cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Dogan_Cibiceli
Engaged Sweeper
We have a large number of firewalls and I am trying to consolidate the lansweeper installed on subnets. Can I use active directory to get the list of the machines and use them to be scanned? I am guessing if such a feature is available, IP address and MAC will be assigned after the initial login to the server (WMI).

Can someone point me to some documentation?
1 ACCEPTED SOLUTION
Bruce_B
Lansweeper Alumni
The scanning target that most closely matches what you're describing is the Active Directory Domain scanning target. This scanning target gets a list of assets to be scanned by connecting to a Domain Controller. Asset selection happens based on the Lastlogon AD attribute, assets that have a recent Lastlogon will be selected. Do note that this won't import all Windows computers out of AD, it will create asset records and attempt to scan computers that are deemed to be online.

For more information on this scanning target you can check out this article.

View solution in original post

4 REPLIES 4
Dogan_Cibiceli
Engaged Sweeper
Because of the way the firewalls are setup in my workplace, they might not be eager to open so many ports. I cannot put an IP target scan, however I can put the only port WMI to be open from lansweeper to the target lans (more palatable than the opening up multiple ports).

Can lansweeper login to the asset based on the active directory domain scan without TCP port 135 being open? After all, it's got the name of the server (fqdn) so I assume it can grab the rest of information from WMI such as OS, applications.
Bruce_B
Lansweeper Alumni
The initial connection and asset type identification for Windows computer occurs over TCP port 135. You can find a list of the ports used by Lansweeper here. The Windows domain scanning requirements can be found here.

After assets are loading, why do they get scanned?


It's not entirely clear to me what you mean by this, what is meant by scanning in the context of Lansweeper, is to retrieve information from the asset and to store it in the Lansweeper database in that computer's record. The computer's record gets initially created in your Lansweeper database at the start of a scan.
Dogan_Cibiceli
Engaged Sweeper
After assets are loading, why do they get scanned? The only port that's open should be the WMI port for access, should it not?
Bruce_B
Lansweeper Alumni
The scanning target that most closely matches what you're describing is the Active Directory Domain scanning target. This scanning target gets a list of assets to be scanned by connecting to a Domain Controller. Asset selection happens based on the Lastlogon AD attribute, assets that have a recent Lastlogon will be selected. Do note that this won't import all Windows computers out of AD, it will create asset records and attempt to scan computers that are deemed to be online.

For more information on this scanning target you can check out this article.