Search This Blog

Friday, September 24, 2010

Best site ever...

It is official, I will have no free time any more, if you miss the challenge and awesomeness of some of the best games ever released check this out!

Friday, August 20, 2010

Dell Service Tags from AD and WMI

This will probably be a very niche issue but if you are in the situation where you have a stack of Dell servers within your AD structure and need to grab all their service tags here is a fairly easy solution:

This was all done on a linux server.

Run a query against your AD LDAP server (this cannot be done against the GC because the GC doesnt store information about operating system for computer accounts).

basedn = dc=my,dc=domain,dc=internal
This basically should be set to the root of your directory so to capture all machine accounts.

searchfilter = (&(sAMAccountType=805306369)(operatingSystem=*Server*))
This will find all machine accounts (sAMAccountType) and of those machine accounts only ones that are running a Server operating system, all windows server OS's have the name Server in them (2000, 2003 and 2008).

When gathering your returned values make sure that you return the attribute dnshostname so that you can connect to the machine with your wmi client later.

To query the LDAP directory you only need a Domain User account.

You can use your own choice of ldap api, personally I use php ldap interface but perl's Net::LDAP will do the trick as well, I am sure there would be a python LDAP class as well.

Next is the interesting part, WMI (which is basically a Microsofted version WBEM).  There are a couple of places to get a WMI client for linux, the more common is to use a wbem client that talks to a WMI gateway on your windows box, but to do this you would need the gateway on all machines, not very practical for this situation.

The other option is the wmi client that comes with Samba 4, but if you dont want to go through the whole Samba install Joseph Kern has published an article and gzip to do exactly that. 

One note about this post is that there is an updated gzip file with the wmic source it is located at

Once you have your wmic binary up and running you will need a domain admin account to do the query itself.

The command is:

/path/to/wmic -U DOMAIN/adminuser --password='password' //HOST.NAME "Select SerialNumber From Win32_SystemEnclosure"

This will return you a multi line output that will contain the text similar to:

CLASS: Win32_SystemEnclosure
XXXXXXX|System Enclosure 0

A bit of regex madness later /Tag(.*)\|/si and you should have you service tag from all Dell servers within your domain.

Enjoy :D