mapping occurs. In this share the printer drives and .inf file must exist. FOG supports install IP based (Jet-Direct) printers, public access NDS printers, Local printers, windows share based printers, (and we think, but could use a confirmation as it hasn't been tested) AD based printers.
If you wish to see what printers are included with Windows XP, navigate to c:\windows\inf\ntprint.inf. Open this file with a text editor and you will be able to install all the printers listed using the ntprint.inf file.
To create a new printer definition click on the Printer icon on the system menu bar. Then on the left hand menu, click on Add New Printer. The form you are presented with will require you to enter:
- Printer Model - This must match the name in the INF file.
- Printer Alias - This can be anything you wish and it is what the end user will see.
- Printer Port - This is something like LPT1:, or IP_184.108.40.206.
- Printer INF File - This is the path to the INF file for the printer driver.
- Printer IP - (optional) This is ip address of an IP based printers only, this can take the form of 220.127.116.11:9100 or 18.104.22.168. If the port doesn't exist already, it will create one named IP_x.x.x.x, where x.x.x.x is the ip address. That is what should be entered in the port field.
After all the required information is entered, click on the Add Printer button.
Linking Printers to Hosts
Linking printers to hosts can be done from either the hosts section or the groups section. In the hosts section find the host you would like to add a printer to, click on the edit button associated with that host. In the host menu, click on the Printers button. First select how you would like the host to be managemed, either No Printer Management, Add Only, or Add and Remove. Then in the section below, select the printer you would like to install from the drop down list and click on the Update button.
Creating a Samba Based Printer Store on FOG
If you do not have a public sever where you can store your printer drivers for the FOG Printer Manager, then it is very easy to set one up on the FOG server using Samba, so all your Windows Clients will be able to connect.
The FOG Client Service
Note: Most of the things here about the FOG Client service apply to the legacy FOG client that came with FOG versions 1.2.0 and older. FOG 1.3.0 now comes with a new FOG Client. Details on this can be found here: FOG Client
The FOG Client Service is a Windows Service that is intended to be installed on the client computers during the image creation process. The FOG service communicates with the FOG server to provide certain service to the client computers including:
- Auto Log Off (0.16)
- Hostname Changes
- Active Directory Integration
- Directory Cleaner (0.16)
- Display Manager (0.16)
- Green FOG (0.16)
- Host registration
- Task Restarting
- Snapin Installation
- User Tracker
- Printer Manager
- User Cleanup (0.16)
- Client Updater
- User Tracker
Module specific configuration settings
The FOG Client Service is very modular in nature, which means you can install portions of the services provided, and leave off others. This also means that it is very easy to create new sub services if you know a little C#. All configuration data is held in a local INI file. Which is typically stored in
This file holds, in the general section:
- FOG Server IP address
- FOG Service installation root
- FOG Service working directory
- FOG Log file path
- Flag indicating if GUI messages should be displayed
- The max log file size
The FOG service should be installed on the computer to be imaged before capturing the image to the FOG Server.
The FOG service is located in the FOG Service/bin directory or if the FOG server is already installed it can be downloaded from:
Double-click on the setup.exe to start the installation wizard. At the end of the wizard you will need to enter the IP address or hostname of your FOG server.
Then restart the computer, if you don't restart the computer you will have issues with the service GUI appearing correctly.
As of version 0.29 and higher, the FOG client now supports a quiet installation mode. This can help automate deployments, by allowing the command to be run without user interaction from batch files. To do this the setup.exe file must be run from the command line with the arguments fog-defaults=true /qb.
So the full command would be:
setup.exe fog-defaults=true /qb
Functions and Operation
Auto Log Out
Added in Version 0.16
This module of the FOG Service will log a user off of a client pc after X minutes of inactivity. This module will display a screen saver-like GUI after 3/4 of the inactive time is up. So if the time out value is 40 minutes, the GUI will be displayed at 30 minutes of inactivity. When the time is up, the client computer will reboot. This service module can be configured via the management portal via:
FOG Service Configuration -> Auto Log Out
To enable the module globally, place a check in the box next to Auto Log Out Enabled?. The time to auto log off can changed globally via Default log out time: The minimum recommended value for this setting is 4 minutes.
