locked
Best MOF design for SCCM RRS feed

  • Question

  • Hi

    We developed an application and want to make its management information available through WMI. We want to have a simple and good MOF design, easy to use in SCCM (to collect these information in inventories, to build reports, ...).

    We have a design choice to do, and we'd like to have your advices.

    (for this example, I simplify a lot the objects we really used) On a computer, there can be several encrypted directories. Each encrypted directory is protected by one or more username-passwords, that we call a "Password access". Please note that 2 password accesses with the same username are not related : they can have different passwords (so there is no notion of global user. Each access in each encrypted directory is independent).
    We want to make it possible to list these directories and accesses through WMI, and so in SCCM reports.
    All these classes are defined in our own custom namespace (root\mycompany\myproduct)

    Design 1:
    -------------

    class PasswordAccess
    {
       [read, key]
       String UserName;
    }

    class EncryptedDirectory
    {
       [read, key]
       String Path;
       [read]
       PasswordAccess Accesses[];

    }

    Design 2:
    --------------------

    class PasswordAccess
    {
       [read, key]
       String UserName;
       [read, key]
       String Path;
    }

    class EncryptedDirectory
    {
       [read, key]
       String Path;
    }

    ------

    So the design 1 uses an array of embedded objects PasswordAccess, and in design 2 the link between EncryptedDirectory and EncryptedPassword instances is done through the Path property.

    We didn't find on the web a lot of examples of inventories with embedded objects, and embedded objects are not often used in built-in Win32 classes. We didn't find in SCCM an example of another WMI class with embedded objects in the inventory class list.

    We first implemented the design 1, but we have a lot of problems to make SCCM collects the Embedded objects. In fact, we are not sure today that it is possible. But if it isn't possible, why Microsoft allows to define embedded objects ?

    So, the questions :

    - Which one is the best design ?

    - If we can choose the design 1, is it possible in SCCM to collect that information (I mean collect the list of EncryptedDirectory with the Embedded PasswordAccess).

    Thanks a lot for your advices, we are stucked on this.

    J.

    Tuesday, September 3, 2013 2:27 PM

Answers

  • I would never use an embedded object, I'm not familiar with any built-in WMI classes that do this and as you've found out, I don't think ConfigMgr can even handle them.

    Why not use an association? Built-in WMI classes make heavy use of them: http://msdn.microsoft.com/en-us/library/windows/desktop/aa389812%28v=vs.85%29.aspx

    Design 2 works fine because Path is essentially a foreign key.

    Design 1 is flawed also because your passwordaccess class (if that's truly all if contains) is redundant and unnecessary.


    Jason | http://blog.configmgrftw.com

    Tuesday, September 3, 2013 5:30 PM

All replies

  • I would never use an embedded object, I'm not familiar with any built-in WMI classes that do this and as you've found out, I don't think ConfigMgr can even handle them.

    Why not use an association? Built-in WMI classes make heavy use of them: http://msdn.microsoft.com/en-us/library/windows/desktop/aa389812%28v=vs.85%29.aspx

    Design 2 works fine because Path is essentially a foreign key.

    Design 1 is flawed also because your passwordaccess class (if that's truly all if contains) is redundant and unnecessary.


    Jason | http://blog.configmgrftw.com

    Tuesday, September 3, 2013 5:30 PM
  • Thank you Jason.

    OK, We will forget about embedded objects and try associations.

    J.

    Thursday, September 5, 2013 7:14 AM