Skip navigation
All Places > Snow Product Hub > General Licensing Forums > Blog > Authors jorge.pascua

General Licensing Forums

4 Posts authored by: jorge.pascua Employee

Hi comminuty,

 

This days have appeared new ideas in the Snow Ideas Board .

 

I've seen one that demand the functionality to share Snow boards in the same way we can do for Reports (see Sharing Snowboards)

 

I received this request from one customers, so I temporally applied the following workaroud:

 

Go to the SnowLicenseManager.dbo.tblSnowboard table and execute the following sentence:

 

SELECT [CID]
,[UserID]
,[SnowboardID]
,[WorkCopyForSnowboardID]
,[Name]
,[CreatedDate]
,[UpdatedDate]
FROM [SnowLicenseManager].[dbo].[tblSnowboard]

Where CID = <CustomerCID>

 

 

Document the original UserID assigned for the SnowBoard you want to share (in the example 1. This will required to restore the previos state if you need to modify the Snowboard again), and take the SnowboardD that identify you Snowboard from the result list, and execute the following sentence:

 

Update [SnowLicenseManager].[dbo].[tblSnowboard]
set UserID=0
Where SnowboardID ='6ED76EA3-7875-4238-963F-0E4F40096F30'

 

The UserID=0 means that the SnowBoard will be shown for all users.

NOTE: The known limitation after apply this workaround is that you'll need to assign the UserID to the previous UserID if you want to edit it again. 

 

Hope this help meanwhile.

 

Best,

Jorge

Hi community,

 

Some of our partners and customers are suffering the consequences of their IT governance policies that allow final users having administrative privileges.

 

This is a regular practice at consulting companies. For example: the consultants roles, especially IT Consultants, need extra privileges to install additional applications when they're assigned in a customer case, service or project.

 

Ok, we've got two problems here:

  • The first one, is that some people from our company have applications from the customer side, and some times this means a compliance risk.
  • And the other one is directly related with a security risk: the users can install applications on demand, non approved by IT department, or even uninstall applications.

 

Yes, I know you know that SLM offers differents ways to report this risks, like Black Listed Applications or Compliance summary report.

 

But, what happen when a user uninstall the Snow Agent?

Or what happen when a user delete some support scripts from the Snow Agent folder?

How can I identify users with admin privileges?

 

For the Snow Agent uninstallation issue, you can use ootb reports to list the status of the reported computers.
If a computer that you know that is alive is moved to quarentine pool, you must start to investigate. Some computer might have connectivity issues (ports, firewall blocking, etc), but this uses to affect massively to your computers (VLANs, Sites, etc)

NOTE: You can take a look of this post, discussing about how to hide the Snow Inventory Agent application from the Control Panel - Add / remove programs section

Windows agent 5.x.x - hide from add/remove programms

 

To identify if a user has deleted support files or not, we've been working with a customer to create a custom report to show exceuted PS scritps during the agent scan. This could be usefull to determine is some of those scripts are failing or ara missing from the agent side.
This is the result:

 

In same way, we've defined also a report and a signed PS script to collect local users and groups info from the computer.
This is the result:

 

So, if you find yourself suffering this issues, don't hesitate to contact your local Snow representative to support you with this.

 

BR,
Jorge

Hi community,

 

Continuing the "How to" series (started with the How to: Using Snow Inventory Agent to collect registry values post), it's time to show you how to consume the collected info.

 

First, let see the result from SLM UI

Ok, lets see the report definition:

 

DECLARE @NAME NVARCHAR(MAX) = 'Customer Custom Registry Info'

DECLARE @uid uniqueidentifier = (SELECT NEWID())

DECLARE @Description NVARCHAR(MAX) = 'Report on Custom Registry Info'

DECLARE @ColumnList NVARCHAR(MAX) = 'ComputerID,HostName,Domain,Hierarchy,LastScanDate,LastModified,Contact,InstallDate,RegistryKey,Name,LastModifiedBy,Version'

DECLARE @ColVis NVARCHAR(MAX) = '-1,1,1,1,1,1,1,1,1,1,1,1'

DECLARE @KeyFieldName NVARCHAR(MAX) = 'ComputerID'

DECLARE @RowTargetLink NVARCHAR(MAX) = 'Computer.aspx?id='

DECLARE @SQL NVARCHAR(MAX) = '

SELECT

DISTINCT tc.ComputerID as [ComputerID],

tc.HostName as [HostName],

tc.Domain as [Domain],

tco.Hierarchy as [Hierarchy],

tc.LastScanDate as [LastScanDate],

LastModified as [LastModified],

Contact as [Contact],

InstallDate as [InstallDate],

piv.KeyName as [RegistryKey],

Name as [Name],

LastModifiedBy as [LastModifiedBy],

Version as [Version]

