Registrations to Open-AudIT forums are now closed. To ask any new questions please visit Opmantek Community Questions.

Open-AudIT

What's on your network?
It is currently Tue Mar 19, 2024 8:08 pm

All times are UTC + 10 hours




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 10 posts ] 
Author Message
PostPosted: Sat Sep 22, 2007 1:57 am 
Offline
Newbie

Joined: Wed Sep 05, 2007 1:20 am
Posts: 23
Hi,

Why is it that some machines don't have a valid uuid, they report "FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF"?

I like to use: [code]uuid_type = "uuid"[/code]
Would it break anything if in case of missing UUID it would be generated from the mac address. Here's an example from microsoft: http://support.microsoft.com/kb/302467 (#Programmatically Determine NetbootGUID Value).

If it is OK to modify the UUID like that I could submit a patch myself. I just like to know whether this would cause any bad consequences down the chain.

Thanks!

Sorry if it has been discussed already, with search I get "The following words in your search query were ignored: ffffffff-ffff-ffff-ffff-ffffffffffff." :)


Top
 Profile  
Reply with quote  
PostPosted: Sat Sep 22, 2007 8:05 am 
I believe it would work great. I believe an invalid UUID can also be all zero's, not just all F's. Check that against the WMI docs. The only issue that could happen with this is that the order of network cards change or something like that, but that's less trouble than this currently is. I can't quite recall, but I seem to remember that we may handle the case of no UUID somewhere? Correct me if I'm wrong. In any case, submit a patch with your changes.


Top
  
Reply with quote  
PostPosted: Sun Sep 23, 2007 9:21 pm 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1964
Location: Brisbane, Australia
Check the audit.config file.
In there is a variable uuid_type.
This can be set to mac (for mac address), uuid (for the motherboard uuid) or name (for the systemname.domainname).
By default (on line 553 of audit.vbs) if a uuid is all F's (or a few other combinations - have a look), it should revert to systemname.domainname.

Mark.

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Mon Sep 24, 2007 3:51 am 
Offline
Newbie

Joined: Wed Sep 05, 2007 1:20 am
Posts: 23
[quote="Mark"]By default (on line 553 of audit.vbs) if a uuid is all F's (or a few other combinations - have a look), it should revert to systemname.domainname.


Cool! That's just it, I didn't notice that code. My problem was that I just don't like the systemname.domainname, so I replaced it with the mac version as per ms doc:

[code]
' Defaults below here account for oddities
if ((isnull(system_uuid) OR system_uuid = "") AND (system_model <> "") AND (system_id_number <> "")) then system_uuid = "00000000-0000-0000-0000-"&Replace(net_mac_uuid, ":", "") end if
if (isnull(system_uuid) OR system_uuid = "" OR system_uuid = ".") then system_uuid = "00000000-0000-0000-0000-"&Replace(net_mac_uuid, ":", "") end if
if system_uuid = "00000000-0000-0000-0000-000000000000" then system_uuid = "00000000-0000-0000-0000-"&Replace(net_mac_uuid, ":", "") end if
if system_uuid = "FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF" then system_uuid = "00000000-0000-0000-0000-"&Replace(net_mac_uuid, ":", "") end if
[/code]


Thanks a bunch!

Top
 Profile  
Reply with quote  
PostPosted: Fri Oct 02, 2009 5:13 pm 
Offline
Newbie

Joined: Wed Sep 05, 2007 1:20 am
Posts: 23
Hi again.

I understand implementing this change in openaudit now would create lots of duplicate entries in current installations so is infeasible.

However there's been talk about openaudit2. Are the unknown (ffff and 0000) uuid values there implemented as 0000+MAC or systemname.domainname? I rather prefer the MAC based solution.


Top
 Profile  
Reply with quote  
PostPosted: Sat Oct 03, 2009 9:37 am 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1964
Location: Brisbane, Australia
I don't have the code handy, but I'm pretty sure it's UUID+systemname+domainname.
All that does is determine if the system is unique.
All systems actually (in OAv2) have an incrementing unique ID column, in the database.
On the pages to show a system, you can input the unique ID (web pages link like this by default), or the MAC (any MAC on the system), or the system name.
for example, to show a suystem in the OAv2, the page could be called by
index.php/display_system/21 or
index.php/display_system/12345678 (mac address) or
index.php/display_system/systemname

FYI - I usually remove index.php with an Apache rule.

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Sun Oct 04, 2009 6:42 am 
Offline
Newbie

Joined: Wed Sep 05, 2007 1:20 am
Posts: 23
[quote="Mark"]I don't have the code handy, but I'm pretty sure it's UUID+systemname+domainname.
All that does is determine if the system is unique.

The problem I've had is that a domain migration or adding a PC to a domain changes it's name. Creating a new entry and making the old one obsolete. The MAC version works better. However, it's not really ideal either.

Top
 Profile  
Reply with quote  
PostPosted: Tue Oct 06, 2009 3:36 pm 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1964
Location: Brisbane, Australia
[quote]The problem I've had is that a domain migration or adding a PC to a domain changes it's name. Creating a new entry and making the old one obsolete. The MAC version works better. However, it's not really ideal either.


I appreciate that - but what can we use that does not change for a system ?
What we _should_ be able to use is the UUID of the motherboard. That's what it's for, but some OEM's do not actually fill this out. Hence, you can choose to use that (Dell and Lenovo for example use it "correctly"), or you can use systemname+domain or you can use MAC Address. Choose what's best for your environment. If none fit, apologies, but what can you suggest we do ?

UUID's are not correctly used by (some) manufacturer's.
System names change.
MAC Addresses change (particularly if they're VMware systems that have the VMware Tools upgraded).

(Please don't take the above as offensive - it's been a lloonngg day !!!) :-)

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Tue Oct 06, 2009 8:56 pm 
Offline
Newbie

Joined: Wed Sep 05, 2007 1:20 am
Posts: 23
[quote="Mark"]MAC Addresses change (particularly if they're VMware systems that have the VMware Tools upgraded).

(Please don't take the above as offensive - it's been a lloonngg day !!!) :-)

None taken. I had a look on the net and the suggestions were to use Bios and Baseboard SerialNumber property which are usually empty when the UUID is all zeroes of FFFF's anyway. Not much use.

I was wondering if some unique id could be obtained from Windows Genuine Advantage or whatever the hell the name of the anti piracy software is. If nothing else then that should have a unique id.

Top
 Profile  
Reply with quote  
PostPosted: Wed Oct 07, 2009 3:19 pm 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1964
Location: Brisbane, Australia
[quote]I was wondering if some unique id could be obtained from Windows Genuine Advantage or whatever the hell the name of the anti piracy software is. If nothing else then that should have a unique id.


If we could get that info - might be an option. Will see what I can find out. Only concern would be "ghosted" machines with Corporate licenses... not sure there.

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 10 posts ] 

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group