Re: Enable inventory of bitlocker drive status
- From: Sherry Kissinger [MVP-SMS] <mofmaster@xxxxxxxxxxxxx>
- Date: Tue, 6 Nov 2007 04:59:01 -0800
If you'd like, please email me (mofmaster [at] smsexpert [dot] com) your
sms_def.mof -- the one you are trying to get to work -- and I'll see if I can
spot what's causing it to be triggered as a bad mof.
--
Standarize. Simplify. Automate.
"Christoffer Bennerstedt" wrote:
Well, sorry still missing the icing, when running mofcomp sms_def.mof it.
looks fine (even ran mofcomp -check sms_def.mof), but when i check the
SMS_INVENTORY_DATA_LOADER it reports the following error:
SMS Inventory Data Loader failed to compile
F:\SMS\inboxes\clifiles.src\hinv\sms_def.mof. The failing MOF file has been
moved to F:\SMS\data\hinvarchive\sms_def.mof.bad.bak, and the last
successfully compiled version has been restored.
And now, the Hardware inventory cycle has gone missing again (locally on all
clients)...
So, i'm back at square one trying to repair the hardware inventory agent
again.
"Kim Oppalfens [MVP]" <""Kim dot Oppalfen" wrote:
Christoffer Bennerstedt wrote:
Hi all,
Great news, all is working again, thank you all for suggestions/tips.
What i ended up doing was, first to restart our server just in case, i then
discovered after a restart that there were problems with starting the
SMS_EXECUTIVE service, it actually crashed. I also discovered in event viewer
some access alerts about the IIS IWAM account complained about DCOM access to
the SMS Agent Host and another one. Do not know if they were related but i
fixed those as well.
I then disabled the Hardware client agent, waited a couple minutes as
suggested and checked sitectrl.log file, then enabled it, and soon enough the
Hardware inventory Cycle is back into the clients :)
Thanks!
"Sherry Kissinger [MVP-SMS]" wrote:
A couple troubleshooting things I can think of to try; just to monitor the
changes. Open up (using trace32.exe) the sitectrl.log at the server.
Disable, at the console, Hardware Inventory. Monitor sitectrl.log to see
that a a new sitecontrol file was processed successfully. You should also
notice a line regarding "Client Component item named Hardware Inventory
Agent"... has been modified. Do not re-enable it yet. Wait a minute or two;
then at a client do a couple of hardware policy refreshes, while watching the
client's policyagent & policyevaluator log files. You're looking for the
client to pick up a {some random characters} policy. If you do get a new
{whatever} policy, it's an indication that the client is successfully getting
policies from the MP. Back at the console, re-enable Hardware Inventory.
The next troubleshooting thing (assuming you've passed the above) is you
were wondering if by messing with sms_def.mof, you may have inadvertently
broke hardware inventory. Usually, if the sms_def.mof dropped in
inboxes\clifiles.src\hinv isn't valid, SMS will automatically reject it and
restore the last known good one. Perhaps the one you have in there right now
though, is bad. Don't worry; some backups are kept for you. On the server,
sms\data\hinvarchive are some backups of sms_def.mof . Try replacing your
(possibly bad) .mof in \inboxes\clifiles.src\hinv with one of the
sms_def.mof.bk? files--which should be a known good one. Monitor dataldr.log
when you drop in the restored sms_def.mof.
For paranoia, if it were me, I'd at least stop/start the SMS services. I
might even do a site reset. Then on a client (about 15 minutes after the
site reset was done) policy refreshes, monitoring policy*.log,
inventoryagent.log,
Good luck!
--
Standarize. Simplify. Automate.
"Christoffer Bennerstedt" wrote:
I did check that before, but it is still enabled. I even tried to disable and
re-enable the agent in the SMS console.. but no luck
"Kim Oppalfens [MVP]" <""Kim dot Oppalfen" wrote:
Christoffer Bennerstedt wrote:
Yes, every one of our clients are all of a sudden missing the "Hardware
Inventory Cycle" on the action tab.
And yes, our site code is listed on the advanced tab, we can still advertise
programs to clients without problems.
And i've tested the MP Troubleshooter tool, all tests ran without any
problems..
