Shared GUID cleanup script

book

Article ID: 158642

calendar_today

Updated On:

Products

Management Platform (Formerly known as Notification Server)

Issue/Introduction

A GUID is shared when two or more Symantec Management Platform (SMP) agents use the GUID at the same time. This can cause some odd behavior.
Shared GUIDs causes inaccurate inventory reporting, so, for instance, you will not know which computers have which software installed. In addition, Shared GUIDs prevents properly managing computers, because computers might receive policies intended for other computers, and so might receive a policy that it should not; or might not receive a policy that it should.

 

The following messages indicate Shared Guids for computer resources:

Host Resource <guid> was blacklisted via the agent guid blacklist
Attempt to save messaging resource with guid <guid> has been blocked by the Host Resource Blacklist.
Add duplicate computer resource to the blacklisted hosts list (Resource: {<guid1>}, Duplicate: {<guid2>}).


Note: This type of process is no longer needed for 8.1 and later. Many improvements were done to avoid this type of shared GUID scenario. 

 

Cause

Preventing Shared GUIDs
For more information about how GUIDs may come to be shared and how to prevent this from occurring see:
   How to Prevent Shared GUIDs
   http://www.symantec.com/docs/HOWTO93988

Detecting Shared GUIDs
For an Altiris report and an SQL query to see which computers appear to be sharing GUIDs and which will be removed using the process below, see:
Detecting computer with Shared GUIDs
http://www.symantec.com/docs/HOWTO49693

 

Resolution

Correcting Shared GUIDs

! Please Note that if you import this script into a machine that does not have the Altiris Asset Management Solution installed at this time but used to have it installed then you may encounter the issue from TECH216925. If desired this script can also be run from within SQL Management Studio as an alternative to importing it into the console !

Note: This may cause problems if run on a 7.5 or later system such as deleting good computers that have had a recent name change (shared GUID's are detected by frequent name changes on a computer resource).  Only run this "Run SQL Query on Server" task as needed in 7.5 (Not on a schedule) and be prepared to run inventories again on any computers that get deleted.

The attached SQL script first goes out and finds the GUIDs that are shared. Then it deletes the resources associated with those GUIDs by passing the GUIDs to the ItemToDelete table and then blacklists the GUID so it cannot be reassigned. Once the GUID is blacklisted any agents that check into the NS with that GUID are no longer known to the NS. The NS then sends a command to the agent to reset it's GUID. The same thing would happen if you redirect the agent to a new NS. Once the GUID is reset it goes through the process to create a new resource in the DB and everything goes as it should.

To import the .xml file into the Console:

Open the Console and navigate to 'Manage>Jobs and Tasks'.
In the appropriate directory, right-click and select 'Import'.
Import "Shared GUID Cleanup Script.xml" into the Console.
Set a schedule on the script to run on the Shared Daily Schedule.
* Should be run daily until problem is fixed *
* Run as one query *

Warning: This method will remove any history for the affected resources (which is most likely corrupted due to merged data).

Applies To:
Symantec Management Platform 7.0 and 7.1

Attachments

Shared GUID v2.txt get_app
Shared GUID Cleanup script v2.xml get_app