Hey I'm trying to join a computer to the opsi.
opsi is active directory integrated, pcpatch is an ad user, and when we try to join a computer to the opsi this is the error message we are getting.
Opsi rpc error; Opsi service permission error: No permission for method 'host_getO on server), I have tried running opsi-setup-rights, opsiconfd setup and restart the opsi confd service but still no luck. Any help will be appreciated. Thanks.
Opsi service permission error
Re: Opsi service permission error
Hello,
there may be something wrong with the acl configuration. It is best to compare the /etc/opsi/backendManager/acl.conf with the acl.conf from our package:
opsi 4.3: https://github.com/opsi-org/opsiconfd/b ... r/acl.conf
The log file /var/log/opsi/opsiconfd/opsiconfd.log and <client-ip>.log could also help with troubleshooting.
Best regards
Fabian
there may be something wrong with the acl configuration. It is best to compare the /etc/opsi/backendManager/acl.conf with the acl.conf from our package:
opsi 4.3: https://github.com/opsi-org/opsiconfd/b ... r/acl.conf
The log file /var/log/opsi/opsiconfd/opsiconfd.log and <client-ip>.log could also help with troubleshooting.
Best regards
Fabian
Re: Opsi service permission error
Hello Fkalweit,
Thanks for reaching out, Yes apparently the pcpatch user wasn't part of the admingroup mentioned in opsi.conf file. I have fixed that issue. the setup script now runs but I ran into a new issue "Installation unsuccessful: Installation of opsi-client-agent on client "Client-ID" unsuccessful.
Here is the error message in opsiconfd.log file
Failed to update PXE boot configuration for client 'Client-ID: Failed to connect to socket '/var/run/opsipxeconfd/opsipxeconfd.socket': [Errno 13] Permission denied (opsipxeconfd.py:104)
Here is the error message in ClintComputerIP.log
[ClintComputerIP ] Opsi service permission error: Not an admin user 'Client-ID' POST //rpc (session.py:291)
Any help will be appreciated. Thanks
Best Regards,
Mustafa Bhatti
Thanks for reaching out, Yes apparently the pcpatch user wasn't part of the admingroup mentioned in opsi.conf file. I have fixed that issue. the setup script now runs but I ran into a new issue "Installation unsuccessful: Installation of opsi-client-agent on client "Client-ID" unsuccessful.
Here is the error message in opsiconfd.log file
Failed to update PXE boot configuration for client 'Client-ID: Failed to connect to socket '/var/run/opsipxeconfd/opsipxeconfd.socket': [Errno 13] Permission denied (opsipxeconfd.py:104)
Here is the error message in ClintComputerIP.log
[ClintComputerIP ] Opsi service permission error: Not an admin user 'Client-ID' POST //rpc (session.py:291)
Any help will be appreciated. Thanks
Best Regards,
Mustafa Bhatti
Re: Opsi service permission error
Hallo,
An admin user must be used for the first installation. Here is the link to the documentation:
https://docs.opsi.org/opsi-docs-en/4.3/ ... -installer
If this is not the problem, then there should be a log file from the client agent installation on the client. You may be able to see the error there.
Viele Grüße
Fabian
An admin user must be used for the first installation. Here is the link to the documentation:
https://docs.opsi.org/opsi-docs-en/4.3/ ... -installer
If this is not the problem, then there should be a log file from the client agent installation on the client. You may be able to see the error there.
Viele Grüße
Fabian
Re: Opsi service permission error
Hello,
I've sent you a pm. Will appreciate if you can have a look. Thanks
I've sent you a pm. Will appreciate if you can have a look. Thanks
Re: Opsi service permission error
Please provide more information with which
- method yor joined the opsi-server to the Active Directory ,
- which OS your opsi-server is running
and more details/logs on the failed opsi-client-agent Installation.
Whiched method you use for the opsi-client-agent installation
Do you have any logs, for instance the log file c:\opsi.org\log\opsi-client-agent.log respectively the logfile from the oca-installation-helper.exe or the
the log file /var/log/opsi/opsiconfd/opsiconfd.log and <client-ip>.log
You can send the logs referring to this thread via mail to info|at>uib.de
kind regards,
bardo wolf
- method yor joined the opsi-server to the Active Directory ,
- which OS your opsi-server is running
and more details/logs on the failed opsi-client-agent Installation.