I am now clueless what more i should check or try :(
"Garth" wrote:
So in the control panel there is no "Hardware Inventory Cycle" on the Action
Tab?
On the Advanced Tab, is your site code listed?
To test your MP, download the Systems Management Server 2003 Toolkit 2
http://technet.microsoft.com/en-us/sms/bb676787.aspx and use MP
Troubleshooter.
"Christoffer Bennerstedt" <ChristofferBennerstedt@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote in message news:BC028845-A44E-4D6F-98F6-FCBCD895F0C5@xxxxxxxxxxxxxxxx
Hi,
that snip was from my last successful HW inventory, my computer has not
sent
any HW inventory since then (when looking in SMS db, my last HW inventory
was
at that time 2007-10-24), and i believe at that time, i lost the Hardware
inventory cycle action in my systems management tab in control panel.
And looking at other clients they have the same scenario.
I also tried a fresh computer, installed the SMS client, and it does not
get
the HW inventory cycle action either.
And, i have also tried to disable and re-enable the Hardware Inventory
Agent
in the SMS Console but nothing happened.
How can i confirm MP is sending HW info to site server? (by the way, they
are running on the same server)
"Garth" wrote:
From this log snip-it, it does state that you are indeed sending the HW
inventory back to you MP.
What is the last hardware scan date for this PC within the SMS db?
Have you confirmed that the MP is send HW info back the the site server?
"Christoffer Bennerstedt"
<ChristofferBennerstedt@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote in message
news:1B2A58A4-5093-476E-8F22-62F14235F348@xxxxxxxxxxxxxxxx
This is from my own Inventoryagent.log, this snippet is from my last
hardware
inventory cycle, the interesting bit is the last row, i see that row on
any
client i check:
Inventory: 10 Collection Task(s) failed. InventoryAgent 2007-10-24
10:10:40 5228 (0x146C)
Inventory: Temp report =
C:\Windows\system32\CCM\Inventory\Temp\992f167e-1f7f-4990-b819-655ed985268d.xml
InventoryAgent 2007-10-24 10:10:40 5228 (0x146C)
Inventory: Starting reporting task. InventoryAgent 2007-10-24 10:10:40
8240
(0x2030)
Reporting: 7 report entries created. InventoryAgent 2007-10-24 10:10:40
8240
(0x2030)
Inventory: Reporting Task completed in 0.390
seconds InventoryAgent 2007-10-24 10:10:40 8240 (0x2030)
Inventory: Successfully sent report. Destination:mp:MP_HinvEndpoint,
ID:
{A30D31D4-F84E-4901-87D4-71BBE5028584}, Timeout: 80640 minutes MsgMode:
Not
Signed, Not Encrypted InventoryAgent 2007-10-24 10:10:40 8240 (0x2030)
Inventory: Cycle completed in 44.086 seconds InventoryAgent 2007-10-24
10:10:48 8240 (0x2030)
Inventory: Action completed. InventoryAgent 2007-10-24 10:10:48 8240
(0x2030)
Inventory: ************************ End of message processing.
************************ InventoryAgent 2007-10-24 10:10:48 8240
(0x2030)
Inventory: *********************** Start of message processing.
*********************** InventoryAgent 2007-10-24 10:23:11 7276
(0x1C6C)
Inventory: Message type is PolicyChange InventoryAgent 2007-10-24
10:23:11 7276 (0x1C6C)
"Garth" wrote:
It could be have you looked at any of the affected clients
InventoryAgent.log to see if there are any error messages?
"Christoffer Bennerstedt"
<ChristofferBennerstedt@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote in message
news:35FAE6D6-F229-463E-856F-952DDCDFB582@xxxxxxxxxxxxxxxx
Hi again,
Sorry for late answer, but i've been away.
Anyway, i've tried adding your suggestion, however a strange thing
has
happened, on all our clients (mixed XP and Vista right now) they are
missing
the Hardware inventory cycle. Our machines are no longer reporting
hardware,
even though it is still enabled in the SMS Console (haven't touched
my
settings there)
Is this related to my messing with the sms_def.mof?
What can i check to see what is wrong, or how can i correct this?