The background image for the auto log off module can be modified via:
Other Information -> FOG Settings
The settings can be changed by modifying the value for FOG_SERVICE_AUTOLOGOFF_BGIMAGE. This settings will accept a jpg file that is local to the client computer like:
This setting will also accept files located on a web server such as:
Provided with FOG is a simple php script that will display a random images that is located on the FOG server. To use this option set FOG_SERVICE_AUTOLOGOFF_BGIMAGE to
Then simply put the images you would like to use in the following directory on the fog server:
Images used for the auto log off module must be in jpg format, and must be 300px by 300px.
This module of the FOG Service is used to change the hostname of the client computer and to allow the client to (optionally) join a Active Directory Domain after imaging. This process only runs shortly after service startup, which means typically only when you start your computer. The service communicates with the FOG server over port 80 and determines the hostname that is present in the FOG database for the host. The hosts are matched to the FOG database by their MAC addresses. If the hostnames are found to be different, the client changes the computers hostname and restart the computer.
The config.ini file contains configuration options for this module.
Allows you to set the path to the netdom.exe file. In some cases the file does not exist on the system. It can be downloaded from: Microsoft Download Center
As of version 0.29, this module will only add additional mac address to a host that is already registered, and add them to the pending mac address table, where they need to be approved in the FOG UI.
This module periodically checks in with the FOG server to see if the client has an imaging task assigned to it. If a task is found AND no one is logged into the workstation, then the client will restart and join the task.
The config.ini file contains configuration options for this module. As of version 0.13 of FOG you can change:
This will make the computer restart if a task is found, regardless of whether a user is logged into the computer.
You can change how often the service will check in with the server by changing:
where xxx is the number of seconds the service will wait between check-ins.
Added in version 0.16
This module will clean out (delete) the contents of a directory on user log off. This useful when you don't want any settings cached between users. This module will only delete the contents of a directory and not the root directory itself, so if you specify c:\trash, the service will remove all files and folders located within c:\trash but leave the folder c:\trash.
Added in version 0.16
This module is used to restore screen resolution between clients. This will restore a fixed resolution and refresh rate when a user logs into a computer.
Added in version 0.16
This module will simply shutdown/restart the client computer at a fixed schedule if no user is logged in. The schedule can be defined via the management portal.
This module periodically checks in with the FOG server to see is the client has an snapin set to be deployed to it. If a snapin is found AND no imaging task is associated with the client, then the client will download the snapin and install it in the background.
The configuration file contains settings for this module including:
where xxx is the number of seconds the service will wait between check-ins. It is important to note that currently the fog client will wait 5 minutes when first connected / established before it starts checking and installing any snapins from the server.
This module attempts to track user access to the host computer by the Windows user name. It attempts to track logins and logoffs as well as well as the state of the computer at service startup. The service will even attempt to track users when they are not on the network by writing all entries to a journal file, then replying the journal the next time the client is on the network.
There are no configuration settings for this module.
This module will remove all users not white listed in management portal on log off. This module is useful when using services like dynamic local user. All entries in the management white list are treated as prefixes to usernames, which means that they will white list all users that start with whatever was entered in the management front end. For example, if you enter admin in the management white list, then users admin, and administrator will NOT be removed from the computer.
This module checks on service startup to see what printers should be installed/removed from the client PC.
There are no configuration settings for this module.
This module waits (randomly) between 60 and 500 seconds after service startup to check the local fog server for client updates, and if any are found the service will download and install them. Updates will NOT take effect until after the service is restarted.
There are no configuration settings for this module.
Keeping Clients up to date
As of version 0.12 of FOG, we have included a client updater module. This module is no different from any of the other sub service modules. This service waits anywhere between 60 and 500 seconds after the FOG service starts up, and then attempts to check with the server for newer FOG service modules. If new modules are found the client will download them, and they will be active on the NEXT service startup. These modules are controlled from the FOG Management Console.
Only certain modules can be updated, only those that are a sub class of AbstractFOGService. This means you should NEVER attempt to update the FOGService executable (FOGService.exe file), or the AbstractFOGService.dll file. It is recommended that you not update the ClientUpdater.dll, because if the ClientUpdater.dll file becomes corrupt or not functional, your clients will not be able to update from that point on. Below are a list of the .dll files that can be updated.
Care must also be taken when updating the config.ini file, if the IP address is incorrect or the syntax of the file is incorrect, it could leave the FOG service crippled on the client computers.
