→ Celebrate SysAdmin Day 2024 with Lansweeper Enter our Giveaway here

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
gpburth
Engaged Sweeper II
Hi!

We have some Linux Servers with AD authentication, all in one OU (OU=servers,OU=Linux,DC=...). Now our LanSweeper server sees these servers in duplicate: once through IP scanning as devices (as told by documentation), which works. And secondly as Windows server with scanning errors(*), cluttering the "computer scanning errors" report and others.

Is it possible to *exclude* one OU from scanning? (I have found a way to include only specified ones, but that task would in this case be tedious and error-prone). Even better would be exclusion by Group Membership, but that's probably not possible(?)
Alternatively I seek a way to tell my installation "if you already have a device with same name and IP don't bother with trying to scan as (windows) computer" - or maybe just an "exclusion list" in the configuration tool.

In case this matters: we use LanSweeper Prmium, version 4.2.0.63

Thanks for your help

(*) the exact error, IP is correct, obviously we have no COM on a linux server 🙂
The RPC server is unavailable 0x800706BA (erp.<redacted>, erp, 172.16.1.103)  	2/20/2012 8:48:56 PM
Cannot connect to DCOM port 135 : Firewalled? (erp) 2/20/2012 8:48:56 PM
8 REPLIES 8
gpburth
Engaged Sweeper II
This seems to have worked (changed some days ago and still only have the servers as "devices"). Thanks for your help.

But I still have one question: what part of the documentation did I overlook when searching in it for this behaviour?
Hemoco
Lansweeper Alumni
gpburth wrote:
But I still have one question: what part of the documentation did I overlook when searching in it for this behaviour?

The documentation does not currently explain how Lansweeper makes the distinction between "computers" and "devices". We opted not to include this technical information, because issues in making this distinction rarely occur.
We are working on a new knowledge base however, which will include all info from the documentation as well as additional Lansweeper licensing and technical information. We will mark this forum thread for inclusion.
gpburth
Engaged Sweeper II
yes, this value is empty for all my Linux computers but has some "Windows" string in it for all Windows computers I checked. [[Shouldn't LanSweeper default to "device" if the string is empty?]]

Do you know if this value can be changed by the "Attribute Editor" tab in "AD users and computers", since I'm reluctant to change settings on a production machine without knowing what it does.
Hemoco
Lansweeper Alumni
gpburth wrote:
Shouldn't LanSweeper default to "device" if the string is empty?

Currently, it defaults to "computer". Some Windows computers may not have a value for the "operatingSystem" attribute either.

The easiest way to make the necessary adjustments would be with an AD explorer tool. Edit the "operatingSystem" attribute for the affected machines, changing its value so that it's not longer blank.
You can delete the faulty computer entries from your database afterwards and they will not return.
gpburth
Engaged Sweeper II
overnight all deleted "computers" reappeared, so we do have the problem as in the initial post again.
Are there any other ways to solve the problem?
gpburth
Engaged Sweeper II
~# nmap  -p 135 172.16.1.103

Starting Nmap 5.00 ( http://nmap.org ) at 2012-02-21 17:20 CET
Interesting ports on erp.<redacted> (172.16.1.103):
PORT STATE SERVICE
135/tcp closed msrpc
MAC Address: 00:23:7D:DC:F8:4A (Hewlett Packard)

Nmap done: 1 IP address (1 host up) scanned in 0.24 seconds


Could the problem be that I at first only had AD scanning, and added IP scanning a day afterwards? Well, all Linux Servers are deleted from computers now, I'll see what happens.
Hemoco
Lansweeper Alumni
gpburth wrote:
Could the problem be that I at first only had AD scanning, and added IP scanning a day afterwards?

The order in which you enable scanning methods does not influence whether or not a machine is identified as a computer or a device.

Is it possible that the "operatingSystem" value for your Linux machines in AD is either blank or includes the term "Windows"? This would also cause your machines to be identified as Windows computers.
Hemoco
Lansweeper Alumni
Lansweeper uses port 135 to determine whether a machine is a computer or a device. If port 135 is open, the machine is deemed a computer. If port 135 is closed, the machine is deemed a device.

Could you ensure that port 135 is closed on your Linux servers. Afterwards, you can delete the "faulty" Linux entries through your configuration console, under Lansweeper\Scanned Computers.