Skip to content Skip to site navigation

Stanford Network Registration Tool (SNRT)

Soon, Stanford Device Registration  will replace SNRT in the network self-registration (SNSR) workflow. SDR brings the functionality of Stanford Whole Disk Encryption (SWDE), Device Enrollment, the Stanford Network Registration Tool (SNRT), and Compliance Checker into one place, so you no longer need to download various apps to achieve device compliance.  Learn more

Stanford Network Registration Tool main window

System requirements

  • Windows 8.1 and above, including both 32- and 64-bit platforms
  • macOS 10.10 and above

Program execution

  • PC:  If the computer is running Windows 2000 Service pack 2 or below display an error message and quit.
  • Confirm that the user who is logged in has administrator rights.
    • The installer may prompt for administrator credentials.
    • If the user does not have administrator rights display an error message and quit.
  • Log all program activity to the activity log file
    • Windows: “C:\ProgramData\Stanford\SNSR\snrt_activity_log.txt"
    • macOS: “/Library/Logs/Stanford/SNRT.log"
  • Get all of the physical network interface hardware addresses and tag them as "wired" or "wireless."
  • Download the latest configuration file from the SNSR server.
  • Contact the SNSR server to get the subnet and organizational template options:
    • The final completion URL (optional)
    • Is BigFix required?
    • Is antivirus software required?
  • PC: Download the latest Microsoft Malicious Software Removal Tool.
    • Skip if the most recent MSRT has already been run
  • See if it is safe to check for weak administrator passwords. Disable password strength-checking if:
    • an account lockout threshold has been assigned
    • an alternative authentication method (e.g., biometric) is in use
    • Mac: FileVault is enabled
  • Get the local computer name.
  • Get the user's SUnetID (if they are authenticated to the Stanford MIT Kerberos realm).
  • Get the user's login name.
  • Get the operating system version.
  • Get the computer Make, Model and Type.
  • Get the name and version of the user's virus protection program (if a recognized program is installed).
    • PC: Information is obtained from the Windows Security Center if possible
    • Mac: Only Stanford's site-licensed Sophos AV software is detected
  • See if the user is missing any important patches.
    • PC: critical patches as defined by Windows Update
    • Mac: “recommended” macOS and security updates as defined by Software Update
    • Exclude any patches specified in patch_exclusions.txt on the SNSR server
  • If it is safe to do so, get the names and passwords of all administrator accounts that have been assigned empty passwords.
    • If weak passwords are found, display them to the user (but do not log them), and require that they be changed
  • See if BigFix has been installed.
  • PC: Set the DHCP Broadcast Flag to false in discover packets on Vista.
  • Estimate actual network throughput .
    • For slow links, warn users if OS patching is likely to take more than 15 minutes.
  • PC: Run the Microsoft Malicious Software Removal Tool in quiet mode
    • If a worm or virus was found and removed, log the fact
  • Alter the UI to reflect the status of:
    • virus protection
    • OS security patches
    • administrator passwords
    • BigFix
    • Device Enrollment
    • Disk Encryption
  • Display the computer's newly assigned DNS host name.

Command  button actions

Virus Protection Download button

Open the default browser and navigate to the appropriate web page for AV downloads. The URL is read from the configuration file.

Software Update button

PC: Patching is performed automatically using the Windows Update service.

Mac: Launch the “Software Update” application.

Warn if patch download and installation will likely take more than 15 minutes:

long wait message

Change Passwords button

Load a window that will allow the user to change weak passwords:

change administrator password dialog box

Download BigFix button

Open the default browser and navigate to the appropriate web page. The URL is read from the configuration file.

Cancel button

Ask the user if they really want to exit because the computer will not be registered if they do. If they confirm that they really want to exit, then end the program.

Run Tests Again button

If the user is required to patch the computer before registering, this button will appear. If a reboot is not required, they can click on “Run Tests Again” to check for compliance. If all required patches are found, they will be able to continue with registration.

Continue button

PC: Make the registry changes necessary to security-harden the computer

PC and Mac: Build an HTTP GET URL containing the computer MAC addresses ("MAC") appropriately tagged as "wired" and "wireless," OS version ("OS"), IP Addresses ("IP"), Make of the computer ("MAKE"), Model of the computer ("MODEL"), and Computer Type ("TYPE"), and send it to the server.

Registry changes

Selecting "What Settings Will Be Changed?" from the Help Menu will automatically generate a complete changes document that will be opened in the default browser.

Computer model details

PC

PC model information is obtained by a WMI call that retrieves computer model information provided by the manufacturer.

Mac

Mac model information is obtained by running “sysctl hw.model” from the command line and retrieving the model from the sysctl output.  Sysctl gets this string from OpenFirmware and will necessarily change as new models are released.  The string that is returned is a representation of the actual Model name.  For example, “PowerMac3,6” is a PowerMac G4 and "PowerMac7,2” is a PowerMac G5 See Apple documentation for an up-to-date list of translations.

Computer type details

PC

PC Type information is obtained by a WMI call that will retrieve one of the following:

  • “Other” Could use Virtual here for VM machine.
  • “Unknown”
  • “Desktop”
  • “Low Profile Desktop”
  • “Pizza Box”
  • “Mini Tower”
  • “Tower”
  • “Portable”
  • “Laptop”
  • “Notebook”
  • “Hand Held”
  • “Docking Station”
  • “All in One”
  • “Sub Notebook”
  • “Space-Saving”
  • “Lunch Box”
  • “Main System Chassis”
  • “Expansion Chassis”
  • “SubChassis”
  • “Bus Expansion Chassis”
  • “Peripheral Chassis”
  • “Storage Chassis”
  • “Rack Mount Chassis”
  • “Sealed-Case PC”

Mac

Mac type information is obtained by running “sysctl hw.model” from the command line and parsing the model from the sysctl output (if the model contains the string “book” it is assumed to be a laptop).  The Mac type will be either “Desktop” or “Laptop”

 

SNRT Removal Instructions

macOS (from terminal)

killall SNRTNotifications
rm -R /Library/Application\ Support/Stanford/snrt_service
rm -R /Library/Application\ Support/Stanford/SNSR
rm -R /usr/local/stanford/snsr2019

Windows - A removal tool is available here.

  • The SNRTWindowsService Service:  %PROGRAMDATA%\Stanford\SNRTWindowsService
  • The run reg key value SNRTNotifications needs to be removed: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  • The SNRT service reg key should be removed: HKLM\SOFTWARE\Stanford\SNRT_SERVICE
Last modified October 5, 2023