To add new modules that can be pushed down to clients, first install a client with the new service or new module and confirm that it works as you would like. Log into the FOG management console, then go to the Infomation/Misc section (the little "i" icon). Click on Client Updater on the left-hand menu. Now click on the browse button to select the module (.dll) file you would like to post, then click on the capture button. After capturing the file should appear in the table above. If you are adding a new module, you will probably want to capture a new config.ini file to include new configuration settings required by that new module.
The FOG Tray is a Windows application that runs on user login that docks in the system tray. The FOG Tray, like the FOG service, is very modular in nature. New modules can be dropped in the FOG tray directory and on next load they will be loaded. This tray icon has the ability to communicate with the FOG service, this allows FOG more interactivity with the end-user.
What happens is that when the FOG service's printer manager module gets a request to set a default printer, the service attempts to contact the FOG Tray. If communication is established, then the service will ask the tray to set the default printer. On the other hand the end user can right click on the "F" icon in the system tray, then select printers, then update my printers. What this will do is attempt to send a request from the FOG Tray to the FOG Service and have the service check for printer updates (new printers or printers to be removed). If one is found the service will install any new printers assigned in the FOG Management portal.
This application is in its very early stages and currently doesn't have a lot of functionality. It is currently only used to allow end users to update their printers and to allow the setting of default printers (from the FOG service). Our vision for the FOG Tray is to add modules that would allow users to install printers that are published as public (via the management portal) without the printer being directly assigned to their host. We would also like to do the same thing for snapins where some of your snapins could be defined as public where anyone could install them on their computer.
If you have problems with the FOG Service, please refer to the log file that is located at:
If the PXE boot does not work
If booting from the fog server through pxe comes up with an error file not found, edit /etc/default/tftpd-hpa
Change TFTP_DIRECTORY to
- The FOG Service has the ability to install snapins to the clients. Snapins can be anything from whole applications like Microsoft Office to registry keys or desktop icons. Snapins can even be used to uninstall applications or remove unwanted files. For the end use's point of view, they will not even noticed that a snapin is being installed until it is complete. At this point a message will notify them that a new application has been installed on their computer. Snapins can be in MSI (0.17) or EXE formats, and can be created with any snapin creation tool like InstallRite or already packaged MSI files (0.17). You can also push commands to the computer that include .vbs scripts / .cmd (commands) and .bat (batch scripts).
- Snapin return codes are specified by the program that's being installed.
Creating a Snapin / Overview
FOG doesn't provide a tool to create snapins, but instead allows you to push files and execute them on the remote computers. It is highly recommended that you push the actual installer to the computer instead of using a program such as InstallRite.
If you have never silently installed software to a computer, or created an answer file for a program please look at the website Appdeploy Link This website has an trove of information on how to push software to a computer remotely.
Creating a Snapin for larger applications with SFX Maker
Some larger applications such as Microsoft Office and Adobe Products (Acrobat / Creative Suite) require multiple files to install properly. If you have an application that is not a single .exe please use SFX Maker. This tool is free for non commercial use, and most programs fall under the GPL. SFX Maker's Website
For instructions on how to use this software please see the youtube videos below.
SFX Maker takes an entire folder and encapsulates it or "folds" it into a single .exe which then "unfolds" to its original state and launches a file or command.
Creating a Snapin with InstallRite
If for some reason you do wish to use Installrite please be aware it comes with issues and limitations (not compatible on all windows operating systems / can cause issues with the computer it is pushed to). Below is an example of how to build a package with that software
In this example we will use Epsilon Squared's InstallRite which can be downloaded from http://www.epsilonsquared.com/installrite.htm. This application will package up your snapin as an exe file which will be uploaded to the FOG server.
- To run InstallRite navigate to c:\program files\Epsilon Squared\InstallRite\InstallRite.exe
- Click on "Install new software and create an InstallKit"
- On the Configure screen, click Next.
- On the Snapshot screen click next to create a new system snapshot.
- On the next screen,click the browse button to select the application you wish to install, then click next.
- When installation is complete InstallRite will come into focus, click the next button. InstallRite will scan your system again.
- Enter a name for your snapin.
- Click "Build Install Kit"
- Select "Quiet Installation Mode", Never reboot, even if needed, and "Never prompt the user and only overwrite older files"
- Click OK and it will build your snapin.
Preparing the FOG Server
If your snapin is larger than 2MB you will need to make two changes to the FOG server to allow uploads of larger than 2MB.
See also: Troubleshoot Web Interface
- On the FOG Server click on Applications -> Accessories -> Text Editor.
