→ Your Opinions Count! 2024 Content Survey Take the survey

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
HarkinsIT
Champion Sweeper

Hello. I have been running a single Lansweeper server (all roles on one server) as a VM in my VMware ESXi environment for many years. I am planning to retire my entire VM environment (Along with my on prem domain. We’re moving to full Azure/M365 but we are currently running in hybrid) sometime in the near future.

My existing Lansweeper server is using the following:

Windows Server 2012 R2

SQL Server 2014

Domain member

I purchased a new physical computer to run Lansweeper. It’s using the following:

Windows 11 Pro

SQL LocalDB

Not a member of the domain

I have followed the KB articles on this site to back up the database and other recommended files and restored them all to my new computer. I’m fully aware that by moving from full SQL Server to LocalDB and moving from a domain member to a workgroup member is complicating this operation and I’m not even sure if it's fully supported, but I thought I’d give it a shot. I should also note that I used a different computer name for this new server.

The restores have all been successful and I can successfully log on to the web console (after running the “ResetWebUserRoles” tool) I just had a few questions about some things I’m running in to:

  • How is authentication handled now on this new box for us IT folks that need to log on and use the system? I believe it previously utilized local LDAP authentication since it was a domain member, but currently, none of us can log on with our domain creds. No one except for IT staff will need to log on.
  • I currently do most of my endpoint scanning with lsagent. Am I going to have to reconfigure the "--server” attribute on all endpoints to get their scans to this new server?
  • I’m still seeing the old server in a few places in the web console. Configuration > Server Options, Configurations > Server Logs and Scanning Target, for example. How can I remove all traces of this old server?

Any assistance that can be provided would be very much appreciated.

Thanks.

2 REPLIES 2
HarkinsIT
Champion Sweeper

Thanks very much for the info. You've given me some options to ponder.

Also, they can have my on prem Lansweeper when they pry it from my cold dead hands.  🙂

 

hubertmroz
Engaged Sweeper II

I can see a few scenarios:
- running the VM in Azure in IaaS, joining to 'on-prem ad' via AADDS which allows to connect server to EntraAD via LDAPS and provide authentication that way - this way you get the best of both worlds, without changing much
- running ipsec site-2-site to azure to join current windows 11 to azure ad via AADDS and auth via LDAPS - you just pay for the network appliances to connect to entra ad and all stays the same
- if still supported: setup cloud link for your server in config https://fqdn:port/Configuration/LinkWithCloudSite and login via dedicated mail accounts over https://app.lansweeper.com/org_name

As of know, you are running into not supported scenario for on-premise version of Lansweeper. All the docs you will find online will tell you that SAML is supported.. except it's on the newly deployed cloud-only version hosted on AWS. The on-premise version with possible cloud-link is based on old Azure deployment 🙂