Merkwürdiges Verhalten des opsi-client-agent

larsg
Beiträge: 222
Registriert: 16 Dez 2014, 18:06

Merkwürdiges Verhalten des opsi-client-agent

Beitragvon larsg » 21 Apr 2016, 09:53

Hallo,

wir haben im Moment auf einigen Clients ein merkwürdiges Phenomän beobachten müssen.

Ich habe zwei bestätigte Fälle bei denen der opsi-client-agent eine Installation anstieß, direkt nachdem der PC gesperrt wurde.
Es wurde keine Verteilung on-demand angestoßen.

Auf einigen weiteren Rechnern ist ebenfalls eine Installation "unkontrolliert" (also ohne on-demand) angestoßen worden,
ob der PC gesperrt wurde lässt sich nicht mehr feststellen.

Das Problem konnte bislang nicht von mir reproduziert werden.

Server-Konfiguration -> Host-Parameter -> opsiclientd:

Bild

die betroffenen rechner haben die selben Host-Parameter.


opsiclientd.conf eines betroffenen rechners:

Code: Alles auswählen

; = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
; =     configuration file for opsiclientd                              =
; = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
; -     global settings                                                 -
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[global]

# Location of the log file.
log_file = c:\\opsi.org\\log\\opsiclientd.log

# Set the log (verbosity) level
# (0 <= log level <= 9)
# 0: nothing, 1: essential, 2: critical, 3: errors, 4: warnings, 5: notices
# 6: infos, 7: debug messages, 8: more debug messages, 9: passwords
log_level = 6

# Client id.
host_id = test.test-domain.de

# Opsi host key.
opsi_host_key = xxx

# Verify opsi server certs
verify_server_cert = False

# Verify opsi server certs by ca
verify_server_cert_by_ca = False

# On every daemon startup the user login gets blocked
# If the gui starts up and no events are being processed the login gets unblocked
# If no gui startup is noticed after <wait_for_gui_timeout> the login gets unblocked
# Set to 0 to wait forever
wait_for_gui_timeout = 120

# Application to run while blocking login
block_login_notifier = %global.base_dir%\\notifier.exe -s notifier\\block_login.ini
base_dir = C:\Program Files (x86)\opsi.org\opsi-client-agent
locale_dir = C:\Program Files (x86)\opsi.org\opsi-client-agent\locale
log_dir = C:\opsi.org\log
server_cert_dir = C:\opsi.org\opsiclientd\server-certs
state_file = C:\opsi.org\opsiclientd\state.json
timeline_db = C:\opsi.org\opsiclientd\timeline.sqlite

; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
; -     config service settings                                         -
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[config_service]
# Service url.
# http(s)://<opsi config server address>:<port>/rpc
url = https://192.168.56.254:4447/rpc

# Conection timeout.
connection_timeout = 30

# The time in seconds after which the user can cancel the connection establishment
user_cancelable_after = 30

# If this option is set, the local system time will be synced with time from service
sync_time_from_service = False

; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
; -     depot server settings                                           -
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[depot_server]

# Depot server id
depot_id = testserver.test-domain

# Depot url.
# smb://<depot address>/<share name>/<path to products>
url = smb://testserver.test-domain/opsi_depot

# Local depot drive
drive = p:

# Username that is used for network connection [domain\]<username>
username = pcpatch

; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
; -     cache service settings                                          -
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[cache_service]
# Maximum product cache size in bytes
product_cache_max_size = 5000000000
extension_config_dir = C:\Program Files (x86)\opsi.org\opsi-client-agent\opsiclientd\extend.d
storage_dir = C:\opsi.org\cache

; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
; -     control server settings                                         -
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[control_server]

# The network interfaces to bind to.
# This must be the IP address of an network interface.
# Use 0.0.0.0 to listen to all interfaces
interface = 0.0.0.0

