cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
sbrunk
Engaged Sweeper II
We are currently on version 5.3.0.17 of Lansweeper and most of our scanning is done via nightly scheduled computer scans pointed at Active Directory OUs. We have a number of Linux and AIX computers in our targeted OUs that we do not wish to scan. Lansweeper attempts to connect via SSH to these computers using our global SSH credentials but is unsuccessful since the credentials do not have the necessary permissions on the computers. Is there any way to tell Lansweeper to not attempt to scan these machines? Adding the hostnames to the Windows computer exclusion list doesn't appear to work.
1 ACCEPTED SOLUTION
Susan_A
Lansweeper Alumni
If OUs with non-Windows assets are submitted for Scheduled Computer Scanning, those non-Windows assets are passed along to the same scanning procedure that's used for IP Address Range Scanning. Non-Windows assets submitted for Scheduled Computer Scanning *will* be scanned regardless of whether or not their IP ranges are visible under IP Address Range Scanning as well.

It's a little counter-intuitive, but you should be able to use IP exclusions, configured under IP Address Range Scanning, to exclude non-Windows assets from Scheduled Computer Scanning, even if the machines' ranges aren't visible under IP Address Range Scanning. Windows computer exclusions won't work, as they only apply to Windows computers.

View solution in original post

5 REPLIES 5
Susan_A
Lansweeper Alumni
Just an FYI: I edited my previous post, as it was confusing. My edited post should be clearer and a better response to sbrunk's specific situation.
Susan_A
Lansweeper Alumni
If OUs with non-Windows assets are submitted for Scheduled Computer Scanning, those non-Windows assets are passed along to the same scanning procedure that's used for IP Address Range Scanning. Non-Windows assets submitted for Scheduled Computer Scanning *will* be scanned regardless of whether or not their IP ranges are visible under IP Address Range Scanning as well.

It's a little counter-intuitive, but you should be able to use IP exclusions, configured under IP Address Range Scanning, to exclude non-Windows assets from Scheduled Computer Scanning, even if the machines' ranges aren't visible under IP Address Range Scanning. Windows computer exclusions won't work, as they only apply to Windows computers.
sbrunk
Engaged Sweeper II
Susan.A wrote:
If OUs with non-Windows assets are submitted for Scheduled Computer Scanning, those non-Windows assets are passed along to the same scanning procedure that's used for IP Address Range Scanning. Non-Windows assets submitted for Scheduled Computer Scanning *will* be scanned regardless of whether or not their IP ranges are visible under IP Address Range Scanning as well.

It's a little counter-intuitive, but you should be able to use IP exclusions, configured under IP Address Range Scanning, to exclude non-Windows assets from Scheduled Computer Scanning, even if the machines' ranges aren't visible under IP Address Range Scanning. Windows computer exclusions won't work, as they only apply to Windows computers.


Yes, I've done some testing and found that using IP exclusions does indeed work as you've described. Thanks.
sbrunk
Engaged Sweeper II
Well, it would be if we didn't want to scan any of our Linux/Unix servers, but that's not the case. We do want to scan some of them, just not these.
KrisNelson
Champion Sweeper
Under scanning methods there is a Assettype Exclusion option.

Excluding assets from scanning

I've never used it, but I would imagine its exactly what you are looking for.

-Kris