Again on the inventory rules, the sub agents and policies driven them - client side.
ludovic_ferre
November 6th, 2009
So after we reviewed the inventory rules in the last post, today we are going to look at the registry entries on the client that drive the various PMS inventory components and policies.
So let's look at an extract of some interesting registry keys (from my test systems):
[HKEY_LOCAL_MACHINE\SOFTWARE\Altiris\Altiris Agent\InventoryRuleAgent\InventoryRule\Policies\{06D80F00-9D63-4714-ACD7-CE980E8C139A}]"Interval"=dword:000000f0"OnlyReportInventoryIfChanged"=dword:00000001"SendInventorySummary"=dword:00000000"DoNotRunInventory"=dword:00000000"ImpersonateInteractiveUser"=dword:00000000"GS"="VBOX-ATRS1""SG"="{06D80F00-9D63-4714-ACD7-CE980E8C139A}""Name"="Default Microsoft Vulnerability Analysis Policy""Hash"="MdcquTeunMeC4zX/VirSgQ==""LastWakeup"=hex:e7,d5,c4,b3,6e,97,e3,40,00,00,00,00"LastInventoryHash"="pRUooqcCkp8ZRj+6TrQm1Q==""PolicyHasChanged"=dword:00000000"InventoryLastSent"=hex:4c,5d,6e,7f,51,97,e3,40,00,00,00,00[HKEY_LOCAL_MACHINE\SOFTWARE\Altiris\Altiris Agent\InventoryRuleAgent\InventoryRule\Policies\{4465D56A-96C3-47D4-BD71-A128CBC887F0}]"Interval"=dword:000000f0"OnlyReportInventoryIfChanged"=dword:00000001"SendInventorySummary"=dword:00000000"DoNotRunInventory"=dword:00000000"ImpersonateInteractiveUser"=dword:00000000"GS"="VBOX-ATRS1""SG"="{4465D56A-96C3-47D4-BD71-A128CBC887F0}""Name"="Default Microsoft Software Inventory Policy""Hash"="lJ0RGCvtqxfJRpJizqUmgA==""LastWakeup"=hex:ad,73,e5,c1,6e,97,e3,40,00,00,00,00"LastInventoryHash"="tQgtyfdBEF0hCcdugsYPEw==""PolicyHasChanged"=dword:00000000"InventoryLastSent"=hex:da,40,a7,8d,51,97,e3,40,00,00,00,00[HKEY_LOCAL_MACHINE\SOFTWARE\Altiris\Altiris Agent\InventoryRuleAgent\InventoryRule\Policies\{BEF25806-58DC-43B4-ABF7-F0B0C0F898B0}]"Interval"=dword:00000078"OnlyReportInventoryIfChanged"=dword:00000000"SendInventorySummary"=dword:00000001"DoNotRunInventory"=dword:00000000"ImpersonateInteractiveUser"=dword:00000000"GS"="VBOX-ATRS1""SG"="{BEF25806-58DC-43B4-ABF7-F0B0C0F898B0}""Name"="Default Windows Software Release Inventory Policy""Hash"="UBYZ0N/sNeu4ML1iFhydkQ==""LastWakeup"=hex:c4,be,63,73,71,97,e3,40,00,00,00,00"LastInventoryHash"="""PolicyHasChanged"=dword:00000000"InventoryLastSent"=hex:c4,be,63,73,71,97,e3,40,00,00,00,00[HKEY_LOCAL_MACHINE\SOFTWARE\Altiris\Altiris Agent\SW Inventory Agent\WindowsOSInventory\Policies\{AEDB5139-34C0-49F3-AE7D-72C08DD2F84A}]"Interval"=dword:00000078"OnlyReportInventoryIfChanged"=dword:00000000"SendInventorySummary"=dword:00000001"GS"="VBOX-ATRS1""SG"="{AEDB5139-34C0-49F3-AE7D-72C08DD2F84A}""Name"="Default Windows OS Inventory Policy""Hash"="l/NFMkQmkuE1341kvxTbVg==""LastWakeup"=hex:2a,30,8b,fb,73,97,e3,40,00,00,00,00"LastInventoryHash"="""PolicyHasChanged"=dword:00000001"InventoryLastSent"=hex:2a,30,8b,fb,73,97,e3,40,00,00,00,00
Now this is a handful of registry information, I agree. But let look at each inventory policy and the agent that handle them. That'll just clarify the picture:
- InventoryRuleAgent: InventoryRule policies
- Default Microsoft Vulnerability Analysis Policy
- Default Microsoft Software Inventory Policy
- Default Windows Software Release Inventory Policy
- SW Inventory Agent: WindowsOSInventory policies
- Default Windows OS Inventory Policy
The policies applied are the default PMS inventory policies. Here is a mapping of the policies and the inventory or inventory rules that are driven by these:
- Default Microsoft Vulnerability Analysis Policy -> IsInstall inventory rules are checked
- Default Microsoft Software Inventory Policy -> Software Inventory is executed
- Default Windows Software Release Inventory Policy -> Software Release inventory rules are checked
- Default Windows OS Inventory Policy -> OS Inventory is executed
Now that I have said that, I am suddenly wondering where the Service Pack inventory rules are checked, because I am missing it, may be it's just an issue with the naming convention?