cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
domino-bau
Engaged Sweeper
Hi,

I can‘t get After Scanning deployments to run on Windows 10 clients when using LsAgent.
The LsAgent scanning itself works fine, but the deployments are simply not being triggered by/after the scan.

What does trigger a deployment, for example:
  • a manual Rescan asset
  • an IP Range scan on the asset‘s IP address
I created a Scheduled Deployment for a single selected asset with Execution Plan = After Scanning.

Results:
LsAgent
  • Client computer starts up
  • A few minutes later, I see that the asset‘s Last LsAgent Scan has been updated.
  • No deployment is triggered (no entries under Installer Logs or under the asset‘s Deployments tab).
LsPush
There is conflicting information on the forums whether LsPush is supposed to trigger After Scanning deployments, so I thought I‘d try it as well.
Unfortunately, the results are similar to LsAgent: The asset‘s Last Lspush Scan is updated, but the deployment doesn‘t happen.

In either case the Last Execution date for the Scheduled Deployment stays at Not Executed.

Does anyone have any pointers how to reliably trigger automatic deployments – either via After Scanning or through a client-side command?
Thanks in advance!


Lansweeper server 8.1.120.3
LsAgent 7.2.110.18
LsPush 7.2.100.1.
4 REPLIES 4
domino-bau
Engaged Sweeper
Hi,

thanks for your explanation!

So I understand that there is no way to trigger a deployment for example when a client comes online, or when a user logs on (meaning "right now", not "some random time after the trigger happened").

That's a bit disappointing, since the other methods (like time-based deployment triggers) are not suitable for our needs.
FrankSc
Lansweeper Tech Support
Lansweeper Tech Support
Hello,

Lspush indeed needs to be able to send the scanning results as a single file to the scanning server. So there needs to be a connection.
But with LsPush or LsAgent, your scanning server does need to have access to scan WMI like an agentless scan does. To run deployments you need to have the same level of access from your scanning server to the client. So the assets needs to be scannable without agent, to be able to run a deployment.
So with "guaranteed to be online" we actually mean fully accessible to be scanned from the scanning server.

LsAgent has than the advantage that can communicate also through a relay server next to the direct communication.
FrankSc
Lansweeper Tech Support
Lansweeper Tech Support
Hello,

The "After Scanning" deployment was mainly introduced to deploy on assets that are guaranteed to be online (after an agentless scan).
If an asset is scanned with LsPush or LsAgent, it is not guaranteed to be online.
We do have a feature request already in place to trigger deployments also after an LsPush or LsAgent scan. Hopefully we can foresee this in a later release.

Hi,

thanks for your reply!

However, I'm a bit confused by this part:

FrankSc wrote:
If an asset is scanned with LsPush or LsAgent, it is not guaranteed to be online.

As I understood, both these scan methods are initiated from the client side.
If the client is offline, how can LsAgent or LsPush send new scan results to the Lansweeper server?