- Select Open and navigate to "/etc/php.ini"
- Change UPLOAD_MAX_FILESIZE to 1900MB (On a 32Bit OS don't set this value above 2GB)
- Change POST_MAX_SIZE to the same value.
- Save and close the text editor.
- Click on Applications ->System Tools -> Terminal and type "service httpd restart"
- sudo gedit /etc/php5/apache2/php.ini
- memory_limit = 1900M
- Save Changes
- sudo /etc/init.d/apache2 restart
- sudo vim /etc/php5/apache2/php.ini
- Edit the following lines in the document (read below for assistance with working in VIM)
- memory_limit = 1900M
- To edit content in vim you will need to press the "I" key on your keyboard to enter input mode.
- Hitting the Escape key will bring you out of input mode.
- Once out of input mode type :w and then enter to save the file
- Restart FOG once the file has been saved
Uploading the Snapin
- In the FOG Management Portal click on the Snapin Icon (Puzzle Pieces).
- On the left-hand menu click on the New Snapin Button.
- Enter a Snapin Name and Description.
- Browse to the snapin file you wish to upload.
- If you want the computer to restart after the snapin is installed click on the "Reboot after install"
- Click "Add"
As of version 0.17, fog supports using typical msi files as snapin files.
If the snapin file is a msi file you must perform these additional steps:
- Set Snapin Run With: to the path of msiexec.exe (ie: c:\windows\system32\msiexec.exe)
- Set Snapin Run With Arguments: to /i
- Set Snapin Arguments: to /qn
If the snapin file is a .vb script you must perform these additional steps:
- Set Snapin Run With: to the path of cscript.exe (ie: c:\windows\system32\cscript.exe)
Documentation on list of support snapin's and command line arguments [] There are MANY more supported applications that can be installed via command line arguments. You might have better luck installing them directly via .EXE / .MSI / or scripting them via .VBS . For more info on this consult the forums --Ssx4life 09:04, 8 October 2009 (MST)
Linking the Snapin to Hosts
In order for a snapin to be deployed it must be linked with a host. To do this perform the following:
- In the FOG Management Portal, click on the Hosts Icon.
- Search for and select a host and click on the edit button.
- Scroll down to the snapin section.
- Select the snapin you just created from the drop-down box and click the "Add Snapin" button.
The next time you image the computer the FOG Service will attempt to install that snapin. If you have problems, please see the fog log file located at c:\fog.log on the client PC.
Client Side Tasks
Applies to version 0.12 or higher.
FOG attempts to keep management centralized, but in an attempt to make deploying machines as easy as possible FOG has added a few basic client side tasks. These tasks can be run from the client computer during the PXE boot process. When the client boots and the FOG banner is displayed the pxe client will display a prompt like boot: or something similar. At this point you have 3 seconds to start typing one of the following commands.
This command will run the memtest86+ on the client computer.
This command will run the basic host registration and inventory process without any user input. It will register any new/unregistered hosts with the FOG server and pull a basic hardware inventory from them. The hostname of the computer will be the same as the MAC address without the ":".
If a host is already registered, then only an inventory will be performed.
This command will run the full host registration process with user input, inventory and give the option to push down an image, all at the same time. During this process the user registering the host will be prompted for the computer host name, ip address, operating system ID, image ID, Primary User of the computer, asset tag 1, and asset tag 2.
If a valid hostname, os id, and image id are given and the option is selected to image the workstation after registration, the host will reboot and an imaging send will began.
If a host is already registered, then only an inventory will be performed, this prevents end-users from re-registering a machine with a different hostname, etc.
This tasks was designed for institutions that may get shipments of hundreds of computers that need to be deployed very quickly. They can be unboxed, inventoried, imported into FOG and imaged very quickly.
Operating System ID
As of Version 0.17 of fog, you can now enter ? at the Operating System ID prompt to get a listing of the valid operating system id values.
The following are valid values for operating system IDs:
- 1 - Windows 2000 / Windows XP
- 2 - Windows Vista
- 3 - Windows 98
- 4 - Windows (Other)
- 5 - Windows 7
- 50 - Linux
- 99 - Other
Image IDs can be found in the management console, in the Images section. Search for the image, and click on the edit button associated with the image, the image id will be in the Address/url bar in the format of &imageid=xx.
As of version 0.17, you can enter ? at the Image ID prompt to get a listing of all your images and their ID numbers.
