Ensure correct registration of cloned SLE machines
This document (7008307) is provided subject to the disclaimer at the end of this document.
Environment
Subscription Management Tool (SMT) for SUSE Linux Enterprise 11
1.1
SUSE Linux Enterprise Desktop 11 Service Pack 1
SUSE Linux Enterprise Desktop 10 Service Pack 3
SUSE Linux Enterprise Server 11 Service Pack 1
SUSE Linux Enterprise Server 10 Service Pack 3
SUSE Linux Enterprise Desktop 11 Service Pack 1
SUSE Linux Enterprise Desktop 10 Service Pack 3
SUSE Linux Enterprise Server 11 Service Pack 1
SUSE Linux Enterprise Server 10 Service Pack 3
Situation
SUSE Linux Enterprise (SLE) 10 and newer hosts register themselves
with either the with Novell Customer Center (NCC) or a Subscription
Management Tool (SMT) server to configure update repositories. This
may happen during installation or by running either the NCC
configuration wizard in Yast or /usr/bin/suse_register at some post
installation point.
The individual hosts authenticate themselves against the registration server (NCC or SMT) amongst other with a 32-digit hexadecimal unique ID and a similar password. This credential set gets automatically created by the update stack on each machine during the initial registration. When a given client re-registers with NCC/SMT, the unique ID is used for identification. Re-registration by default happens regularly on SLE 10 machines, while it must be user-initiated for SLE 11 and newer. These registrations (by unique ID) also used to count the license usage in the NCC.
Due to the dependency on maintaining true unique IDs for each individual SLE instance, it is crucial to ensure correct handling of this as part of the cloning of either physical or virtual SLE 10 and/or 11 hosts.
Currently there is no way to safely detect if a machine/unique ID has been cloned. Even though the MAC address may have changed, that could also have changed for simple reasons like replacement/addition of a network card.
The individual hosts authenticate themselves against the registration server (NCC or SMT) amongst other with a 32-digit hexadecimal unique ID and a similar password. This credential set gets automatically created by the update stack on each machine during the initial registration. When a given client re-registers with NCC/SMT, the unique ID is used for identification. Re-registration by default happens regularly on SLE 10 machines, while it must be user-initiated for SLE 11 and newer. These registrations (by unique ID) also used to count the license usage in the NCC.
Due to the dependency on maintaining true unique IDs for each individual SLE instance, it is crucial to ensure correct handling of this as part of the cloning of either physical or virtual SLE 10 and/or 11 hosts.
Currently there is no way to safely detect if a machine/unique ID has been cloned. Even though the MAC address may have changed, that could also have changed for simple reasons like replacement/addition of a network card.
Resolution
Delete the unique ID on the disk (image) that is used as master for
the clones. This is a username/password set, that is stored
differently on SLE 11 and SLE 10 (due to difference in update
stacks (zypper/ZMD)).
SLE 11 hosts :
Delete the file
/etc/zypp/credentials.d/NCCcredentials
The first time the registration is run on a clone, the update stack will regenerate the file with new content.
SLE 10 hosts :
Delete the files
/etc/zmd/deviceid
/etc/zmd/secret
The zmd daemon will recreate the files with a new credential set.
SLE 11 hosts :
Delete the file
/etc/zypp/credentials.d/NCCcredentials
The first time the registration is run on a clone, the update stack will regenerate the file with new content.
SLE 10 hosts :
Delete the files
/etc/zmd/deviceid
/etc/zmd/secret
The zmd daemon will recreate the files with a new credential set.
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7008307
- Creation Date: 07-Apr-2011
- Modified Date:03-Mar-2020
-
- Subscription Management Tool
- SUSE Linux Enterprise Desktop
- SUSE Linux Enterprise Server
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com
