This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
→ 🚀What's New? Join Us for the Fall Product Launch! Register Now !
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Lansweeper Community
- Forums
- Reports & Analytics
- Allowed Administrators
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Register to ask a question, start a topic or share an idea
Join the Community
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-31-2013 06:24 PM
Greetings, If this has already been covered I apologize. I did search and read the first ten pages of previous posts to no avail.
Here are my issues:
We deny by default any domain UserID from being in the local machine admin group. However, we do have an exception policy and process in place to request an exception. That list of approved exceptions is polled once per quarter to ensure that the user still needs that access. So, the list of "Allowed Administrators" will necessarily change. I was hoping to find some instructions on crafting a SQL query that would allow me to manage that list more efficiently.
As an example, as we are just getting started, the current list of allowed administrators was entered by me and it is only about 15 IDs long. However, I just finished creating the latest exception list and have that in an excel spreadsheet. It contains over 500 userIDs. Rather than manually enter 500 IDs, is there a SQL script already created that would allow me (with some modification of course) to import that list directly into the database?
Another example given our desired process... Next quarter when I review this list again, I will have to pull some IDs out of the table and add some new one's in. Again, is there an already existing script that accomplishes this sort of task?
Finally, if these types of scripts do not currently exist, would it be possible to receive some guidance in the creation of them. Once created by us, we will be happy to post them here once we redact our company specific info.
Thanks for your attention to my query.
Here are my issues:
We deny by default any domain UserID from being in the local machine admin group. However, we do have an exception policy and process in place to request an exception. That list of approved exceptions is polled once per quarter to ensure that the user still needs that access. So, the list of "Allowed Administrators" will necessarily change. I was hoping to find some instructions on crafting a SQL query that would allow me to manage that list more efficiently.
As an example, as we are just getting started, the current list of allowed administrators was entered by me and it is only about 15 IDs long. However, I just finished creating the latest exception list and have that in an excel spreadsheet. It contains over 500 userIDs. Rather than manually enter 500 IDs, is there a SQL script already created that would allow me (with some modification of course) to import that list directly into the database?
Another example given our desired process... Next quarter when I review this list again, I will have to pull some IDs out of the table and add some new one's in. Again, is there an already existing script that accomplishes this sort of task?
Finally, if these types of scripts do not currently exist, would it be possible to receive some guidance in the creation of them. Once created by us, we will be happy to post them here once we redact our company specific info.
Thanks for your attention to my query.
Solved! Go to Solution.
Labels:
- Labels:
-
Report Center
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-31-2013 10:06 PM
We do not currently provide support for creating custom scripts, as there is always a risk that you'll make unwanted database changes. Perhaps someone on the forum can help.
An alternative would be to connect to your Lansweeper database using Microsoft Access or something similar, which allows for easier data insertion.
An alternative would be to connect to your Lansweeper database using Microsoft Access or something similar, which allows for easier data insertion.
4 REPLIES 4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-01-2013 06:17 PM
Thanks for the response. We'll be careful. 🙂
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-31-2013 10:40 PM
Thanks for the response. Would it be possible to identify the table where that data is stored. At first glance it looks like tblUsersInGroup.Admingroup and that it is basically just flagging the appropriate userid with a 1 rather than a 0. If you could just confirm the table and column entry, our SQL DBEs can go from there.
As a side note, I noticed that in the lsconfig tool, there is an interface for executing SQL scripts. Is that provided as a support interface only?
As a side note, I noticed that in the lsconfig tool, there is an interface for executing SQL scripts. Is that provided as a support interface only?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-01-2013 06:13 PM
GMFDE wrote:
At first glance it looks like tblUsersInGroup.Admingroup
No, as this table contains scanned data. The allowed admins configured in the 4.2 configuration console under Configuration\Allowed Administrations can be found in database table tsysadmins.
GMFDE wrote:
As a side note, I noticed that in the lsconfig tool, there is an interface for executing SQL scripts. Is that provided as a support interface only?
You can execute custom scripts here if you're careful, but we do not provide support for building them. We would recommend performing a database backup before executing any scripts.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-31-2013 10:06 PM
We do not currently provide support for creating custom scripts, as there is always a risk that you'll make unwanted database changes. Perhaps someone on the forum can help.
An alternative would be to connect to your Lansweeper database using Microsoft Access or something similar, which allows for easier data insertion.
An alternative would be to connect to your Lansweeper database using Microsoft Access or something similar, which allows for easier data insertion.
New to Lansweeper?
Try Lansweeper For Free
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now
Related Content
- User login fails to onprem Lansweeper for AD user in Product Discussions
- Is there a plan to allow Cloud based reporting be able to return/export more than 10,000 records? in Technical Troubleshooting
- Does Lansweeper allow to patch the vulnerabilities of software installed? in Technical Troubleshooting
- Is there a better Deployment Package tutorial? in Deployment Packages
- Allow Custom fields to be set using email Ticketing Dispatch rules - On Premise version in General Discussions
