I am new to SCCM. I am trying to import a device in SCCM and how we can assign an IP and Hostname to that device.
Is there any possibility to add an IP to a device through CSV file while importing device?
To import devices/computer objects in SCCM you need to specify computer names as well as MAC address or SMBIOS GUID of devices. You can do this for one or multiple computer objects e.g. via SCCM console (Assets and Cpmliance -> Devices -> Import Computer Information) or via Powershell Cmdlet Import-CMComputerInformation (https://learn.microsoft.com/en-us/powershell/module/configurationmanager/import-cmcomputerinformation?view=sccm-ps) or VBS or C# (https://learn.microsoft.com/en-us/configmgr/develop/osd/how-to-import-a-new-computer-into-configuration-manager)
Related
First, my setup:
Mac OSX 10.8
Windows 7 running in VM (VMWare Fusion)
SQL Server 2008 R2 running in VM
Boatload of Python scripts + my highly customized Python installation on the Mac side.
I'd like to be able to run scripts locally on my laptop against a snapshot of our development database, which exists happily in my VM. I'd also like to not have the PITA that is rebuilding my Python installation in the Windows VM.
So the question: how can I access the SQL Server instance running in my VM from the Mac side? To access the production data, I use pymssql, which is based on FreeTDS.
I am running with this configuration, as follows:
Create an additional network adapter for the VM and set it as
"Private to my Mac". The default network adapter created during the VM set-up will be used by Windows to get to the network to which the Mac is attached (Internet, etc.) and this new one you create will be used for communication between the Mac and VM host.
The Mac IP on the virtual network can be identified using ifconfig. In my case it was named vmnet1 with IP 192.168.23.1
The Windows VM IP will, by default, be dynamically allocated. You should go into the network setup in Windows and set a static IP that is on the same network as that of the Mac IP. In my case the Windows network adapter created by Fusion was named Ethernet1. I set this to 192.168.23.100/255.255.255.0. Do not set a gateway address as you do not want routes down this path
Create an entry in the Mac /etc/hosts file for the Windows IP, e.g. "192.168.23.100 mywinsys.local"
Create an entry in the Windows /windows/system32/drivers/etc/hosts file for the mac IP, e.g. "192.168.23.1 mymacsys.local"
Be sure to turn off Windows firewall or otherwise open up necessary ports
Be sure that SQL Server is configured to accept IP connections
https://technet.microsoft.com/en-us/library/hh231672(v=sql.110).aspx
Processes running on the mac can connect to Windows processes with mywinsys.local. Processes running on Windows can connect to Mac process with mymacsys.local
I have a crypto USB device which is used to store PKI certificates including the private key.
It can be read/written to using the Microsoft Crypto APIs. And it is protected by a PIN. I am investigating if the device is in fact secure.
In my opinion, the security of the device hinges on how the PIN is used/stored. This is related to a different question I posted on crypto.stackexchange - https://crypto.stackexchange.com/questions/5929/crypto-usb-devices-where-is-the-pin-password-stored
When I insert the device into my USB slot, it presents itself as a CD drive containing a setup program which installs the driver/CSP middleware/UI for the device. After the setup program is run and I store certificates in the device, I still see only the setup program in Windows Explorer when I look at the drive assigned for the device.
So in order to prove that the device is secure or not secure, I want to access the raw data on the device. And I want to know what APIs on Windows, I can use to access the device bypassing the Crypto APIs.
Alternately are there tools to do the same?
One idea would be to boot into a Linux Live CD and view the drive contents that way. You could, for example, try one of the latest Ubuntu builds, all of which can be run from the CD without installing the operating system onto your Windows machine.
My theory is that when your device is accessed from Linux, the raw data will be available. When it is accessed from Windows, I suspect some kind of clever AutoPlay comes into effect in order to present your device as a CD drive.
I have got a piece of hardware which communicates with my program using an FT2232C USB serial converter. All works fine if the device has already been attached to a computer before and the drivers were installed using an administrator account. But that is not the usual case.
These devices will be attached and removed at will and it will also not always be the same device that will be attached to a particular computer. Also, most of the users will not have administrator privileges and the computers are not connected to a LAN.