Whiched method you use for the opsi-client-agent installation
Do you have any logs, for instance the log file c:\opsi.org\log\opsi-client-agent.log respectively the logfile from the oca-installation-helper.exe or the
the log file /var/log/opsi/opsiconfd/opsiconfd.log and <client-ip>.log
You can send the logs referring to this thread via mail to info|at>uib.de
kind regards,
bardo wolf
OPSICONF 2024
https://opsi.org/en/opsiconf/
Basisworkshop Mainz :
17. - 20. 06. 2024
opsi support - uib gmbh
For productive opsi installations we recommend maintainance + support contracts which are the base of opsi development.
http://www.uib.de
Re: Opsi service permission error
Hello bardo,
Thanks for reaching out. I'm not sure about the method used to join the opsi-server to the active directory, but that seem to work perfectly fine. the OPSI server is running on Linux OS and clients are using windows. I have shared detailed required logs to info|at>uib.de. I'm running servicesetup.cmd sript which calls the oca-installation-helper.exe.
@echo off
cls
echo Starting oca-installation-helper.exe, please wait...
if "%~1" == "/u" (
call %~dp0\oca-installation-helper.exe --non-interactive
) else (
call %~dp0\oca-installation-helper.exe
)
I have tried running opsi-client-agent-installer.exe under Index of /public/opsi-client-agent/. but still the same error.
When I run the oca-installation-helper.exe it works fine until it says sending log files to the server. It shows not responding and gives an error installation failed.
Thanks for reaching out. I'm not sure about the method used to join the opsi-server to the active directory, but that seem to work perfectly fine. the OPSI server is running on Linux OS and clients are using windows. I have shared detailed required logs to info|at>uib.de. I'm running servicesetup.cmd sript which calls the oca-installation-helper.exe.
@echo off
cls
echo Starting oca-installation-helper.exe, please wait...
if "%~1" == "/u" (
call %~dp0\oca-installation-helper.exe --non-interactive
) else (
call %~dp0\oca-installation-helper.exe
)
I have tried running opsi-client-agent-installer.exe under Index of /public/opsi-client-agent/. but still the same error.
When I run the oca-installation-helper.exe it works fine until it says sending log files to the server. It shows not responding and gives an error installation failed.
Re: Opsi service permission error
One should use the oca-installation-helper.exe
Thanks for the log-file opsi-client-agent.log.
The client gets an IPv4 address
[1] [2024-05-01 13:57:49.500] [opsi-client-agent] 192.168.xx.x - IP address
but the opsi-server has an ipv6 address in line 28/29
[6] [2024-05-01 13:57:47.346] [opsi-client-agent] 1. IP: fd6a:5f0f:85ca:777 7::ac10:8f1
[3] [2024-05-01 13:57:47.346] [opsi-client-agent] Server (opsi.datatrak.lan) unreachable. Could not resolve FQDN to valid IP-Address.
and the name could not be resolved.
Is this the correct scenario in your environment?
Can the client reach the opsiserver on port 4447?
Kind regards,
bardo wolf
Thanks for the log-file opsi-client-agent.log.
The client gets an IPv4 address
[1] [2024-05-01 13:57:49.500] [opsi-client-agent] 192.168.xx.x - IP address
but the opsi-server has an ipv6 address in line 28/29
[6] [2024-05-01 13:57:47.346] [opsi-client-agent] 1. IP: fd6a:5f0f:85ca:777 7::ac10:8f1
[3] [2024-05-01 13:57:47.346] [opsi-client-agent] Server (opsi.datatrak.lan) unreachable. Could not resolve FQDN to valid IP-Address.
and the name could not be resolved.
Is this the correct scenario in your environment?
Can the client reach the opsiserver on port 4447?
Kind regards,
bardo wolf
OPSICONF 2024
https://opsi.org/en/opsiconf/
Basisworkshop Mainz :
17. - 20. 06. 2024
opsi support - uib gmbh
For productive opsi installations we recommend maintainance + support contracts which are the base of opsi development.
http://www.uib.de