TL;DR: Here’s a simple proof of concept program to look up HP server warranty details via the HP ISEE API. That’s right: no more web scraping.
If you’ve ever tried to look up warranty details for an HP server, you’ve probably come across some of these:
For anything other than a couple of servers, these are useless. Also:
- The last one is for non-server products. I wish it clearly said so.
- Two different UIs for warranty lookup. No link between them.
- One requires the product number for 10-digit serials, while the other does not. I’m guessing that’s due to duplicate serials coming from various aquisitions over the years.
- The output data varies significantly. The first one is definitely the most interesting.
So you sit there and copy-paste serials and product numbers while your life drains away at every click, and then you get the brilliant idea of automating the process with some scripting and scraping. There are tons of implementations readily available, but you realize that each time you scrape HTML, another .NET-SOA-SAAS-XML-J2EE developer is employed somewhere in the world and will somehow find a way to get on your nerves with some poorly implemented, massively bloated piece of software that you have to run through fucking Mono.
So you curse and throw up your hands, and then someone comes along and suggests HP SIM. Yes, the 1.8GB interstellar monster that somehow runs with the smallest number of wtfs on Windows 2008 with another few gigabytes of MS SQL Server on board. Oh, and then you need 800 additional megabytes for HP Insight Remote Support Advanced (RSA) which lets you do warranty lookups. Great.
In reality, all you need when looking up warranty details is a couple of lines of XML.
RSA uses HP’s Instant Support Enterprise Edition (ISEE) API, and damn is it enterprise. In short, it’s a SOAP interface that sends embedded XML documents back and forth. There’s no WSDL available, so let’s walk through the process in full, including details on the service interface.
A client must supply a
registrationToken parameter with every warranty lookup. These parameters are obtained from the server response when the client carries out the registration process, which goes as follows:
SOAP action: http://www.hp.com/isee/webservices/RegisterClient2 HTTP URL: https://services.isee.hp.com/ClientRegistration/ClientRegistrationService.asmx
The SOAP envelope:
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:iseeReg="http://www.hp.com/isee/webservices/"> <SOAP-ENV:Body> <iseeReg:RegisterClient2> <iseeReg:request> ... </iseeReg:request/> </iseeReg:RegisterClient2> </SOAP-ENV:Body> </SOAP-ENV:Envelope>
The ISEE registration request is then inserted as text in the
<iseeReg:request> tag. It is a fairly verbose blob, and yes, it has been stripped down to the bare minimum accepted by the server.
<isee:ISEE-Registration schemaVersion="5.00" xmlns:isee="http://www.hp.com/schemas/isee/5.00/event"> <RegistrationSource> <HP_OOSIdentifiers> <OSID> <Section name="SYSTEM_IDENTIFIERS"> <Property name="TimestampGenerated"/> </Section> </OSID> <CSID> <Section name="SYSTEM_IDENTIFIERS"> <Property name="CollectorType" value="MC3"/> <Property name="CollectorVersion" value="T05.80.1 build 1"/> <Property name="AutoDetectedSystemSerialNumber" value="10"/> <Property name="SystemModel" value="HP ProLiant"/> <Property name="TimestampGenerated"/> </Section> </CSID> </HP_OOSIdentifiers> <PRS_Address> <AddressType>0</AddressType> <Address1/> <Address2/> <Address3/> <Address4/> <City/> <Region/> <PostalCode/> <TimeZone/> <Country/> </PRS_Address> </RegistrationSource> <HP_ISEECustomer> <Business/> <Name/> </HP_ISEECustomer> <HP_ISEEPerson> <CommunicationMode>255</CommunicationMode> <ContactType/> <FirstName/> <LastName/> <Salutation/> <Title/> <EmailAddress/> <TelephoneNumber/> <PreferredLanguage/> <Availability/> </HP_ISEEPerson> </isee:ISEE-Registration>
TimestampGeneratedproperties must contain a near-current timestamp on the form
%Y/%m/%d %H:%M:%S %Z. Use time zone “GMT” in case of problems.
AutoDetectedSystemSerialNumberproperty need not contain a valid serial; it’s enough with two (or more) digits.
The server will then return:
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <RegisterClient2Response xmlns="http://www.hp.com/isee/webservices/"> <RegisterClient2Result> <IsSuccess>true</IsSuccess> <Gdid>XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX</Gdid> <BackoffMultiplier>1</BackoffMultiplier> <RegistrationToken>XXX</RegistrationToken> </RegisterClient2Result> </RegisterClient2Response> </soap:Body> </soap:Envelope>
Gdid and the massively long
RegistrationToken values so they can be used in upcoming requests.
