I've discovered through asking questions during ManageFusion and working Inventory support issues that not much is known concerning Inventory Solution's User Inventory. Many don't use the data, and that may be in part because not much is said on what the data is and where it comes from. This article will attempt to show how User Inventory operates, where the information comes from, and how we capture the information.
User Inventory is composed of two main items. We have Exchange Plus, or AeXExchPls.exe. To understand the naming convention, I've expanded the name: Altiris eXpress Exchange Plus. Thus A-eX-Exch-Pl-s. This is considered the main component of User Inventory. The less-known component of User Inventory is Machine Plus, or AeXMachInv.exe. There are certain OS related Inventory parts of this item that are user-specific. We'll cover how this works later.
Exchange Plus
As the name suggests, this Inventory Agent uses Microsoft's Exchange to obtain user related information. This also means that we are not accessing the local user profiles on systems that run this agent. For example:
- User Inventory
- Scans for Microsoft Exchange contact details and mail profile
- Scheduled to run daily
- Sends only changes in the inventory to Notification Server
Most data is gathered via Exchange Profiles via Microsoft Outlook or Outlook Express.
Associated Files
Some Inventory Agents use auxiliary files for settings, etc. Exchange Plus does have a configuration file. All associated Exchange Plus files are listed here, including a description of their use:
- AeXExchPls.exe - The main User Inventory executable, or "Agent"
- ExchPls.ini - The configuration file for this Inventory Agent
The EXE contains the code that executes the functions that capture the User data. The INI configuration file contains details on the MAPI calls that we make in order to format the data correctly. A sample of an entry in this file is shown here:
[Exch EMail Property.1]
# PR_DISPLAY_NAME
Attribute Tag = 0x3001001E
Attribute Name = Exchange Display Name
Attribute ID = 2
If you are familiar with how Exchange operates, this file can be adjusted or added to if so desired. Generally, it is not recommended to edit this file. Make sure to create a backup if you wish to attempt this.
Data Process
Exchange Plus uses the following process to capture Exchange data from client systems. This process will determine if and what data will get captured.
- Normally the User Inventory Tasks run under the Logged-on User account. While not required for most data points, some user-based information is unavailable if we're running under a different account than the logged-on user's.
- This is controlled in the Altiris Console under View > Inventory Solution > Tasks > Windows > Inventory Tasks > select one of the user inventory tasks (Recreate User Inventory, User Inventory).
- Click on the Go To Program link in the right-hand pane.
- In the bottom-half of the Programs tab view there's a 'Run with rights:' option. Logged in user should be selected for the User Inventory tasks (NOTE: This is necessary for both the Exchange Inventory and the Machine User-based OS Inventory).
- ExchPls Uses the following registry location to fetch email profiles: HKEY_LOCAL_MACHINE > Software > Client > Mail > Microsoft Outlook.
- The agent then opens the Default Microsoft Outlook profile, which is a prerequisite to enable this entire process to capture data.
- If outlook isn't present, or if the Default Profile isn't setup, it finishes and does not collect any data (This is the same with Outlook Express). This will not fail the task, but will simply have AeXExchPls.exe exit.
- If Default profile is not the default, it temporarily makes it the default one for the duration of Exchange Plus' execution. There have been no known issues with this approach (for those who may become concerned).
- The agent then proceeds to log into the Default Outlook Profile. This gives access to the Exchange Users who have logged onto this system.
- After all these steps, the agent then Fetches data via Mapi calls for the Logged on User Profile (and others if access to them are available).
- The data is collected in the User NSIs (see the following section labeled NSI Configuration).
- After all data has been captured, the agent logs out of the Default Outlook Profile, switches the default back to the original (if it had to change what account was the default, it will change it back to the original, leaving the system in the proper state).
- Exchange Plus then exits as complete.
Other Exchange Plus details
The following details can assist when using Exchange Plus. For the most part Exchange Plus invisibly captures necessary data as part of the Inventory process, but at times we'll have data problems on one or more systems, and the following items can assist in these scenarios.
Command line Arguments
Command line arguments allow flexibility in how an executable executes. While Exchange Plus doesn't have many arguments, the following are available.
