You notice or get notified that the Lansweeper account generates multiple logon events per second, minute or hour across your domain controllers. Your adrenal medulla starts working overtime, and you must know why!
What is happening?
Lansweeper will query your domain controllers in scheduled intervals when these scanning targets are enabled.
- IP Range scanning target: AD information is retrieved when a domain joined computer is scanned.
- AD Computer Path scanning target: creates a list of the devices to scan and then scans the found devices.
- AD User Path scanning target: all targeted user or group information will be retrieved from your domain controllers. Based on the number of retrieved objects this can be a considerable amount of single queries.
- Lastlogon attribute: enumerates and queries all available domain controllers to get the user's lastlogon attribute.
- Active Directory Domain scanning target: enumerates and queries all available domain controllers every 15 mins by default. This can be adjusted under Scanning\Scanning targets in the Active Directory Domain Scanning options section.
Lansweeper will also query your domain controllers for:
- Automatic cleanup options: when Active Directory cleanup options are selected under Configuration\Server options, many authenticated AD queries can be generated. The automatic cleanup options run every 24 hours and after every service restart.
- LsAgent and LsPush scans: when the assets are scanned, and data is imported in Lansweeper, an AD lookup is triggered.
To limit the amount of AD queries, each Lansweeper Server service stores a timestamp in memory to keep track of the last AD lookup of all AD objects. A new lookup will only occur after a 20 hours grace period.
As you can see, a fully operational Lansweeper installation with AD cleanup options enabled will authenticate multiple times to your domain controllers. If you want to reduce the number of authentications, you can:
- Narrow down the AD objects you are scanning by adding precise OU filters in your AD Computer Path , AD User Path, and Active Directory Domain scanning targets.
- Adjust the scanning frequency of your Active Directory Domain scanning target. This can be done by editing the scanning target in the Scanning targets section.
- Disable some scanning scope options for your on-premise AD scans.
- Disable the automatic cleanup options for your AD scanning targets.
Was this post helpful? Leave a Kudo!
Did you have a similar issue and a different solution? Share your work in the comments below and help your fellow IT Heroes!
More questions? Browse our Quick Tech Solutions or Community Forum.
If you can't find what you're looking for, create a post in our Community Forum.