This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Lansweeper Community
- Forums
- Product Discussions
- Option for lsclient to 'push' data into the databa...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Register to ask a question, start a topic or share an idea
Join the Community
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-19-2009 09:26 PM
Hi
I'm currently in the process of installing lansweeper in my university environment to help us get a grip on the number and type of machines we have on our network. Being a university, we have a diverse mix of machines and a lot of 'local' support staff that have a tendency to remove 'domain admins' from the administrators group and install non-standard firewalls that we are unable to manage. We've finally convinced the powers that we need to enforce access to all these machines, the problem is identifying what machines we don't have access to and for what reason.
One of the things that initially had me excited about lansweeper was the fact that you had the option of using lsclient.exe on a host to update that devices details in the database. I initially assumed that lsclient 'pushed' the data into the database - so when running as a logon script, it wouldn't matter if the host was behind an inaccessible firewall or the server did not have admin rights on that host.
However since testing I see that effectively the lsclient just tells the server 'I'm here, scan me!'. The server then scans the host remotely.
It would be nice if lsclient had the option to push the data into the db (even if it's just the basic info like OS and primary user). Currently we have approx 6,500 devices scanned, 1,500 of which are unscannable for various reasons - some of them are actually Linux or Mac devices. This would let us identify which devices are actually Windows PCs and thus flag to us we need to take some action to gain access to them.
Thanks
Michael
I'm currently in the process of installing lansweeper in my university environment to help us get a grip on the number and type of machines we have on our network. Being a university, we have a diverse mix of machines and a lot of 'local' support staff that have a tendency to remove 'domain admins' from the administrators group and install non-standard firewalls that we are unable to manage. We've finally convinced the powers that we need to enforce access to all these machines, the problem is identifying what machines we don't have access to and for what reason.
One of the things that initially had me excited about lansweeper was the fact that you had the option of using lsclient.exe on a host to update that devices details in the database. I initially assumed that lsclient 'pushed' the data into the database - so when running as a logon script, it wouldn't matter if the host was behind an inaccessible firewall or the server did not have admin rights on that host.
However since testing I see that effectively the lsclient just tells the server 'I'm here, scan me!'. The server then scans the host remotely.
It would be nice if lsclient had the option to push the data into the db (even if it's just the basic info like OS and primary user). Currently we have approx 6,500 devices scanned, 1,500 of which are unscannable for various reasons - some of them are actually Linux or Mac devices. This would let us identify which devices are actually Windows PCs and thus flag to us we need to take some action to gain access to them.
Thanks
Michael
Labels:
- Labels:
-
Product Feedback
13 REPLIES 13
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-20-2009 03:58 PM
Maybe a good idea would be to use a system startup script (GPO) which disables the windows firewall?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-20-2009 12:00 AM
Sorry I should have mentioned - I'm using the premium version, so it's pulled all my computers from AD and added them to the database. This includes linux and Macs that have computer accounts for AD integration - so these devices are all lumped together with the PCs unscannable due to firewalls and/or access permissions.
We have a separate database where network devices are registered, including what kind of device they are. So another option I guess for me would be to write a script to sync this data with the lansweeper db and update devices that are not PCs. This probably wouldn't be an option for most others out there though.
taeratrin - as long as a firewall isn't blocking outgoing connections, it should work ok. We've collected info like this from machines before using .vbs scripts. Am going through those scripts now to see if I can adapt one to update basic info into the lansweeper db at startup or logon. Would just be nice if the lsclient had an option to do it. I know this is an issue with enforcing guidelines - we're trying to use lansweeper to help us do just that :-).
We have a separate database where network devices are registered, including what kind of device they are. So another option I guess for me would be to write a script to sync this data with the lansweeper db and update devices that are not PCs. This probably wouldn't be an option for most others out there though.
taeratrin - as long as a firewall isn't blocking outgoing connections, it should work ok. We've collected info like this from machines before using .vbs scripts. Am going through those scripts now to see if I can adapt one to update basic info into the lansweeper db at startup or logon. Would just be nice if the lsclient had an option to do it. I know this is an issue with enforcing guidelines - we're trying to use lansweeper to help us do just that :-).
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-19-2009 10:36 PM
LSclient sends the computer name to the server and the server adds it to the database and scans the computer.
This means that you can discover all your machines.
The ones with a firewall on or the ones with wrong permissions will show up in the access denied list.
Linux and Mac machines will not show up when using lsclient.
This means that you can discover all your machines.
The ones with a firewall on or the ones with wrong permissions will show up in the access denied list.
Linux and Mac machines will not show up when using lsclient.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-19-2009 10:32 PM
I've been programming in this area (WMI info gathering) for a while, and, from my experience, you're going to have a similar problem. What happens if the client can't access the database due to the same configuration problems you mentioned?
This seems more like an issue with enforcing guidelines.
This seems more like an issue with enforcing guidelines.
New to Lansweeper?
Try Lansweeper For Free
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now
Related Content
- Database Scanner in General Discussions
- Hiding unused asset types in General Discussions
- M365 Scanning target not creating in Product Discussions
- The assets keep disappearing after I update to the latest version 11.5.1. in General Discussions
- Howto delete Users from an old Active Directory Domain in General Discussions
