This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject

→ 🚀What's New? Join Us for the Fall Product Launch! Register Now !

Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Is the domain case sensitive?

steviebuk
Engaged Sweeper

‎02-28-2018 04:55 PM

I'm curious to get an official word. We have version 6.0.100.98 and I was recently asked to create an account that lansweeper could use to scan all the machines. The past engineer had been using their domain admin account.

Despite the password being correct and the account have local admin rights on all the machines that scans would fail. If I used my domain admin account the scans were successful.

I then discovered if I wrote under login on "scanning credentials" the domain as upper case, the local admin account works. If the domain is typed in lower case it fails. Its very odd because if you put the domain in lower case for the domain admin account, it works.

Example:

mydomain\sweeperaccount - scanning would fail with simply "scanning access denied"
MYDOMAIN\sweeperaccount - scanning was a success.
mydomain\domainadminaccount - scanning was a success.

Very odd.
Labels:
0 Kudos
3 REPLIES 3
steviebuk
Engaged Sweeper

‎03-05-2018 03:52 PM

Thanks for the reply. Instead of using LsPush yet I went on all the servers that failed and had to manually add the user name into the local admins group. Appears to have worked for most of them.
0 Kudos
Bruce_B
Lansweeper Alumni

‎03-05-2018 10:25 AM - last edited on ‎02-09-2024 11:51 AM by Community Manager

The scanning service will authenticate with the exact credentials you've input in the web console, using locally available authentication methods, which will be either Kerberos or NTLM. We haven't run into this kind of case sensitive issue before, but I'd expect similar issues if you were for instance to log on to a computer using "mydomain\sweeperaccount".

As for the scanning of servers, any server that has a local Administrators group can be treated just like any workstation computer. The scanning credential needs to be a member of the Administrators group for successful agentless scanning. For servers that don't have local groups (domain controllers), the account would need to be a domain admin.

If you're not comfortable using domain admin credentials you can use LsPush  for scanning these types of computers instead, which does not require elevated credentials and can also be automated.

0 Kudos
steviebuk
Engaged Sweeper

‎03-02-2018 02:56 PM

Further testing I've found this account isn't working when it tries to scan servers. I just get "Scanning Access Denied".

So does the scanning account 100% require domain admin?
0 Kudos

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now