The common command-line usage sample appears as such:
AeXExchPls [/?] [/hidden] [/dd] [/Debuglog] [/output format] [/o path]
The following reveals the available command line arguments including a description of their use:
- /? - This shows the command line usage message. Please note that this switch cancels all other command line arguments. In other words only the help message will appear.
- /hidden - Run without the dialog box output (or any screen output). This is the default for most Inventory Tasks, however Inventory Tasks are also usually marked has hidden so this is only useful if the entire Inventory Task is set to run in visible mode. This includes the following steps:
- Remove the /s and /hidden switches from the Program command line that executes the Inventory Task
- Set the Starting Window within the Program to 'Normal'.
- In the Program, check the box 'User Input required'.
- /dd - Delayed Dismiss of the Output screen. This is useful when you want to see the finished status within the AeXExchPls.exe UI (see the following section on said UI for details).
- /Debuglog - Write Trace debugging messages to the local log file ExchPlsDebug.log . This log is only created when Exchange Plus is run in visible mode. This file will be found under C:\.
- /output format - Format can be xml, mif, or both. The default format if nothing is specified is XML (NSI format specifically).
- /o path - Use path as the output path for the NSI file. This switch is ignored unless the switch /output format is used to specific the NSI type (MIF, XML, or both).
AeXExchPls.exe UI
Exchange Plus does contain a limited UI to view if Exchange Plus is not performing correctly and you want to watch the execution. You can execute it via a command line and not including the default switch of /hidden. The UI should appear like this:
The important fields to reference are as detailed below:
- Profiles audited: X - This field will tell you how many user Exchange profiles were inventoried during the scan. This can include the logged-in user and anyone else who has a profile on the system.
- Present Status: X - This field profiles you a message of the current operation. Normally the execution is very quick, but if there are issues this may give us information into what is occurring.
- Exch Plus version: X - This can be important as this version should match what is installed for Inventory Solution on the Notification Server.
- Elapse time [hh:mm:ss]: xx:xx:xx - This indicates how long the execution took.
Machine Inventory
Machine Inventory provides the core of our Hardware and Operating System data. Most of this data is captured via WMI calls. To provide what data points are user-specific, I'll refer to one of the Machine Inventory configuration files. This INI contains all the data classes that are user-specific. The file, named MachInvAdm.ini, shows the following data classes:
AeX EU Logon Users
AeX EU Results
AeX OS Results
AeX OS User Profiles
AeX OS Desktop
AeX OS Internet Explorer
This file shows the excluded data classes used by the non-user executions of Machine Inventory. The file MachInvUsr.ini contains the opposite, or those data classes that are not user specific. Thus the specific details gathered are:
- Logon Users - Who logs on to the system, etc...
- User Profiles - This is the Operating System-based user profiles, not the Exchange User profiles.
- Desktop - Details about the user's desktop.
- Internet Explorer - The settings etc for the specific user and Internet Explorer
One important note is that we can only have 1 user's details on the above data points. This is a limitation at this time, which has been addressed in version 7.
Data Organization
How the data is transmitted is used by all the Inventory subagents. First, both Exchange Plus and Machine Inventory write the data to NSI files located at: C:\Program Files\Altiris\eXpress\Inventory. For User Inventory each NSI is named by the name of the data class.
In a basic Inventory Solution view, the data classes are named using the following convention:
- Aex HW * - Hardware classes
- Aex SW * - Software classes
- Aex OS * - Operating System classes - Some User-based OS Inventory is fetched via AeXMachInv.exe
- Aex EU * - Exchange User classes - All data for these are captured by AeXExchPls.exe
- *_Common - These data classes are used for split data classes.
So, for example, the NSE for OS Internet Explorer is named: AeX OS Internet Explorer.nsi. The tables are similarly named:
- Inv_Aex_HW_* - Hardware tables
- Inv_Aex_SW_* - Software tables
- Inv_Aex_OS_* - Operating System tables
- Inv_Aex_EU_* - Exchange User tables
- Cmn_*, *_spt - Common and split tables from normalization
For tests, when one of the agent is run via the command line the NSIs are created in the above specified location, so the NSIs can be checked for data, etc.
Conclusion
Hopefully this helps you understand how we capture our User data for Inventory Solution. While configuration is limited, this also provides methods of how to troubleshoot issues concerning the User Inventory.