# The port where opsiclientd will listen for HTTPS rpc requests.
port = 4441

# The location of the server certificate.
ssl_server_cert_file = %global.base_dir%\\opsiclientd\\opsiclientd.pem

# The location of the server private key
ssl_server_key_file = %global.base_dir%\\opsiclientd\\opsiclientd.pem

# The location of the static files
static_dir = %global.base_dir%\\opsiclientd\\static_html

# The maximum number of authentication failures before a client ip
# is blocked for an amount of time.
max_authentication_failures = 5

; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
; -     notification server settings                                    -
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[notification_server]

# The network interfaces to bind to.
# This must be the IP address of an network interface.
# Use 0.0.0.0 to listen to all interfaces
interface = 127.0.0.1

# The first port where opsiclientd will listen for notification clients.
start_port = 44000

# Port for popup notification server
popup_port = 45000
port = 4442

; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
; -     opsiclientd notifier settings                                   -
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[opsiclientd_notifier]

# Notifier application command
command = %global.base_dir%\\notifier.exe -p %port% -i %id%

; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
; -     opsiclientd rpc tool settings                                   -
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[opsiclientd_rpc]

# RPC tool command
command = %global.base_dir%\\opsiclientd_rpc.exe "%global.host_id%" "%global.opsi_host_key%" "%control_server.port%"

; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
; -     action processor settings                                       -
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[action_processor]
# Locations of action processor
local_dir = %global.base_dir%\\opsi-winst
remote_dir = opsi-winst\\files\\opsi-winst
filename = winst32.exe

# Action processor command
command = "%action_processor.local_dir%\\%action_processor.filename%" /opsiservice "%service_url%" /clientid %global.host_id% /username %global.host_id% /password %global.opsi_host_key%

# Load profile / environment of %run_as_user%
create_environment = False
create_user = True
delete_user = True
run_as_user = SYSTEM

; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
; -     events                                                          -
; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[event_default]
; === Event configuration
# Type of the event (string)
type = template
# Interval for timer events in seconds (int)
interval = -1
# Maximum number of event repetitions after which the event will be deactivated (int, -1 = forever)
max_repetitions = -1
# Time in seconds to wait before event becomes active (int, 0 to disable delay)
activation_delay = 0
# Time in seconds to wait before an event will be fired (int, 0 to disable delay)
notification_delay = 0
# Event notifier command (string)
event_notifier_command = %opsiclientd_notifier.command% -s notifier\\event.ini
# The desktop on which the event notifier will be shown on (current/default/winlogon)
event_notifier_desktop = current
# Block login while event is been executed (bool)
block_login = false
# Lock workstation on event occurrence (bool)
lock_workstation = false
# Logoff the current logged in user on event occurrence (bool)
logoff_current_user = false
# Get config settings from service (bool)
get_config_from_service = true
# Store config settings in config file (bool)
update_config_file = true
# Transmit log file to opsi service after the event processing has finished (bool)
write_log_to_service = true
# Shutdown machine after action processing has finished (bool)
shutdown = false
# Reboot machine after action processing has finished (bool)
reboot = false

; === Sync/cache settings
# Sync configuration from local config cache to server (bool)
sync_config_to_server = false
# Sync configuration from server to local config cache (bool)
sync_config_from_server = false
# Sync configuration from local config cache to server after action processing (bool)
post_sync_config_to_server = false
# Sync configuration from server to local config cache after action processing (bool)
post_sync_config_from_server = false
# Work on local config cache
use_cached_config = false
# Cache products for which actions should be executed in local depot cache (bool)
cache_products = false
# Maximum transfer rate when caching products in byte/s (int, 0 = no limit)
cache_max_bandwidth = 0
# Dynamically adapt bandwith to other network traffic (bool)
cache_dynamic_bandwidth = false
# Work on local depot cache
use_cached_products = false

