cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
tcilmo
Engaged Sweeper II
Does Lansweeper have more granular documentation on setting Windows permissions on a scanning account whereas it does not have to be a member of the local admin group? Such as setting WMI and DCOM permissions specifically to a custom local group or an alternative built-in local Windows group?

-Tony
1 ACCEPTED SOLUTION
Susan_A
Lansweeper Alumni
We received and answered this question via email. For everyone else's benefit, I'm pasting the reply we sent via email below.
Performing an agentless scan of a Windows computer with an account that is not a full administrator on the computer is not supported unfortunately. Scanning with an account with more limited permissions may work, but this is not something we can provide instructions or support for. You can scan without a credential by using our LsPush scanning agent.

LsPush is a small executable that, when run on a Windows computer, scans the computer locally. The scan results can manually or automatically be forwarded to your Lansweeper server for import. You can find the LsPush executable in the Program Files (x86)\Lansweeper\Client folder on your Lansweeper server. LsPush can easily be deployed in domain environments with a logon script or group policy. A sample VBS script that runs LsPush can be seen below. You will need to replace what we've highlighted with the folder hosting the LsPush executable and the name of your own Lansweeper server. Deploy this script as part of a logon script or group policy. LsPush will automatically scan your machines when users log into them and send the results directly to your Lansweeper server for import. More info on LsPush and its parameters can be found in this knowledge base article.


Set WshShell = CreateObject("Wscript.Shell")
WshShell.run "%logonserver%\netlogon\lspush.exe lansweeperservername",0

View solution in original post

1 REPLY 1
Susan_A
Lansweeper Alumni
We received and answered this question via email. For everyone else's benefit, I'm pasting the reply we sent via email below.
Performing an agentless scan of a Windows computer with an account that is not a full administrator on the computer is not supported unfortunately. Scanning with an account with more limited permissions may work, but this is not something we can provide instructions or support for. You can scan without a credential by using our LsPush scanning agent.

LsPush is a small executable that, when run on a Windows computer, scans the computer locally. The scan results can manually or automatically be forwarded to your Lansweeper server for import. You can find the LsPush executable in the Program Files (x86)\Lansweeper\Client folder on your Lansweeper server. LsPush can easily be deployed in domain environments with a logon script or group policy. A sample VBS script that runs LsPush can be seen below. You will need to replace what we've highlighted with the folder hosting the LsPush executable and the name of your own Lansweeper server. Deploy this script as part of a logon script or group policy. LsPush will automatically scan your machines when users log into them and send the results directly to your Lansweeper server for import. More info on LsPush and its parameters can be found in this knowledge base article.


Set WshShell = CreateObject("Wscript.Shell")
WshShell.run "%logonserver%\netlogon\lspush.exe lansweeperservername",0