Next up is the warranty (aka entitlement) lookup itself. The
registrationToken parameters are included in the SOAP/ISEE header. Again, this is the bare minimum accepted by the server, so even the empty
<isee:CSID/> tags must be present.
SOAP action: http://www.hp.com/isee/webservices/GetOOSEntitlementList2 HTTP URL: https://services.isee.hp.com/EntitlementCheck/EntitlementCheckService.asmx
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:isee="http://www.hp.com/isee/webservices/"> <SOAP-ENV:Header> <isee:IseeWebServicesHeader> <isee:GDID>XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX</isee:GDID> <isee:registrationToken>XXX</isee:registrationToken> <isee:OSID/> <isee:CSID/> </isee:IseeWebServicesHeader> </SOAP-ENV:Header> <SOAP-ENV:Body> <isee:GetOOSEntitlementList2> <isee:request> ... </isee:request> </isee:GetOOSEntitlementList2> </SOAP-ENV:Body> </SOAP-ENV:Envelope>
<isee:request> tag should then contain the following payload.
<isee:ISEE-GetOOSEntitlementInfoRequest xmlns:isee="http://www.hp.com/schemas/isee/5.00/entitlement" schemaVersion="5.00"> <HP_ISEEEntitlementParameters> <CountryCode>ES</CountryCode> <SerialNumber>CZ10130050</SerialNumber> <ProductNumber>519841-425</ProductNumber> <EntitlementType></EntitlementType> <EntitlementId></EntitlementId> <ObligationId></ObligationId> </HP_ISEEEntitlementParameters> </isee:ISEE-GetOOSEntitlementInfoRequest>
- The empty tags must also be present.
CountryCodeneed not match the origin country.
- To look up multiple entries, simply add more
The server response SOAP envelope:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <GetOOSEntitlementList2Response xmlns="http://www.hp.com/isee/webservices/"> <GetOOSEntitlementList2Result> <IsSuccess>true</IsSuccess> <Gdid>XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX</Gdid> <BackoffMultiplier>1</BackoffMultiplier> <Response> ... </Response> </GetOOSEntitlementList2Result> </GetOOSEntitlementList2Response> </soap:Body> </soap:Envelope>
..and then finally, the warranty data itself. It can easily be hundreds of lines, so here’s a link to an example result: warranty-ok.xml
Each entry in the lookup is returned in its own
<Data> section with a running
frame count. You can also see that since the lookup specified the wrong
CountryCode “US”, the response includes a warning about a mismatch with the database’s ship-to country.
There appears to be no WSDL available, so the SOAP envelope can be constructed manually or a WSDL can be reconstructed from the XML. I’m guessing that the client and server applications have been built and deployed directly from a Visual Studio project with no particular need for a WSDL.
The web interface lets you look up the serial only, but that seems to be impossible in the api. This is unfortunate for quick manual lookups, but isn’t really an issue for batch requests; the product number is readily available in any kind of iLO and also in the SMBios system SKU number.
Multiple warranty entries per request saves a lot of round-trips, but there is bound to be a maximum number of entries allowed per request. That number is not yet known.
The server returns a variety of error codes on malformed input. With the missing WSDL, error handling has to be inferred from the api by fuzzing it with invalid data. Some common error examples:
- register-error.xml: Missing details in register request
- warranty-empty_prodno.xml: Empty product number
- warranty-invalid_prodno.xml: Invalid product number
In addition to the enterprise choice of XML-in-XML, there are some odd inconsistencies in the api, such as
registrationToken, unused XML namespaces, inconsistent namespace local names, versioned SOAP actions (
GetOOSEntitlementList2), etc. Beware when coding.
Apart from the register and entitlement lookup functions, the api supports other SOAP actions. Here’s a partial(?) list:
SOAP URLs that match some of the actions above:
The overall characteristics of the api makes it pretty clear that it is not designed for 3rd party use, but it certainly provides all the warranty info you need and it lets you avoid embarrassing HTML scraping. So I wish HP would publish api details and openly encourage its use, particularly for read-only authoritative data like warranty details. It doesn’t need to be the ISEE api in particular, but something well-engineered that provides the same (or better) level of detail.
As for functions other than warranty lookup, I can understand the desire to limit access to phone-home mechanisms for error reporting, hardware replacements, support cases, etc, but I would maintain that a strict api would easily limit abuse and poorly formed requests, and let competent users integrate the functionality into their own systems. One thing is for sure: Being forced to use vendor-specific, sub-par management software is definitely not the right way to go.