; === Action notification (if product actions should be processed)
# Time in seconds for how long the action notification is shown (int, 0 to disable)
action_warning_time = 0
# Action notifier command (string)
action_notifier_command = %opsiclientd_notifier.command% -s notifier\\action.ini
# The desktop on which the action notifier will be shown on (current/default/winlogon)
action_notifier_desktop = current
# Message shown in the action notifier window (string)
action_message = Starting to process product actions. You are allowed to cancel this event a total of %action_user_cancelable% time(s). The event was already canceled %state.action_processing_cancel_counter% time(s).
# German translation (string)
action_message[de] = Starte die Bearbeitung von Produkt-Aktionen. Sie können diese Aktion insgesamt %action_user_cancelable% mal abbrechen. Die Aktion wurde bereits %state.action_processing_cancel_counter% mal abgebrochen.
# French translation (string)
action_message[fr] = Traitement des actions du produit. Vous êtes autorisé à annuler cet événement un total de %action_user_cancelable% fois. L'événement a été déjà annulée %state.action_processing_cancel_counter% fois.
# Number of times the user is allowed to cancel the execution of actions (int)
action_user_cancelable = 0

; === Action processing
# Should action be processed by action processor (bool)
process_actions = true
# Type of action processing (default/login)
action_type = default
# Update the action processor from server before starting it (bool)
update_action_processor = true
# Command which should be executed before start of action processor
pre_action_processor_command =
# Action processor command (string)
action_processor_command = %action_processor.command%
# The desktop on which the action processor command will be started on (current/default/winlogon)
action_processor_desktop = current
# Action processor timout in seconds (int)
action_processor_timeout = 10800
# Command which should be executed before after action processor has ended
post_action_processor_command =

; === Shutdown notification (if machine should be shut down or rebooted)
# Process shutdown requests from action processor
process_shutdown_requests = true
# Time in seconds for how long the shutdown notification is shown (int, 0 to disable)
shutdown_warning_time = 0
# Shutdown notifier command (string)
shutdown_notifier_command = %opsiclientd_notifier.command% -s notifier\\shutdown.ini
# The desktop on which the action notifier will be shown on (current/default/winlogon)
shutdown_notifier_desktop = current
# Message shown in the shutdown notifier window (string)
shutdown_warning_message = A reboot is required to complete software installation tasks. You are allowed to delay this reboot a total of %shutdown_user_cancelable% time(s). The reboot was already delayed %state.shutdown_cancel_counter% time(s).
# German translation (string)
shutdown_warning_message[de] = Ein Neustart wird benötigt um die Software-Installationen abzuschliessen. Sie können diesen Neustart insgesamt %shutdown_user_cancelable% mal verschieben. Der Neustart wurde bereits %state.shutdown_cancel_counter% mal verschoben.
# French translation (string)
shutdown_warning_message[fr] = Un redémarrage est nécessaire pour terminer l'installation du logiciel. Vous êtes autorisé à retarder le redémarrage un total de %shutdown_user_cancelable% fois. Le redémarrage a été déjà retardé %state.shutdown_cancel_counter% fois.
# Number of times the user is allowed to cancel the shutdown (int)
shutdown_user_cancelable = 0
# Time in seconds after the shutdown notification will be shown again after the user has canceled the shutdown (int)
shutdown_warning_repetition_time = 3600

[event_gui_startup]
super = default
type = gui startup
name = gui_startup
block_login = true
active = True

[event_gui_startup{user_logged_in}]
name = gui_startup
shutdown_warning_time = 300
block_login = false
active = True

[event_gui_startup{cache_ready}]
use_cached_config = true
use_cached_products = true
action_user_cancelable = 3
action_warning_time = 60

[event_gui_startup{installation_pending}]
name = gui_startup
active = True

[event_on_demand]
super = default
type = custom
name = on_demand

[event_on_demand{user_logged_in}]
name = on_demand
shutdown_warning_time = 300

[event_software_on_demand]
super = default
type = sw on demand

[event_sync]
super = default
type = template
process_actions = false
event_notifier_command =
sync_config_to_server = true
sync_config_from_server = true
cache_products = true
cache_dynamic_bandwidth = true