Active Directory Integration
FOG has the ability to register a host with Active Directory, in a limited sense. Versions of FOG up to and including 0.28 rely on the netdom.exe executable that is provided as part the support tools on the Windows installation media. In order for Active Directory integration to function, your image will need to have the FOG service installed, along with the Windows Support Tools.
Versions of FOG from (and including) 0.29 have this functionality built in and do NOT require netdom.exe or the support tools to be installed.
It is also very important that before capturing your image that the computer is NOT a member of any domain.
Note: The below statement applies to older FOG versions (1.2.0 and below). When using FOG 1.3.0 and above in conjunction with the NEW fog client, this step is not needed. See here for more information.
Important - Please read!
In order to add a computer to a domain, FOG requires a username and password of an account that has rights to the OU where the computer objects are stored in the domain tree. This user account should have rights to join computers to the Domain, as well as sufficient rights to create/manage computer objects. FOG attempts to keep your password secure by encrypting it, but since FOG is open source, it is possible for someone to decrypt your password if you don't change the FOG "Passkey." It is highly recommended that you change this Passkey before implementing the AD integration in a production environment. Changing the Passkey requires you to recompile the FOG Service's Hostname change module, but don't panic this isn't hard and only need to be done one time. Please see the documentation below.
Preparing the Image
Before capturing an image to FOG that you would like to use with Active Directory, please ensure that the image:
- is NOT a member of the domain, change the computer membership to workgroup instead.
- has support tools installed (Not required for FOG versions from 0.29).
- has the FOG service installed.
To setup a host to use AD, navigate to the hosts section of the FOG management portal.
- Search for, and select a host.
- Click on the Edit button
- Scroll down to the Active Directory section.
- Check the box next to Join Domain after image task
- Enter the domain NETBIOS name (i.e. MYDOMAIN, not mydomain.com).
- Enter the Organizational Unit where you would like to have the computer stored in AD. Leave if blank for the default. (Must be in LDAP format).
- Enter the user name that has access to the computer objects. Do not include the domain name if you are running version 1.2 (your mileage may vary with earlier versions). Development version of FOG will accept a name with or without domain (username OR mydomain/username).
- Enter the encrypted password. This password must be encrypted with the FOGCrypt utility. This utility is located in the FOGCrypt folder of the FOG download package. It is a Windows (.NET) command line application.
- Click Update.
The next time you image that computer the service will attempt to register the host with the domain information provided. If you have problems please refer to the FOG Service log file located in c:\fog.log
Making AD Integration Easier
As of version 0.20 of FOG, we have made it a bit easier to manage AD settings in FOG, by allowing for default settings for AD. This will allow the easy population of the domain, OU, username, and password. To set this feature up perform the following:
- Go to Other Information -> FOG Settings
- Set your default values for the following:
- FOG_AD_DEFAULT_PASSWORD (MUST BE ENCRYPTED!)
To test everything out, go to a host that doesn't have anything setup for AD, and click on the edit button for that host. Go to the host menu, and select Active Directory. Click on the Join Domain after image task: button and all your default values should be populated.
Securing Active Directory Integration
In order to add a computer to a domain, FOG requires a username and password that has rights to the OU where the computer objects are stored in the domain tree. FOG attempts to keep your password secure by encrypting it, but since FOG is open source and the methods used to encrypt the password are open for all to see, it is possible for someone to decrypt your password if you don't change the FOG "Passkey." It is highly recommended that you change this Passkey before implementing the AD integration in a production environment. Changing the Passkey requires you to recompile the FOG Service's Hostname change module, but don't panic this isn't hard and it only needs to be done one time.
The Development Environment
The hostname change module is written in c#, so in order to recompile it you will need to download Microsoft's Visual Studio Express Edition for C#. This can be downloaded from:
Install Visual Studio with the standard options.
Getting the Source
After Visual Studio Express is installed now we need to get the source code for the hostname change module. This is part of FOG download/installation package. This package can be downloaded from:
Extract this package, then navigate to "FOG Service\src\FOG_HostNameChanger\"
Double-click on HostNameChange.sln to open the project.
If you are asked to convert the project to the latest version, click the Finish button.
If you are using Visual Studion 2010, you need to change the target .NET framework to .NET 2.0. Do this by going to Project > hostnamechanger properties. On the Application tab, change the Target Framework to .NET 2.0
Once the project has opened, on the right-hand panel, in the "Solution Explorer", double-click on MOD_HostNameChanger.cs.
