FOS Questions
-
@ArtLong said in FOS Questions:
so i think if we can get the host to be locked into the UUID instead of the MAC then he will probably be in pretty good shape
Yeah good point here. We have had this discussion at length and even started to implement identifying clients via UUID instead of MAC address but only to find out that various machines (hardware and VMs) don’t play nicely and don’t use unique UUIDs. Some are like
000000-....The whole topic is kind of on hold as we didn’t come to a great solution for identfying the machines better than by MAC address - which is not perfect at all - we know! The issue is that we need to find a solution that will work right from the beginning of PXE booting where iPXE is used. It’s not enough to do the identifying later on when the Linux kernel is up and we have more options.
If you are keen to join in and get this topic ahead it would be great!!
-
@ArtLong I’m trying to collect some data on this issue. Do you have any non-Dell computers registered in FOG? I need to ensure that the non-dell computers (I have Dells on my campus) use the same smbios fields to see if we can come up with a solution to move away from the MAC references as system IDs.
-
@george1421 why rely on a single field? why not take a number of them (asset, serial, uuid, etc) pass them to fog via http request. fog can create a hash from the combined values, and that’s the unique identifier. manufacturers can be very inconsistent as to what they put in each field, but what matters is that we have something unique to associate with the hosts. the hash of a set of the info would be unique.
-
@Junkhacker Actually we are thinking the same exact thing. What I’m trying to collect is SMBIOS values to find the “device” unique values to string together. It looks like iPXE already support 90% of the fields we need. I think I can add the additional fields to iPXE but I’m not a C programmer. I can mimic coding, but not originate.
Ideally we want to string together a few value added fields and then create a sha1 hash from that string.
I have a POC code sample here.
sserial=`dmidecode -s system-serial-number | tr -cd '\60-\176'`; sserial+=`dmidecode -s baseboard-serial-number | tr -cd '\60-\176'`; sserial+=`dmidecode -s chassis-serial-number | tr -cd '\60-\176'`; sprod=`dmidecode -s system-product-name | tr -cd '\60-\176'`; sprod+=`dmidecode -s baseboard-product-name | tr -cd '\60-\176'`; sman=`dmidecode -s system-manufacturer | tr -cd '\60-\176'`; sman+=`dmidecode -s baseboard-manufacturer | tr -cd '\60-\176'`; sman+=`dmidecode -s chassis-manufacturer | tr -cd '\60-\176'`; sasset=`dmidecode -s baseboard-asset-tag | tr -cd '\60-\176'`; sasset+=`dmidecode -s chassis-asset-tag | tr -cd '\60-\176'`; echo -n "${sserial}${sprod}${sman}${sasset}" | sha1sum | awk '{print $1}';So I’m collecting system samples from fog inventory to see if all of these fields are necessary, that is what I’m really after. So far I have Dell and HP examples and both ARE device unique just on the uuid field. The problem is not all hardware manufacturers use the uuid field.
-
@george1421 i would think it would be sufficient to have a hash of ${serial} ${asset} ${manufacturer} ${product} ${uuid} would be unique (i’ve never seen a manufacturer leave them all blank, and others like MAC can potentially change)
one option is, we could use them all, in a way
we could store them like we store multiple mac addresses, but have fog check the database on new host registration for duplicate identifier data in the database and invalidate those values as “unique” identifiers -
@Junkhacker I’m not a programmer to be able to help much here…but a few weeks ago we had a microsoft rep come down to try and help our district IS dept with a roll out of intune. In looking at the various ways to bind the machines for provisioning they had a powershell script that grabbed the serial, windows product id, and the machine hash that you then import into intune so the device can be provisioned…I would think this would be something unique to each machine despite vendor. The powershell script name is Get-WindowsAutoPilotInfo.ps1 …If you look for that file on google yourll find all the articles about it. Here is one of the articles. They dont go into much detail other then they use wmi to gather the info. This file is the content of the ps1 file.
-
@ArtLong What brand of systems do you have on your campus? I have the details for Dell and HP. If you have other manufacturers, I’d be interested in getting some details.
-
@george1421 here at my Campus on the PC side its all Dell. In the past 5 years we’ve gone from being a 60/40 Windows/mac shop to a 90/5/5 Chromebook/Windows/Mac shop. Vendor for PC’s is Dell, Vendor for Chromebooks is Acer…Although I did just submit a purchase request for 4 teachers that are going to get the MS Surface Pro 6.
At our other campuses on the Windows Laptop side they do have Acer and Toshiba laptops in addition to the Dell’s. I’ve just kept my stuff all dell here.
-
@ArtLong Have you registered these non-Dell computers with FOG? If so I’d be interested in the outputs from Acer and Toshiba. If you don’t have them currently registered in FOG, no worries. Come to think if it, I have a Surface Pro someplace around here. I’ll need to collect that inventory data too.
-
@george1421 No unfortunately I dont have an available to me to test.