Help :(
// Christoffer
"Kim Oppalfens [MVP]" <""Kim dot Oppalfen" wrote:
Christoffer Bennerstedt wrote:
Hi Kim,Ok took a closer look at your additions, try this:
Thanks, i have tried adding the following to my sms_def.mof, but
when
compiling with mofcomp on my SMS-server i get Error Number
0x8004100e,
description: Invalid Namespace
Which i understand, because on the SMS server, that namespace is
non-existant since it's an Win2k3 server..
Added:
#pragma namespace
("\\\\.\\root\\cimv2\\security\\MicrosoftVolumeEncryption")
[ SMS_Report (TRUE),
SMS_Group_Name ("Bitlocker Info"),
SMS_Class_ID ("BITLOCKER") ]
class Win32_EncryptableVolume : SMS_Class_Template
{
[SMS_Report (TRUE) ]
string Driveletter;
[SMS_Report (TRUE) ]
uint32 GetProtectionStatus;
[SMS_Report (TRUE) ]
uint32 GetEncryptionMethod;
[SMS_Report (TRUE), key]
uint32 GetConversionStatus;
[SMS_Report (TRUE), key]
uint32 GetKeyProtectors;
};
"Kim Oppalfens [MVP]" <""Kim dot Oppalfen" wrote:
Christoffer Bennerstedt wrote:
Hi,To take a look at bitlocker you need to use this namespace:
How do i enable taking inventory from Vista-clients to see if
their
systemdrive is protected with bitlocker?
I guess i have to add the namespace to the sms_def.mof file on
our
SMS
server and compile it?
Is this the namespace i should add:
\\.\root\CIMv2\Security\MicrosoftVolumeEncryption
btw, we're running SMS SP3
Thanks
\\.\root\cimv2\security\MicrosoftVolumeEncryption
and the class is Win32_EncryptableVolume.
--
"Everyone is an expert at something"
Kim Oppalfens - Sms Expert for lack of any other expertise
Windows Server System MVP - SMS
http://www.blogcastrepository.com/blogs/kim_oppalfenss_systems_management_ideas/default.aspx
//---------------------------
// SMS Advanced Client State
//---------------------------
#pragma namespace ("\\\\.\\root\\cimv2\\sms")
// Declare the sms delta/reporting class for advanced client
components
[ SMS_Report (TRUE),
SMS_Group_Name ("Bitlocker info"),
Namespace
("root\\\\cimv2\\security\\MicrosoftVolumeEncryption"),
SMS_Class_ID ("MICROSOFT|BITLOCKER|1.0") ]
class Win32_EncryptableVolume : SMS_Class_Template
{
[SMS_Report (TRUE) ]
string Driveletter;
[SMS_Report (TRUE) ]
uint32 GetProtectionStatus;
[SMS_Report (TRUE) ]
uint32 GetEncryptionMethod;
[SMS_Report (TRUE), key]
- Follow-Ups:
- Re: Enable inventory of bitlocker drive status
- From: Sherry Kissinger [MVP-SMS]
- Re: Enable inventory of bitlocker drive status
- References:
- Re: Enable inventory of bitlocker drive status
- From: Garth
- Re: Enable inventory of bitlocker drive status
- From: Christoffer Bennerstedt
- Re: Enable inventory of bitlocker drive status
- From: Garth
- Re: Enable inventory of bitlocker drive status
- From: Christoffer Bennerstedt
- Re: Enable inventory of bitlocker drive status
- From: Kim Oppalfens [MVP]
- Re: Enable inventory of bitlocker drive status
- From: Christoffer Bennerstedt
- Re: Enable inventory of bitlocker drive status
- From: Sherry Kissinger [MVP-SMS]
- Re: Enable inventory of bitlocker drive status
- From: Christoffer Bennerstedt
- Re: Enable inventory of bitlocker drive status
- From: Kim Oppalfens [MVP]
- Re: Enable inventory of bitlocker drive status
- From: Christoffer Bennerstedt
- Re: Enable inventory of bitlocker drive status
- Prev by Date: Re: Enable inventory of bitlocker drive status
- Next by Date: Re: Enable inventory of bitlocker drive status
- Previous by thread: Re: Enable inventory of bitlocker drive status
- Next by thread: Re: Enable inventory of bitlocker drive status
- Index(es):
Relevant Pages
|
Loading