[event_timer]
super = sync
type = timer
active = False
interval = 3600

[event_net_connection]
super = sync
type = custom
active = False
wql = SELECT * FROM __InstanceModificationEvent WITHIN 2 WHERE TargetInstance ISA 'Win32_NetworkAdapter' AND TargetInstance.NetConnectionStatus = 2

[event_sync_completed]
super = default
type = sync completed
event_notifier_command =
process_actions = false
get_config_from_service = false
write_log_to_service = false

[event_sync_completed{cache_ready_user_logged_in}]
reboot = true
shutdown_user_cancelable = 10
shutdown_warning_time = 300

[event_sync_completed{cache_ready}]
reboot = true

[event_user_login]
super = default
type = user login
action_type = login
active = False
action_message = Starting to process user login actions.
action_message[de] = Beginne mit der Verarbeitung der Benutzer-Anmeldungs-Aktionen.
action_message[fr] = Traitement des actions à la connexion de l'utilisateur.
block_login = false
process_shutdown_requests = false
get_config_from_service = false
update_config_file = false
write_log_to_service = false
update_action_processor = true
event_notifier_command = %opsiclientd_notifier.command% -s notifier\\userlogin.ini
event_notifier_desktop = default
action_processor_command = %action_processor.command% /sessionid %service_session% /allloginscripts /silent
action_processor_desktop = default
action_processor_timeout = 300

[event_on_shutdown]
super = default
type = custom
name = on_shutdown
active = False

[event_on_shutdown{installation_pending}]
name = on_shutdown
active = False

[event_silent_install]
super = default
type = custom
name = silent_install
event_notifier_command =
process_shutdown_requests = false
action_processor_command = %action_processor.command% /productlist %action_processor_productIds% /silent
action_processor_desktop = winlogon
action_processor_timeout = 300
action_processor_productids = swaudit,hwaudit

[event_timer_silentinstall]
super = silent_install
type = timer
active = False
interval = 21600

[precondition_user_logged_in]
user_logged_in = true

[precondition_cache_ready]
config_cached = true
products_cached = true

[precondition_cache_ready_user_logged_in]
user_logged_in = true
config_cached = true
products_cached = true

[precondition_installation_pending]
installation_pending = true


Keine Ahnung was sonst noch relevant sein könnte :( so ein unerwartetes Verhalten, wenn auch in diesem Fall nicht so gravierend, macht mir schon etwas Angst :?
Zuletzt geändert von larsg am 07 Apr 2017, 08:23, insgesamt 1-mal geändert.

Benutzeravatar
ueluekmen
uib-Team
Beiträge: 1891
Registriert: 28 Mai 2008, 10:53

Re: Merkwürdiges Verhalten des opsi-client-agent

Beitragvon ueluekmen » 21 Apr 2016, 11:34

Hi,

schwer ohne Log. Um genau zu sehen was passiert muss man sich die opsiclientd.logs verschaffen, also auch die mit .1 .2, und dann schauen, was hat der Clients gemacht. Vielleicht hilft auch die Infopage des Clients bei der Analyse. Man muss checken, welches Event ausgelöst wurde und dann schauen, warum das Event ausgelöst wurde.
opsi support - uib gmbh
For productive opsi installations we recommend support contracts.
http://www.uib.de

larsg
Beiträge: 222
Registriert: 16 Dez 2014, 18:06

Re: Merkwürdiges Verhalten des opsi-client-agent

Beitragvon larsg » 25 Apr 2016, 11:25

Hallo,

opsiclientd.log files von einem PC:

https://www.dropbox.com/s/0jflhhjesin76 ... g.zip?dl=0

auf die info page komm ich aktuell nicht drauf, anmeldung via lokaler admin klappt nicht :?

