cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
sticky
Engaged Sweeper III
Hi

I'm currently in the process of installing lansweeper in my university environment to help us get a grip on the number and type of machines we have on our network. Being a university, we have a diverse mix of machines and a lot of 'local' support staff that have a tendency to remove 'domain admins' from the administrators group and install non-standard firewalls that we are unable to manage. We've finally convinced the powers that we need to enforce access to all these machines, the problem is identifying what machines we don't have access to and for what reason.

One of the things that initially had me excited about lansweeper was the fact that you had the option of using lsclient.exe on a host to update that devices details in the database. I initially assumed that lsclient 'pushed' the data into the database - so when running as a logon script, it wouldn't matter if the host was behind an inaccessible firewall or the server did not have admin rights on that host.

However since testing I see that effectively the lsclient just tells the server 'I'm here, scan me!'. The server then scans the host remotely.

It would be nice if lsclient had the option to push the data into the db (even if it's just the basic info like OS and primary user). Currently we have approx 6,500 devices scanned, 1,500 of which are unscannable for various reasons - some of them are actually Linux or Mac devices. This would let us identify which devices are actually Windows PCs and thus flag to us we need to take some action to gain access to them.

Thanks
Michael
13 REPLIES 13
sticky
Engaged Sweeper III
Excellent - thanks for the great support! Looking forward to the next release.
Hemoco
Lansweeper Alumni
sticky wrote:
Excellent - thanks for the great support! Looking forward to the next release.

You can download the beta from the forum, please leave your comments after testing.
Hemoco
Lansweeper Alumni
After a quick check the scanning algorithm in 3.2 is:

If not access denied then scan active directory

It would indeed be a good idea to scan active directory first before doing this check.

This is also the case in the current 3.5 beta, I'll add this to the changelist for the final version.
sticky
Engaged Sweeper III
I know it doesn't support non-windows OS'es, however they've been pulled into my Lansweeper db courtesy of the AD scan so I need to identify them as being non-windows. This info definitely exists in AD and it isn't gathering it. A bug perhaps?
sticky
Engaged Sweeper III
I had a look at that table - but it appears it only updates the information for the Windows OSes - ie I can't see any details for the Mac OS and Linux devices. Is being a Windows OS a requirement for updating info into this table? The devices definitely exist in tblComputers.
Hemoco
Lansweeper Alumni
sticky wrote:
I had a look at that table - but it appears it only updates the information for the Windows OSes - ie I can't see any details for the Mac OS and Linux devices. Is being a Windows OS a requirement for updating info into this table? The devices definitely exist in tblComputers.

Lansweeper does not support non-windows OS'es, but if this information exists in Active directory then Lansweeper will gather it.
sticky
Engaged Sweeper III
Alternatively - the OS name and version is stored in AD. How about adding another field to the lansweeper db for the AD OS and version. This could then be used when lansweeper is unable to query the actual OS/version from the device itself. This would be very useful for identifying machines I should have access to, but don't.

Still haven't got around to writing a script... but now instead of updating the OS value with details from our admin database, I'll just write it to pull the info from AD which is probably more accurate anyway. It'd be great if lansweeper could pull this info from AD automatically when devices are added via AD.
Hemoco
Lansweeper Alumni
sticky wrote:
Alternatively - the OS name and version is stored in AD. How about adding another field to the lansweeper db for the AD OS and version. This could then be used when lansweeper is unable to query the actual OS/version from the device itself. This would be very useful for identifying machines I should have access to, but don't.

Still haven't got around to writing a script... but now instead of updating the OS value with details from our admin database, I'll just write it to pull the info from AD which is probably more accurate anyway. It'd be great if lansweeper could pull this info from AD automatically when devices are added via AD.


This is stored in table tblADcomputers.
sticky
Engaged Sweeper III
It's not the Windows Firewall that's the problem as we have control over that. We're more concerned about the myriad of free firewall products out there that we cannot control. No problem though, I'll see how I go with a .vbs script.