This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Minimum access level needed to scan domain PCs

rcav8r
Engaged Sweeper

‎07-19-2018 09:34 PM

HI. We are currently using an account with FULL domain admin access to perform the scan. What is the recommended account settings for this account? I.E. can we use an account with lower than FULL Domain access for the scanning.

Thanks
Dave
Labels:
0 Kudos
2 REPLIES 2
Bruce_B
Lansweeper Alumni

‎07-20-2018 09:07 AM

The poster above is correct. Just to add on to his response, in cases where a credential with local admin rights on the target computer would be deemed a security risk, you could use the LsPush scanning agent instead, which doesn't require administrative rights to run. Full instructions and use cases for LsPush can be found in this article.
0 Kudos
KrisNelson
Champion Sweeper

‎07-19-2018 11:23 PM

The scanning account only needs local machine admin rights and AD read rights.

https://www.lansweeper.com/knowledgebase/domain-scanning-requirements/

Credentials

You must provide Lansweeper with a username/password combination that has administrative privileges on the client machine and, for scanning Active Directory information, read-only access to Active Directory.

-Kris
0 Kudos

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now