How to scan for SQL installation
I've tried creating a Scan Profile (Options/Scan Profiles) called SQL Exes where I've added Files & Directories scanner with the Type as File and the Include Pattern(s) as *\sqlservr.exe. I set it to trigger once a day.
So far (several days later), I don't appear to be getting any info from this. Specifically, I created a Dynamic Collection that does a filter with Files & Directories where Name contains sqlservr.exe and it returns nothing.
What's the right way to do this?
-
Have you considered querying the list of services in the registry instead? All services are in HKLM\System\CurrentControlSet\Services, so you can grab the item named MSSQLSERVER (if it's a full SQL). There may be a modified version for SQL Express or for instances - but either way, you could grab anything with SQL to start and then whittle it down to only the names/objects you care about. The DisplayName key will tell you the name of SQL and the ImagePath will give you the path to the executable. It would be interesting to see what it looks like on a machine where the service is using an instance and also where there could be multiple instances on the same server. Hope that helps.
-
So this seemed to work. At least, I am now getting matches to my query for files with the name sqlservr.exe. However, it is giving me a bunch of false positives. I did a manual file search on a machine that I know does not have SQL server installed, but does show up in the list and found this: C:\Windows\WinSxS\amd64_microsoft-windows-wid_31bf3856ad364e35_10.0.14393.0_none_d51f72c5729800a5\sqlservr.exe So apparently SxS has a copy of sql hidden away for some reason.
Please sign in to leave a comment.
Comments
14 comments