This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
We’re currently experiencing a high volume of support requests, which may result in longer response times — Thank you for your patience and understanding.
Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Allowing Local Admin List

derek_rose
Engaged Sweeper

‎03-10-2009 07:26 PM

I am reviewing this and assume the list will update every 8 hours - as I see machines that are not set, I remove and the list should update at the next scan, correct?

Also, how would I allow an administrator account that exists on all local workstations? Is there a variable for the workstation, such as %localhost% or something? I would hate to have to type each computer name in and then the account.
Labels:
0 Kudos
9 REPLIES 9
pcrockett
Engaged Sweeper

‎04-22-2009 10:07 PM

Here's a screenshot. when I do this, all administrators on local machines dissappear from the unauthorized administrator list. ccbak is a local machine, not a domain. "administrator" is also not used domainwide, only on specific machines.

Some users are domain users and admins on local boxes with that same username. Others are admins on local boxes only.
Preview file
38 KB
0 Kudos
derek_rose
Engaged Sweeper

‎04-22-2009 09:54 PM

Are you using 3.5? I have been able to do this by entering the actual computername, such as WORKSTATION1 in the "Domain" column, and then the name such as USER2 in the Administrator account column.

Works fine for me. Post a screenshot of your input?

0 Kudos
Hemoco
Lansweeper Alumni
In response to derek_rose

‎04-22-2009 09:59 PM

derek.rose wrote:
Are you using 3.5? I have been able to do this by entering the actual computername, such as WORKSTATION1 in the "Domain" column, and then the name such as USER2 in the Administrator account column.

Works fine for me. Post a screenshot of your input?

This works, but not if the users are domain users.
0 Kudos
pcrockett
Engaged Sweeper

‎04-22-2009 09:45 PM

When allowing administrators, I have found that putting anything, even a single space, as the domain works to filter out all logons of that name. It seems like the domain column is more for reference than an actual calculation.

But this brings me to my question regarding this. Is it possible to actually do the reverse of what everyone is asking here to allow "administrator" on "box1" and dissallow "administrator" on "box2"? So far, no matter what I type in the domain area, LS always filters out all users under the administrator account column.

The reason: I have some users who are admins on certain computers only. I don't want to filter their names out as allowed admins for all machines, only some specific ones...

I've tried using "boxname\username", or "boxname" as domain name and administrator account, and both methods filter out all entries named "username" regardless of domain or local machine name.

I don't know why my system is different, but in this case, I wish I had the same issue that you all have!

Can I fix this? Or what am I doing wrong?
0 Kudos
Hemoco
Lansweeper Alumni
In response to pcrockett

‎04-22-2009 09:51 PM

pcrockett wrote:

But this brings me to my question regarding this. Is it possible to actually do the reverse of what everyone is asking here to allow "administrator" on "box1" and dissallow "administrator" on "box2"? So far, no matter what I type in the domain area, LS always filters out all users under the administrator account column.

Sorry, this is not possible
0 Kudos
derek_rose
Engaged Sweeper

‎03-11-2009 04:19 PM

{computer}\Admin worked - thanks!
0 Kudos
wkent
Engaged Sweeper

‎03-11-2009 03:39 PM

I have found this works {computer} admin Add to allowed administrators table HTH
0 Kudos
derek_rose
Engaged Sweeper

‎03-10-2009 09:48 PM

No special user for each workstation. But say our machines are COMPUTERXX where XX is the number that identifies the machine. There is a local account called "admin" - so lansweeper sees this as COMPUTER01\ADMIN, COMPUTER02\ADMIN, etc. If I wanted to add this to the domain allowed list, I would have to enter in COMPUTER01\ADMIN, COMPUTER02\admin etc. - which I would like to avoid.
0 Kudos
Hemoco
Lansweeper Alumni

‎03-10-2009 09:42 PM

I am reviewing this and assume the list will update every 8 hours - as I see machines that are not set, I remove and the list should update at the next scan, correct?

No, the scanning takes into account the waittime you have set for "USERSINGROUP"
With active scanning the computer is scanned once at maximum every 8 hours (not at minimum), the scan is triggered when the workstation contacts the domain controller (if the workstation is disconnected it won't contact the domain controller)

Also, how would I allow an administrator account that exists on all local workstations? Is there a variable for the workstation, such as %localhost% or something? I would hate to have to type each computer name in and then the account.

such a variable is not supported.
Did you create a special user separately for each workstation?
0 Kudos

Archive

This board contains archived posts from the retired Lansweeper Forum and Insiders Community.

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now