cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
jduran
Engaged Sweeper

Hi,

I have a problem with Lansweeper, the servers outside my network that have Kubernetes are not added to Lansweeper, some appear at first but then disappear and others never appear at all.

1 ACCEPTED SOLUTION
Obi_1_Cinobi
Lansweeper Tech Support
Lansweeper Tech Support

Hello there!

We indeed have seen this before, it seems that servers with Kubernetes are merged due to fake MAC addresses.

In general, when Lansweeper scans your assets (or when the asset is created manually), a unique identifier is created based on the scanned/submitted information. For non-Windows assets, this unique identifier is the MAC address of the asset (if Lansweeper was able to scan this information or if this information was provided). If the MAC address is not available, the IP address will be used instead. More information on this unique identifier can be found in the following knowledgebase article: https://www.lansweeper.com/knowledgebase/how-lansweeper-uniquely-identifies-assets/

When saving the scanned information in the database, Lansweeper will first check if this unique identifier already exists. If this is the case, the existing asset will be updated and if not, the new asset will be added. With this in mind, if a (newly) scanned asset (or one of the linked components) shares one (or more) MAC address(es) with another asset, the scanned asset will have the same identifier and will, as such, merge or update the existing asset. At this point, this would be the expected behavior. When an asset is merged into another asset, this should be listed in the Comments tab of the asset that still exists.

We presume this may be the case here. If this is the case, there is a workaround for this (unwanted) asset merging by adding the affected MAC address(es) to an internal list in the Lansweeper database (tsysMacBlacklist). Adding the common MAC Address(es) to tsysMacBlacklist will prevent Lansweeper from using the common MAC address(es) to uniquely identify assets and will allow both assets to be added to the database.

To blacklist the shared MAC address(es) that is/are causing the asset merging, you can do the following:

  • The first step is to find out which MAC address is causing the merging. Compare the MAC addresses of your device. There should be one or more matching MAC addresses. The same applies to any other non-Windows assets that would be facing merging issues.
  • To get the MAC addresses of a device you can use devicetester.exe (Program Files (x86)\Lansweeper\Actions), or check the Network section of its asset page when freshly scanned.
  • You can also identify the shared MAC addresses by making use of the interface debugger tool, which can be downloaded via the link below. Run the tool directly from your Lansweeper server toward the IP addresses of the assets in question using your scanning credentials.

https://www.dropbox.com/s/mn5ium1nyphalh9/InterfaceScanDebugger.zip?dl=0

  • Execute the below SQL script once for each shared MAC address. Replace this part of the code with the MAC Address that you would like to exclude. You can give the exclusion a name by replacing this. To execute scripts you can make use of the DatabaseMaintenance tool, which can be found under Program Files (x86)\Lansweeper\Tools on your Lansweeper server. Note that as this is a database script, just to be safe, we suggest taking a back-up of your database as described in the following article:

https://www.lansweeper.com/knowledgebase/backing-up-your-installation/

Just to be sure everything was processed correctly, please restart the Lansweeper Server service, as the MAC blacklist is cached in the service memory. Afterward, try rescanning your device.

INSERT INTO tsysMacBlacklist (Mac, Comment) VALUES ('AA:BB:CC:00:11:22', 'Exclusion name')
GO
UPDATE tsysupdate SET MacBlacklist = GETDATE()

 

 

View solution in original post

1 REPLY 1
Obi_1_Cinobi
Lansweeper Tech Support
Lansweeper Tech Support

Hello there!

We indeed have seen this before, it seems that servers with Kubernetes are merged due to fake MAC addresses.

In general, when Lansweeper scans your assets (or when the asset is created manually), a unique identifier is created based on the scanned/submitted information. For non-Windows assets, this unique identifier is the MAC address of the asset (if Lansweeper was able to scan this information or if this information was provided). If the MAC address is not available, the IP address will be used instead. More information on this unique identifier can be found in the following knowledgebase article: https://www.lansweeper.com/knowledgebase/how-lansweeper-uniquely-identifies-assets/

When saving the scanned information in the database, Lansweeper will first check if this unique identifier already exists. If this is the case, the existing asset will be updated and if not, the new asset will be added. With this in mind, if a (newly) scanned asset (or one of the linked components) shares one (or more) MAC address(es) with another asset, the scanned asset will have the same identifier and will, as such, merge or update the existing asset. At this point, this would be the expected behavior. When an asset is merged into another asset, this should be listed in the Comments tab of the asset that still exists.

We presume this may be the case here. If this is the case, there is a workaround for this (unwanted) asset merging by adding the affected MAC address(es) to an internal list in the Lansweeper database (tsysMacBlacklist). Adding the common MAC Address(es) to tsysMacBlacklist will prevent Lansweeper from using the common MAC address(es) to uniquely identify assets and will allow both assets to be added to the database.

To blacklist the shared MAC address(es) that is/are causing the asset merging, you can do the following:

  • The first step is to find out which MAC address is causing the merging. Compare the MAC addresses of your device. There should be one or more matching MAC addresses. The same applies to any other non-Windows assets that would be facing merging issues.
  • To get the MAC addresses of a device you can use devicetester.exe (Program Files (x86)\Lansweeper\Actions), or check the Network section of its asset page when freshly scanned.
  • You can also identify the shared MAC addresses by making use of the interface debugger tool, which can be downloaded via the link below. Run the tool directly from your Lansweeper server toward the IP addresses of the assets in question using your scanning credentials.

https://www.dropbox.com/s/mn5ium1nyphalh9/InterfaceScanDebugger.zip?dl=0

  • Execute the below SQL script once for each shared MAC address. Replace this part of the code with the MAC Address that you would like to exclude. You can give the exclusion a name by replacing this. To execute scripts you can make use of the DatabaseMaintenance tool, which can be found under Program Files (x86)\Lansweeper\Tools on your Lansweeper server. Note that as this is a database script, just to be safe, we suggest taking a back-up of your database as described in the following article:

https://www.lansweeper.com/knowledgebase/backing-up-your-installation/

Just to be sure everything was processed correctly, please restart the Lansweeper Server service, as the MAC blacklist is cached in the service memory. Afterward, try rescanning your device.

INSERT INTO tsysMacBlacklist (Mac, Comment) VALUES ('AA:BB:CC:00:11:22', 'Exclusion name')
GO
UPDATE tsysupdate SET MacBlacklist = GETDATE()