After do so, you should get the source code to display in the main panel, scroll down to the line:
private const String PASSKEY = "FOG-OpenSource-Imaging";
Change FOG-OpenSource-Imaging to anything you like, just remember what you change it to, as you will need it later.
Then click File -> Save All.
Then click Build -> Build Solution.
This will recompile the hostname change module with your unique key.
Now navigate to "FOG Service\src\FOG_HostNameChanger\bin\Release"
Copy only the file HostnameChange.dll to "FOG Service\src\FOG Service\bin\Release" (overwrite existing file).
Navigate to "FOG Service\src\FOG Service\"
Open the solution by double-clicking "FogService.sln"
If you are asked to convert the project to the latest version, click the Finish button.
If you are using Visual Studion 2010, you need to change the target .NET framework to .NET 2.0. Do this by going to Project > FOGService properties. On the Application tab, change the Target Framework to .NET 2.0
Change the build configuration from debug to release
Right click on "FOG Service Install" and click "Build"
Navigate to "FOG Service\src\FOG Service Installer\Release"
Select the 2 files, right-click -> Send To -> Compressed Folder
Copy the .zip file to your FOG Server "/var/www/html/fog/client". Overwrite the existing file.
Encrypting Your Password
Now that we have changed the passkey, we need you update the FOGCrypt ini file to use this new passkey.
Navigate to the FOGCrypt\etc directory from the FOG download package.
Open the config.ini file and change the passkey value to your new passkey, then save the file.
Now open a command window and navigate using the cd command to the FOGCrypt directory.
Where [password] is the AD user's password that has rights to the Computers section of the AD tree.
The output from this command is what you will enter in the FOG management portal.
Relates to FOG Version 0.12 or higher.
FOG Reports allow you to export data from FOG in two major formats including CSV, and PDF.
- Snapin Log - This report will report on snapin installation history.
- Imaging Log - This report will report on images deployed to hosts.
- Virus History - This report lists any viruses that were found on locate computers.
- Inventory - This report will report on the inventory information collect for network clients.
- Equipment Loan - This report can be used for equipment loaned to staff members.
- User Login History - This report contains information about user logins.
Running a report can be done from the Reports section of FOG, then by picking a report from the left-hand menu.
Importing User Created Reports
The reporting section of FOG allows for the end user to create and upload custom reports into FOG. A FOG report is a simple php script that is processed by the server. To import a report simply click on the Upload a Report button in the reports section, select the report then click on the upload button. The report will then show up on the left-hand menu.
Please be cautious when uploading reports from an unknown source as the writer of the report has full access to the FOG system and database! Make sure your sources are trustworthy before importing a report!
Creating Custom Report
Custom reports are simple php scripts in FOG. Custom reports can be created based on the following template:
- Plugins give FOG extra functionality wanted for some users but not all.
FOG Client Kernel
In FOG, there aren't really drivers you need to find and download for your clients to work, this is because we ship a Linux kernel that has the majority of hardware device built into it. What this means is if you have a device that doesn't work with FOG you need to either build a new kernel yourself or try a newer kernel that has been released via our kernel updater.
We currently build two "lines" of kernels, one called KS or KitchenSink. This kernel tries to include drivers for as many devices as possible, sometimes as the cost of performance, and this is the kernel that we ship with FOG by default. The other "line" is the PS kernel or the Peter Sykes kernel, which is a based on a config submitted by a user. This kernel line tries to be faster, but may not include as many drivers as the KS kernel.
Updating the Kernel
It is possible to update your client kernel from within the UI of FOG. To do this perform the following steps:
- Log into the FOG Management UI.
- Go to Other Information
- Select Kernel Updates
- Select the Kernel you would like to download, typically the newest kernels are on the top of the list.
- Click the download icon
- Select a file name for your kernel, to make it the default kernel leave the name as bzImage
- Click the Next Button
Mobile Management Interface
The FOG Mobile web interface is a very basic, stripped down interface for FOG. It is designed to be given to lower level technicians using low powered, mobile devices such as iPod touches, iPhone, PDAs, and internet tablets. The idea behind this interface is to make it easy for techs to re-image a computer while making the rounds at a site.
Using the mobile Interface
The mobile interface can be access via:
The portal requires a valid user name in password, which can be created via the FOG portal.
Once logged into the portal, users can search for hosts and image them, and view/cancel active tasks.
They can not change image associations, nor modify any properties of a host.