Machine identification revisited
I’m sorry if this topic has been done to death in the past, but I’m looking for something that uniquely identifies a particular machine (running Windows 2000 or XP). I’m tempted by the drive serial number returned by GetVolumeInformation, but one of my colleagues has raised the question of whether this is guaranteed always to return the same value with something like a RAID drive, especially if one of the components is swapped. Does anyone have any wisdom to share?
There's a number called a SID which is supposed to be unique to every NT installation. It's not foolproof -- users can clone their hard drive and get the same SID, although those two computers will not be able to coexist on a network if they do, and we've found rare circumstances when you try to read the SID and you don't get it.
Before you clone your partition, try to run sysprep minisetup (DO NOT reboot before cloning). It will renew the SID. I heard that you can do this by setting the SID by Ghost but I didn't try it.
I use the computer name and the user login name to produce a unique id of sorts. It helps me identify who and how many users are logged on to a database, thus helping to enforce license agreements. It also tells me how many different machines have been used to log into the database. (Speaking in terms of a LAN.)
The machine SID looks a reasonable method. I gather it's stored in the security section of the registry. Are there any permissions type issues in reading it? Also, getting it that way does seem a bit clumsy somehow. Does anyone know of another way? The nice people at sysinternals provide a tool called psgetsid which does it, and works remotely over the network to get the SID of another machine, but unfortunately they don't provide source code for it.
The last 12 characters of UuidCreateSequential() is the MAC address of the ethernet card, which most users never change.
Bob, I wondered about the MAC address, but some of the machines may have more than one, including one or more virtual ones from VMWare, which complicates things, but is probably still workable.
For machines that are relatively new (within 3 years old) you should be able to get the BIOS serial number with WMI.
MAC address of the first interface is the usual thing for this. It can be forged, but at least you can't have two machines with the same MAC on one network.
A long article on grc.com shows how spyware uniquely identifies the computer:
It would be helpful to know WHY you want to do this. Perhaps there is another way to solve your problem. But since we only know what your proposed solution is, not your problem, it's hard to come up with other solutions.
What's the price range for the product? How is the product used? Whether or not node-locked licensing is appropriate for a particular product or a liability that annoys your paying customers, encouraging them to look for a suitable substitute, depends a lot on what it costs and what it's used for. From the perspective of IT folks, node-locked licensing is a major PITA. It's tolerable if the product is only used on a very small number of computers and you don't need high availability from the application. Given the choice, I'd pick flexlm licensing or dongles hands-down over node-locked licensing in the vast majority of circumstances.
Would simply using the IP address work?
Fog Creek Home