It is possible to automatically push files to these computers and add registry entries.
Does anybody have got any pointers on how to make Windows believe the devices driver has already been installed? I am currently thinking along the lines of tracking all changes that the driver installer does to the Windows installation and making these changes without any user interaction. But maybe there is an easier way?
We are currently talking Windows XP but in the not so far future there will be more and more Windows 7 (64 bit) computers as well.
While you could "pre-install" the driver by doing all the changes to the registry yourself (under a SYSTEM account, not regular Administrator -- you can use SysInternals PsExec to do this), this wouldn't help you unless you'd preinstall it for all possible ports. (Only USB devices which have an embedded serial number can be installed just once. Others are installed per-port.)
Another option is to sign the driver. A signed driver installs silently without the need for administrative credentials.
Does the vendor driver come with a .cat file? (And is the .cat file WHQL-signed?) If yes, you don't have a problem. Just install the driver with the standard tools (e.g. DPInst).
If not, you can always generate your own WHQL certificate (you cannot BUY a WHQL certificate), push this to all computers (since you're an administrator, you can do this) and then use the regular Windows tools (e.g. DPInst) to place the driver in the machines' driver stores. To generate the certificate, use CertUtil.exe and make sure you specify the "Windows System Component Verification" EKU. To sign the driver, use MakeCat.exe and SignTool.exe.
The best method with XP for the timebeing is to get hold of the administrator password, I used the following method a few months back and it has been brilliant, there is free software and instructions available here:
http://www.loginrecovery.com/
I tested successfully with Linux by using Avahi(Bonjour) and Netatalk(AFP) to provide network storage to Mac OS X seamlessly (as like Time Capsule).
I want to make one another question for Windows 7. As I searched Windows 7 uses PnP-X and UPnP to provide Bonjour like zero configuration experience. What I want to achieve is:
Use Samba on Linux to share one folder
Publish this shared folder as NAS service by using PnP-X and UPnP
If a Windows 7 PC attached to the LAN which have the Linux it will discover the NAS service on Linux
Windows 7 automatically initiate PnP install process and new disk volume will be appeared on Explorer without any user intervention. This new volume is actually Samba shared folder from Linux
Do you think this scenario is achievable by using PnP-X and how can I do this?
Best Regards
I checked about it by myself.
PnP-X uses SSDP (Simple Service Discovery Protocol) of UPnP to publish network attached device to Windows clients in local network. By using XML configuration file of SSDP, device can let client knows PnP H/W ID.
From Windows 7, user can see PnP-X enabled device from network explorer. User can select install context menu to initiate device driver installation of PnP-X device.
PnP driver installation depends on H/W ID which is known by SSDP XML configuration file.
To implement this scenario on Linux O.S., I can use GUPnP library to support SSDP notify.
Also, I need to implement proper INF file and device driver.
BR,
Wonil.
We develop a custom Windows CE-based device. To connect this to the PC via ActiveSync / Mobile Device Center, we have to set up entries so that the WCE USB Serial Host (wceusbsh.sys) recognises our Vendor ID (Vid) and Product ID (Pid).
To do this, to date, we have distributed a modified version of wceusbsh.inf and wceusbsh.sys: when the user first connects the device then ActiveSync basically says it does not recognise the device, and the user is asked to identify a driver for it. If they now point at the location where they've stored our wceusbsh.* files then all is well. However this is pretty clunky.
What we really want is a slick way to do this, preferably by running an installer which just gets everything ready, so that as soon as the device is plugged in it is recognised by wceusbsh.sys.
Any clues how to do this? There seem to be a ton of registry entries which relate to WCEUSBSH, and it's not clear how these are set: just "installing" the .INF file doesn't seem to allow for setting them all, so it does look like ActiveSync reads the .INF file and then adds some more information before appending the new info to the Registry.
Thanks
Well, in case anyone else comes looking for an answer to this, we managed to do it via this link from MSDN WinUSB (Windows Driver Kit). We now have a driver install program which sets up USB / Mobile Device Center so that when you plug in the CE device it is recognised correctly.