Support

[Gary_Berg]

I'm using SOSOS to scan my LAN to take an inventory of systems. One thing I like is how it picks up my Dell system IDs.

I found it useful to fiddle with the source to PollSOSOS enough to:

1) Enable to scan by OU and Age at the same time. So I can just scan machines older than xx days or not in the DB.

2) Handle an OU with a space in the name - like "Domain Controllers". I hacked to translate an "&" to a space.

I've gotten this working, I'm happy to share the code if you are interested.

However, I've having some weird issues, I get "Provider Failure errors" on some of my machines, mostly notebooks. I also see errors about the RPC server not being available. These are from machines which are present on the network, running Windows XP. I'm running with domain admin credentials. I get the same results if I run manually in SOSOS, which I have not modified. This works with some notebooks, not all. All notebooks are running virtually identical configurations, with the firewall down and all run the same AV solution, configured centrally (Kaspersky admin kit).

Domain is Server 2003.

Any suggestions?

[admin]

I'd be curious to see the modification you've made... particulary if you'll allow me to incorporate them into the next build

The issue with Provider failures is preplexing... I typically keep track of them via the error log feature, and try to make sense of it all. For example, I get a lot of provider failures for CDROMs for some reason, and sometimes on printers. Since it's an issue with WMI, I can't really "code around it"... I can just handle the error gracefully.

[Gary_Berg]

I've attached a zipped version of the PollSOSOS main.vb file. I will warn you that it's a major hack. Basically I build a list of systems in the OU (your code), then I build a list of all systems which I've seen within my date threshold (so these are newer systems). I then go through the OU-generated list and zap anything that's in my list of newer systems, and so the result is a list of systems I've not seen in at least xxx days.

As for provider errors, I'm getting this when trying to poke an NT4 system (which probably pre-dates WMI, so it makes sense):
PCName: xxxxx_1
RemoteFrom: xxxxx
UserName: xxxxxx
Date: 8/19/2009 7:00:30 AM
Version: PollSOSOS v3.2.0.1 (v2.0.50727)
Table: Initialize
DetailLevel: Errors
Exception: System.Runtime.InteropServices.COMException
Error: Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG))
Location: at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
at System.Management.ManagementScope.InitializeGuts(Object o)
at System.Management.ManagementScope.Initialize()
at System.Management.ManagementScope.Connect()
at PollSOSOS.Snoop.GetInitialData()
at PollSOSOS.Snoop..ctor(String PC_Name, SOSOSDataSet SOSOSds)
at PollSOSOS.Main.Doit(Object State)

I get a "Class not Registered" error on poking at one system, which is running UPS Worldship:
PCName: UPS
RemoteFrom: XXXXX
UserName: XXXX
Date: 8/19/2009 7:00:12 AM
Version: PollSOSOS v3.2.0.1 (v2.0.50727)
Table: Initialize
DetailLevel: Errors
Exception: System.Runtime.InteropServices.COMException
Error: Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG))
Location: at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
at System.Management.ManagementScope.InitializeGuts(Object o)
at System.Management.ManagementScope.Initialize()
at System.Management.ManagementScope.Connect()
at PollSOSOS.Snoop.GetInitialData()
at PollSOSOS.Snoop..ctor(String PC_Name, SOSOSDataSet SOSOSds)
at PollSOSOS.Main.Doit(Object State)

And I see "Provider Failures" errors like this:
PCName: XXXXXX
RemoteFrom: XXXXX
UserName: XXXXX
Date: 8/18/2009 5:00:23 PM
Version: PollSOSOS v3.2.0.1 (v2.0.50727)
Table: Initialize
DetailLevel: Errors
Exception: System.Management.ManagementException
Error: Provider failure
Location: at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode)
at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
at PollSOSOS.Snoop.GetInitialData()
at PollSOSOS.Snoop..ctor(String PC_Name, SOSOSDataSet SOSOSds)
at PollSOSOS.Main.Doit(Object State)

That last item is the one that's preventing me from seeing my notebook computers as I mentioned. Hmm, the notebooks which work are Dell Inspiron 6000's, the ones that don't are Dell D620/D630's. Mostly. I just discovered an Inspiron 6000 which doesn't answer, and it has a very stripped WinXP installation on it.

Is it possible that somehow these systems don't have a WMI provider installed on them?

[Gary_Berg]

Oh, by the way, these provider errors happen right up front, and prevent any information about the PC getting into the database. So I don't just lack information on some aspect of the PC, I lack info on the whole PC...

[admin]

I'd recommend you download the WMI Diagnostic Utility from Microsoft ( http://www.microsoft.com/downloads/details.aspx?familyid=d7ba3cd6-18d1-4d05-b11e-4c64192ae97d&displaylang=en) and run it on one of those PCs where you're having provider failures.

I suspect there is a fundamental problem with WMI on those PCs.

[Gary_Berg]

Well, WMI diagnostics complains about security errors on one of the troublesome machines. Unfortunately it doesn't give me much information to go on as to how to fix it...

[admin]

Well, rather than poke thru the tedius logs, you *can* just blow away the WMI repository and have windows rebuild it. It's not normally the "first choice", but it typically works.

Take a peek at any number of posts on the web like these: http://www.google.com/search?hl=en&q=repair+WMI&aq=f&oq=&aqi=g7g-s1g2