→ 🚀What's New? Join Us for the Fall Product Launch! Register Now !
‎08-02-2022 07:01 PM - last edited on ‎04-02-2024 10:45 AM by Mercedes_O
I have been working with Support on this issue for the last two months, and the last time I have heard from them was on 7/22, so I am trying to see if anybody here in the Forums can also assist because we really need this to work again. The last information I sent to Support (besides asking for updates) was log files from using the testconnection.exe as Support was saying the service account could not reach our DC's with Kerberos.
Here's the short story: the ADUser table is no longer repopulating after support had me delete all of the users from the table. Currently, lansweeper is only seeing 49 users, where it should be a few thousand users. It was working just fine until a recent security change forced us to have the service account that was used to scan no longer have domain admin rights. We have verified the scanning targets are set up properly and have mapped to the right credential.
I know it's set up right as it's scanning 49 users but can't figure out why it won't get the rest. Any more suggestions\guidance would be great.
Solved! Go to Solution.
‎08-05-2022 04:08 PM - edited ‎08-05-2022 04:09 PM
Here's the response I received back from LS email support this morning, and once I did their suggestion, and re-scan our User Base, the Local AD user scan started to work again and it picked up the rest of our users. Thanks to both LS Email Support and the Forum Admins for assisting with this issue.
We could see in the Errorlog.txt that connecting to your AD domain and retrieving users and groups is not the problem. So the configuration is correct. However, we did come across an error that is usually thrown when the user that is performing the AD Scan (the Lansweeper Service Account) does not have sufficient access rights on the entire AD domain.
Assigning permissions to AD users is done in Active Directory Users & Computers:
Please re-assign these permissions and Rescan the AD User/Group Path Scanning Target.
‎08-03-2022 05:24 PM
We add new accounts daily as we are a community college, and those new accounts are not showing up. Those 49 accounts are mostly IT users, few service accounts (but not all), couple staff, and two retirees.
I took a look at a few of those accounts, and all of them have AdminCount attributes set to 1 in their AD account properties. The rest of the accounts (from what i can tell that aren't syncing to LS don't have that attribute set)
‎08-02-2022 07:16 PM
In addition, we started to use the LS agent for scanning the computers.
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now