node-machine-id icon indicating copy to clipboard operation
node-machine-id copied to clipboard

Published 20 hours ago verified publisher icon automation-stack

Fails if registry editing tools are disabled on windows

Open eohland opened this issue 8 years ago • 16 comments

Hi, If you are on a restricted environment where local group policy prevent access to registry editing tools, the "REG QUERY" command fails. A workaround for me was to write a native tool (attached below), it work either on native and mixed environment.

get-machine-guid.c.zip

eohland avatar Oct 06 '17 10:10 eohland

I'm seeing this issue too...

joneian avatar Nov 22 '17 11:11 joneian

Also seeing this issue as well, would it be possible to implement a fallback to the native tool or another nodejs way of accessing the registry if the REG QUERY command is detected as failed?

SirNeural avatar Jan 21 '18 20:01 SirNeural

@eohland @joneian @SirNeural Any luck with this issue ?

yawar-ali avatar Mar 06 '18 18:03 yawar-ali

@automation-stack You got any chance to look into this issue ?

yawar-ali avatar Mar 06 '18 18:03 yawar-ali

No @sweetevil, I still use my cpp workaround like that:

function getMachineIdSync() {
  if (process.platform === 'win32') {
    let guid = execSync('get-machine-guid.exe').toString()
    guid = guid.replace(/\r+|\n+|\s+/ig, '').toLowerCase()
    return createHash('sha256').update(guid).digest('hex')
  }
  else {
    return machineIdSync()
  }

A proper fix could be to implement it as a native module.

eohland avatar Mar 07 '18 08:03 eohland

@eohland What is this get-machine-guid.exe ? You created exe file on your own or it is available online ?

yawar-ali avatar Mar 07 '18 14:03 yawar-ali

I created my own, It is the compiled version of get-machine-guid.c included in my first post.

eohland avatar Mar 07 '18 14:03 eohland

@eohland Does it return same machine Id in each case with machineIdSync & your workaround ?

yawar-ali avatar Mar 07 '18 16:03 yawar-ali

@sweetevil Yes, the only difference is the way to retrieve the MachineGuid registry key

eohland avatar Mar 07 '18 17:03 eohland

@eohland It didn't compile for me, I am getting some errors.

yawar-ali avatar Mar 07 '18 23:03 yawar-ali

@sweetevil I just tried again and it compile without errors using the VS2015 Developer Command Prompt like this:

cl get-machine-guid.c

Here is the compiled executable : get-machine-guid.exe.zip

eohland avatar Mar 08 '18 08:03 eohland

@eohland Your executable just flickers and returns nothing. I am getting undeclared KEY_WOW64_64KEY error while compiling script.

yawar-ali avatar Mar 08 '18 18:03 yawar-ali

@eohland Nevermind, I got it working, just that I am having issues with returning char* buffer back from dll export method to the app. I am using node-ffi for dll comms.

yawar-ali avatar Mar 08 '18 23:03 yawar-ali

Does this occur only is GP specifically "prevent access to registry editing tools" or is it if the user is not a local admin?

ScubaDrew avatar Nov 01 '18 05:11 ScubaDrew

Late to the party but you can also use PowerShell:

const {spawnSync} = require('child_process');
const {createHash} = require('crypto');

const getSync = (original = false) => {
  const psProc = 'powershell.exe';
  const psArgs = ['-NoLogo', '-Command', '-NonInteractive', '(New-Object -ComObject WScript.Shell).RegRead("HKLM\\SOFTWARE\\Microsoft\\Cryptography\\MachineGuid")'];
  const output = spawnSync(`${psProc}`, psArgs);
  const string = output.stdout.toString().split('\r\n')[0];

  return original ? string : hash(string);
};

function hash(guid) {
  return createHash('sha256').update(guid).digest('hex');
}

module.exports = {
  getSync,
};

DeverStyle avatar May 30 '19 09:05 DeverStyle

@DeverStyle '-NonInteractive' should be before '-Command'

Antheso avatar Dec 06 '19 10:12 Antheso