cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
maott
Engaged Sweeper II

Hi,

we are facing the issue that Lansweeper is scanning an IP-Range and/or a AD-OU even if it is not configured as a scanning target (anymore). It both these rogue ranges coming back everytime the scanserver finished it's "normal scans" (which are defined as scan target).
 Restarting the Lansweeper-Service on this Scanserver does the trick for a while, but it does not take long and this "phantom IP-Range" (about 6 Ips) and a bunch of AD-Computers (6 devices) coming back into the scanning-queque every time.
Neither the IP-range nor the OU which resides the mentioned AD-Computers are configured in one of our scan-servers, especially not on the server whose queue is being blocked.

Is there a file in the file-system or a table in the Database, which I could check if there's a leftover in there?

Thanks for every hint

BR

matt

2 ACCEPTED SOLUTIONS
duster1
Engaged Sweeper III

Did you make sure you filled out the OU filter and Site filter correctly?

duster1_0-1688700860147.png

 

Here is an example:

OU=Name2,OU=Name1,DC=Domain,DC=Local

Domain name is Domain.local
The first Organizational Unit is Name1
The second Organization Unit, located inside Name1 is Name2
The easiest way to make sure you have it correct, view the OU in Active directory - right click on it and select Properties. View the "Attribute Editor" tab, and find "distingushedName".  You'll want your filter to match the value listed. (Just copy and paste really)

Anything in Name2 and lower will be seen and scan as indicated by the selection. Anything outside of that scope will NOT be scanned, meaning anything computers or other OU's in Name1 will not be scanned.

To add additional filters, just click the Add OU.
I do not use sites in my structure at this time, so I can't test it.

Another thing to check, make sure you have not inadvertently deployed the LsAgent to the computers specified. They would certainly be re-created/updated each time they check in.

 

View solution in original post

maott
Engaged Sweeper II

Hi duster1,

Thanks for answering to my topic!

We have indeed a Scan type "Active Directory Domain" assigned on the affected Scanserver and there are no filters set, just DNS Name and Netbios are set.

I'll deactivate this scanning target and will inform you if this solves the issue.

Really appreciate your comment!

Best Regards

matt


View solution in original post

3 REPLIES 3
maott
Engaged Sweeper II

Hi duster1,

as I can say - so far - your hint worked for me regarding the 6 AD-Devices that were scanned for no reason.

My "phantom Ip-Range" is still appearing in the Scan-List of one of our scan-servers. 😕

FYI: What have I done? 
I had to disable "Active Directory Domain" active scanning completely. I will configure it from the scratch (when I find the time) with a complete new approach regarding the OU-Filters.

maott
Engaged Sweeper II

Hi duster1,

Thanks for answering to my topic!

We have indeed a Scan type "Active Directory Domain" assigned on the affected Scanserver and there are no filters set, just DNS Name and Netbios are set.

I'll deactivate this scanning target and will inform you if this solves the issue.

Really appreciate your comment!

Best Regards

matt


duster1
Engaged Sweeper III

Did you make sure you filled out the OU filter and Site filter correctly?

duster1_0-1688700860147.png

 

Here is an example:

OU=Name2,OU=Name1,DC=Domain,DC=Local

Domain name is Domain.local
The first Organizational Unit is Name1
The second Organization Unit, located inside Name1 is Name2
The easiest way to make sure you have it correct, view the OU in Active directory - right click on it and select Properties. View the "Attribute Editor" tab, and find "distingushedName".  You'll want your filter to match the value listed. (Just copy and paste really)

Anything in Name2 and lower will be seen and scan as indicated by the selection. Anything outside of that scope will NOT be scanned, meaning anything computers or other OU's in Name1 will not be scanned.

To add additional filters, just click the Add OU.
I do not use sites in my structure at this time, so I can't test it.

Another thing to check, make sure you have not inadvertently deployed the LsAgent to the computers specified. They would certainly be re-created/updated each time they check in.

 

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now