07-14-2011 12:42 PM
I see this with many networks, yet haven't found a good resolution yet. If a laptop connects to the LAN and is discovered with an IP address of 172.x.x.x, and then later connects to the network via VPN with an IP of 10.x.x.x, when a search is conducted for that device, it will show both IP's, yet if you select 172.x.x.x, Device Manager will have different information than the 10.x.x.x IP, even though it's the same device. The problem seems that it doesn't resolve itself and both IP's are associated with the device for many weeks.
How is DDMI suppose to handle computers with multiple connections and the merging of the modeled devices?
07-14-2011 02:20 PM
I have to throw out that I'm not an HP Tech, this is just my understanding of how things work through a couple years of using the product and how I interpret events as going down. Open a ticket with HP before you follow any of my suggestions, I dont want to mess up your server too bad :)
What does your Merge Priority list look like? Administration -> System Configuration -> Scan Processing.
How are your scan files typically named in the <datadir>\scans\processed folder? Computer Name? BIOS Asset Tag? BIOS Serial #? Combination? I ask this because you might want to set the Merge Priority to merge on the Asset Tag (Scan) field on top of the list... that will ensure when a device gets inventory scanned it gets merged
Are you sure it's the same device when you open the 10.xxx and the 172.xxx ? Silly question, but if it has "Different information" , then wouldnt that be a different device? :)
There are a few things going on here that trip DDMI up:
#1) Network Model (ping sweep)
#2) Inventory Scan
DDMI does #1 and #2 on your defined schedules. If DDMI does an inventory scan, it might set the device to an IP address A. An hour later, it might do a network scan and set the device to IP address B. Then when you use the "Find" box by computer name, the Find box looks through DNS and tells you whatever device has that IP address. Are you trying to do your "find device" on computer name or IP? If you go by computer name, it could be that another device was associated with that VPN IP address recently, so that's why there are 2 devices showing up when you do a find, since they both are associated with that IP address (1 associated thru DNS, the other associated thru an inventory scan)
Since devices come in and out of VPN and share IP addresses, there might be some DNS conflicts, network modeling conflicts, inventory scan conflicts, etc.
Personally, I dont "Discover" devices over my VPN and Wireless Subnets (no ping sweeps, SNMP queries, "network modeling"). I have all my agents set to call-home, and I have specific Discovery / Network rules for my VPN and Wireless Subnets so they are set to "Listen Only" for agents to call-home. What this means is the DDMI server wont discover a device on the VPN network, but if a device on the VPN Network calls home, it will talk to it and run an inventory scan. That helps the server a LITTLE with the duplicate device issues, but I've had mixed results.
However, I have to add that I've been working with HP support on a similar issue for months now, and there just isn't a perfect solution at this time. There's pros and cons to each method. Active Scanning VPN/Wireless causes merging issues like you noted. Not scanning and "listening" for devices means you might miss devices that dont have their agents.
08-11-2011 12:35 PM
No definitive answer here, but I do have a theory. You might have some luck if you don't let it create Unknown - IP only type devices. There is a checkbox under input filters where you can make it so that it doesn't create devices when all it has is an IP. The tradeoff would be that you won't see the device in the active devices list until it has more than just the IP address.
Word of caution, I haven't had a chance to try this myself as yet and validate that it works to clear up the issue, and l also am not an HP employee. But I did some looking in to this issue for a client and it seemed to me like what happens is that DDMi in some cases maybe pings a device, creates a device record, then scans it and updates it, then the device moves to the other IP, it gets pinged, but not scanned, and a 2nd record is created. So it stands to reason to me, that if you don't let it create a device record based only on a ping, then that might solve the problem.
If you try it and it works, let us know. You could test out my theory about how the 2nd record gets created fairly easily if you have a laptop and VPN connection from home. Just purge your laptop one day, then force it to be rediscovered, then go home, plug it in and connect over the VPN, allow it to be pinged but not scanned, then check to see if there is a 2nd record there. Then maybe see what happens after you DO allow it to be scanned from the VPN as well. Does it update the first record or the 2nd one? Does everything get merged at some point?