hoffe das reicht aus

larsg
Beiträge: 222
Registriert: 16 Dez 2014, 18:06

Re: Merkwürdiges Verhalten des opsi-client-agent

Beitragvon larsg » 25 Apr 2016, 11:41

problem ist, das ich den genauen Zeitpunkt nicht (mehr) hab, und das phenomän auch scheinbar nicht reproduzierbar ist.
müsste donnerstag so gegen 9:00 gewesen sein, sprich opsiclientd.log.1

ich kann da kein event als schuldigen ausmachen, bzw. kenne mich nicht genug mit dem event-system aus :?

ahcsas
Beiträge: 17
Registriert: 20 Jun 2011, 09:28

Re: Merkwürdiges Verhalten des opsi-client-agent

Beitragvon ahcsas » 25 Apr 2016, 13:43

larsg hat geschrieben:Hallo,
auf die info page komm ich aktuell nicht drauf, anmeldung via lokaler admin klappt nicht :?

Hi,

Probiers mal mit leerem Benutzernamen und dem opsi_host_key des Clients als Passwort.

Gruß
Sascha
Viele Grüße
Sascha

Benutzeravatar
n.wenselowski
uib-Team
Beiträge: 3191
Registriert: 04 Apr 2013, 12:15

Re: Merkwürdiges Verhalten des opsi-client-agent

Beitragvon n.wenselowski » 26 Apr 2016, 12:04

Hi,

bitte etwas genauer. Ich habe wenig Lust Logs nach $irgendwas zu durchsuchen, da stecke ich meine Zeit lieber in anderes ;)
Die Info-Page ist hier wirklich hilfreich!

Ansonsten sind die Events im Handbuch beschrieben, bitte da rein schauen.

Oder uns im Rahmen des Supports kontaktieren ;)


Gruß

Niko
opsi development - uib gmbh
For productive opsi installations we recommend support contracts.

larsg
Beiträge: 222
Registriert: 16 Dez 2014, 18:06

Re: Merkwürdiges Verhalten des opsi-client-agent

Beitragvon larsg » 10 Mai 2016, 10:09

n.wenselowski hat geschrieben:bitte etwas genauer. Ich habe wenig Lust Logs nach $irgendwas zu durchsuchen, da stecke ich meine Zeit lieber in anderes ;)


Irgendwie... völlig unnötig.

Ich hab die Log's geliefert wie von ueluekmen angefordert.
Das du da keine "Lust" drauf hast und dich trotzdem veranlasst fühlst hier zu antworten, kann ich leider nicht riechen.

Die Info-Page (Danke @ahcsas) zeigt mir einen Haufen farbige Balken, bzw. zu dem angenommenen Zeitpunkt wird garnichts angezeigt, vermutlich weil zu lange her.

Da bislang derart Phenomän nicht wieder aufgetreten ist, scheint die Ursache temporärer Natur zu sein.

Benutzeravatar
ueluekmen
uib-Team
Beiträge: 1891
Registriert: 28 Mai 2008, 10:53

Re: Merkwürdiges Verhalten des opsi-client-agent

Beitragvon ueluekmen » 01 Jun 2016, 09:55

Hi,

ich habe jetzt mal reingeschaut. Ich sehe in den Logs nichts unauffälliges. Er startet und macht dann gui_startup. Das ist völlig normal. Ich sehe nichts von Sperren, oder einem bestimmten anderen Event.

Da du auch nicht mehr genau bescheid weißt, beobachte das doch noch mal und wenn das noch mal auftritt, wieder die Logs Sichern und am besten auch die Uhrzeit mitteilen, dann schauen wir noch mal rein. Ich habe die Logs aber auch nur überflogen. Du kannst in dem Fall mit bezug auf diesen Thread die Logs auch an info(at)uib.de.

Da wir uns hier im freien Support bewegen, kann das wie in diesem Fall auch mal dauern, bis jemand dazu kommt rein zu schauen. Mit einem Supportvertrag geht so etwas immer schneller und besser.
opsi support - uib gmbh
For productive opsi installations we recommend support contracts.
http://www.uib.de