FROM (

SELECT

tcr.KeyName,

tcr.ComputerID,

tcr.CID,

tcr.ValueName,

tcr.ValueData

FROM

tblComputerRegistry tcr

WHERE

tcr.KeyName = ''HKEY_LOCAL_MACHINE\SOFTWARE\CustomerCustomInfo\MasterImage''

and tcr.CID = {0}

) src

pivot

(

MAX(ValueData)

for [VaHope lueName] in ([Contact],[InstallDate],[LastModified],[Name],[LastModifiedBy],[Version])

) piv

INNER JOIN tblComputer tc

ON tc.ComputerID = piv.ComputerId

LEFT JOIN tblComputerInfo tci

ON tci.ComputerID = tc.ComputerID

INNER JOIN tblsystemuserorgdefinition def

ON def.cid = tc.cid

AND def.userid = {1}

AND def.orgchecksum = tci.orgchecksum

LEFT JOIN tblOrganization tco

ON tco.OrgChecksum = tci.OrgChecksum

WHERE tc.cid = {0}

ORDER BY Hostname, RegistryKey desc'

 

DELETE from tblReport

Where Name like @NAME

 

INSERT INTO tblReport (ReportID, StockReport, IsCustomReport, ReportType, ViewName,

Name, Description, SQLQuery, ColumnList, ColumnVisibility, KeyFieldName, RowTargetLink)

VALUES (@uid, 0, 1, 1 , 'QUERYBUILDER', @NAME, @Description, @SQL, @ColumnList, @ColVis, @KeyFieldName, @RowTargetLink)

 

According to the the structure of the registry info:

we need to get the registry values for the registry path HKEY_LOCAL_MACHINE\SOFTWARE\CustomerCustomInfo\MasterImage.

 

This is done with the filtering in conjunction with pivot statement:

WHERE

tcr.KeyName = ''HKEY_LOCAL_MACHINE\SOFTWARE\CustomerCustomInfo\MasterImage''

and tcr.CID = {0}

) src

pivot

(

MAX(ValueData)

for [ValueName] in ([Contact],[InstallDate],[LastModified],[Name],[LastModifiedBy],[Version])

) piv

 

NOTE: You can see a detailed how to create SQL Reports in SLM in this post Adding custom SQL reports in Snow License Manager from my colleague mark.potts.

 

Done! You just created a custom report to show collected registry values during the Snow Inventory scan!

 

Hope you'll find this usefull. See you on the next "How to" post!

 

Jorge.

Dear community,
Today, I've woke up with the intention of create a HOW TO serie for partners and customers

The idea begin after this conversation:

 

JPP: Did you know you can configure the Snow Inventory Agent's default behavior to colect data from the registry?

Cutomer / partner: Oh wait, what??

JPP: Yes, you can... Let me show you how.

 

I'm going to start with a simple (but usefull) way to collect extra data from our computers: read from Windows registry.

Yep, I know that some of you already know this, but let´s show how to do it to the rest of the world

Registry data structure

In my example, the data in registry is structured as follows:

It could be a real scenario, where we are working with Master Images, and we need to identify how many computers have the latest one implemented and which ones have a pending migration.

  • Main registry path
    • HKEY_LOCAL_MACHINE\SOFTWARE\CustomerCustomInfo\
  • Registry path with the desired data:
    • HKEY_LOCAL_MACHINE\SOFTWARE\CustomerCustomInfo\MasterImage

Configure the Snow Inventory Agent to gather registry values

Once we have created the registry paths, keys and values, we have to modify the snowaget.config file.

By default, this file is present under the %programfiles%\Snow Software\Inventory\Agent path:

Include the Registry section in the snowagent.config file:

 <Registry recursive="true">
   <Query>
      <Key recursive="true">HKEY_LOCAL_MACHINE\SOFTWARE\CustomerCustomInfo\MasterImage</Key>
         <Value>Contact</Value>
         <Value>InstallDate</Value>
         <Value>LastModified</Value>
         <Value>LastModifiedBy</Value>
         <Value>Name</Value>
         <Value>Version</Value>
   </Query>
</Registry>

And then, execute a scan (snowagent.exe scan). when finished, a snowpack file will appear under data folder

The Snow Software employees have access to an internal tool that allow to inspect the content of that file, so let's check the collected registry keys data:

Great, here it is!

Now, execute a send command (snowagent.exe send). The Snow Agent will send the SnowPack file (computer inventory file) to the Snow Inventory server, where it'll be processed.

Check the results in Snow Inventory and SLM database

As soon as the SnowPack is processed, you'll be able to check the results on the Snow Inventory server. Open the SMACC, go to Devices and search for your computer:

Also, you can query the DataCustomRegKey table from the SnowInventory database:

As well as the tblComputerRegistry table from the SnowLicenseManager database:.

NOTE: To check the result on SLM db, you have to wait for the DUJ execution.

 

Voila!! The Snow Inventory Agent is sending custom registry info to Snow Inventory and Snow License Manager.

 

Next How To:  Create SLM Report to show collected registry values (in progress)

 

Hope this help. See you soon!

 

Jorge