To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Using 'FSMAUTIL.exe resetuid' to reset the UID via a script

alsimmo
alsimmo Posts: 37 Security Scout
in Business Suite

Hi,

 

As per subject line we have a number of machines which was created from an image but the UID was not reset before the final stage of the build.  Now we have a number of machine with the same UID.  The additional problem is that these users do not have full administrator permission to the machines.  We had the problem before for Windows XP machines but then users had administrative permission.  I'd rather not apply the fix per machine so need to work out a solution that we can apply on the network. 

 

echo off if exist %windir%\UID3.TXT goto uid-skip

Echo Resetting F-Secure UID

c:\progra~1\f-secure\common\fsmautil RESETUID

if not exist %windir%\UID3.TXT copy \\server\path\UID3.TXT %windir% /y

echo F-Secure UID has been reset

goto uid-end

:uid-skip

Echo F-Secure UID has already been set

:uid-end

 

This is mostly affecting version Workstation 9.31 client and have tried pushing Workstation 11 using both Host Identification Randomly Genterated Global Unique ID and SIMBIOS Global Unique ID on different machines to see if it made a difference but it didn't.

 

I know the machines that have the same UID from various other solutions that we use so am able to compare what is in PM v11 and WSUS.

 

Any help would be appreciated.

Regards Al.

Comments

  • Vad
    Vad Posts: 1,069 Cybercrime Crusader

    Hello Al,

     

    First of all, I wouldn't recommend you to use version 9.31, it has critical issues. If you want to use 9.x version, 9.32 is the right choice.

    Second, we have a known issue in 9.x versions regarding resetuid procedure.

    Third, SMBIOS guid could be the same for several machines in some cases.

     

    So, I would recommend you to take version 11.00 in use, together with random guid:

    FSMAUTIL RESETUID RANDOMGUID

    or

    FSMAUTIL RESETUID RANDOMGUID APPLYNOW

     

    Best regards,

    Vad

  • alsimmo
    alsimmo Posts: 37 Security Scout

    Hi Vad,

     

    Thanks for your reply.

     

    Sure, I can upgrade to version 11.00 and this wouldn't cause me any problems at all.  My concern is how to run the commands you mentioned FSMAUTIL RESETUID RANDOMGUID or FSMAUTIL RESETUID RANDOMGUID APPLYNOW.

     

    As mentioned the end user doesn't have administrative permissions and ideally we would like to script this somehow across multiple machines.

     

    Regards,


    Al

  • Vad
    Vad Posts: 1,069 Cybercrime Crusader

    Hello,

     

    I see. Well, you can use domain group policies for example.

     

    Best regards,

    Vad

  • alsimmo
    alsimmo Posts: 37 Security Scout

    Hi Vad,

     

    Thanks, I'll give this a go!  I'll update the post shortly.

     

    Regards,


    Al

This discussion has been closed.

Categories