Quantcast
Channel: LANDESK User Community : All Content - Inventory
Viewing all 456 articles
Browse latest View live

How to create a script to force the client to do a full inventory scan

$
0
0

If a client is not regularly sending in a full inventory scan, you can create a script to force a scan to run.

 

In the LDMS Console, go to Tools | Distribution | Manage Scripts.

 

Find the script called inventoryscanner. This is included by default with the LANDESK installation. Right click and choose edit.

 

In the Machines_Win section, go to the end of the line where ldiscn32.exe is being called. Add a /F and a /SYNC to the ldiscn32.exe command line. This will force a full hardware and software scan.

 

Here is the example:

[MACHINES_WIN\]

;--- assumes that ldappl3.ini is in same dir as the .exe

REMEXEC1=%LDMS_CLIENT_DIR%\LDISCN32.EXE /NTT=%server%:5007 /S="%server%" /I=HTTP://%server%/ldlogon/ldappl3.ldz /NOUI /NOCD /F /SYNC

 

It is also recommended to modify the line and remove the variable path and add the full path to the scanner. If you have a partial inventory record that does not contain the agent variable line, the machine will not locate the scanner.

 

Change the above line to read:

[MACHINES_WIN\]

;--- assumes that ldappl3.ini is in same dir  as the .exe

REMEXEC1=C:\Progra~\Landesk\LDClient\LDISCN32.EXE  /NTT=%server%:5007 /S="%server%" /I=HTTP://%server%/ldlogon/ldappl3.ldz  /NOUI /NOCD /F /SYNC

 

This will ensure you don't fail scans due to invalid paths.


Understanding the Last Scan Information in Inventory

$
0
0

In the root of the inventory of a machine we have Last Scan information for different sections. Here are the different section you can find in inventory:

 

Last Antivirus Updates Scan Date

Last Blocked Application Scan Date

Last Compliance Scan Date

Last Custom Definition Scan Date

Last Driver Updates Scan Date

Last Hardware Scan Date

Last Security Check Date

Last Software Scan Date

Last Software Updates Scan Date

Last Spyware Scan Date

Last Update Scan Date

Last Updated by Inventory Server

last Vulnerabiltiy Scan Date

 

dd.bmp

 

Inventory Scan Related Items

 

Note:A software scan only happens once a day by default. A hardware scan, software scan or a mini scan will change the "Last Updated by Inventory Server" field; even if the scan is discarded into the errorscan folder. A software scan can be forced when using the /F /SYNC switches. By default right clicking on a device in the console and choosing inventory scan does not force a software scan.

 

  • Last Hardware Scan Date: An inventory scan for hardware has run on the client machine.
  • Last Software Scan Date: An inventory scan that includes software information has run on the client machine. By default this runs only once a day.
  • Last Updated by Inventory Server: This field updates when a hardware scan, software scan or miniscan is recieved by the inventory server service. This field will update regardless; even if the scan is discarded into the errorscan folder.

 

Security Scan Related Items

 

Note: Using a Scan and repair setting that is scanning for a group will not update any of these dates. Even if items in the group are types that would result in the date being updated.

 

  • Last Antivirus Updates Scan Date: In the "Scan and Repair Settings" Antivirus Updates is checked off and run on the client machine.

av.JPG

 

  • Last Blocked Application Scan Date: In the "Scan and Repair Settings" Blocked Application is checked off and run on the client machine.

blocked.JPG

  • Last Driver Updates Scan Date: In the "Scan and Repair Settings" Driver Updates is checked off and run on the client machine.

driver updates.JPG

  • Last Compliance Scan Date: A compliance setting is applied to the client machine and has run.

comp.JPG

  • Last Custom Definition Scan Date: In the "Scan and Repair Settings" Custom Definitions is checked off and run on the client machine.

custom definitions.JPG

  • Last Security Check Date: In the "Scan and Repair Settings" Security Threats is checked off and run on the client machine.

threats.JPG

  • Last Software Updates Scan Date: In the "Scan and Repair Settings" Software Updates is checked off and run on the client machine.

software updates.JPG

  • Last Spyware Scan Date: In the "Scan and Repair Settings" Spyware is checked off and run on the client machine.

Spy.JPG

  • Last Update Scan Date: In the "Scan and Repair Settings" LANDesk Updates is checked off and run on the client machine.

landesk updates.JPG

  • Last Vulnerabiltiy Scan Date: In the "Scan and Repair Settings" Vulnerabilities is checked off and run on the client machine

vuln.JPG

Inventory Scanner Switches

$
0
0
WinMac*nixDescription
/A=<N>Timeout Seconds
/BADisable BIOS string scan
/BBDisable printing of paths in the MIF file for files found
/D=<path>-d=<path>Begin software scan in this folder
/DMI1Use older DMI tables
/DMI1-Don't use older DMI tables
/DEBUGOutput debug information to ldiscn32.log file
/F-F-fForce software scan
/F--f-Disable software scan
/GScan Services
-?-h or -?Displays help screen
/ITIMEOUTSeconds to wait for inv16.exe to complete. Min. 5, Max. 60
/I=<ldappl3>/l <ldappl3>Update ldappl3.ini from path

 

-i=<ConfName>Specifies the conf filename. Default is /etc/ldappl.conf
/K=<drive   letter>Scan a network (logical) drive for software
/LUse Server info stored in the registry. LDWM\CoreServer\InventoryServerPort
/L- Don't communicate with the Core server : Offline scan
/LDAP-Run scan without LDAP information including Primary Owner
/MGenerate MIF file
/MUNIGenerate Unicode MIF file
/MUSuppress error messages
-m <mode>set mac scan mode (listed, unlisted, or all)
/NNon-recursive software scan
/NHDon't do hardware scan * Warning, by design this removes device's HW *
/NOCDDon't get custom data form data
/NOUIDo not show UI
/NTT=<core:port>-ntt=CORENAMEUse TCP protocol. Core name can be host name or IP address
/O=<path>-o <path>-o <path>Create an output file
/PDSend Product Definitions to the core server
/PT-Disable thread priority decrease when on Win 9x or NT
/RLReset Logon User History and Logon Location History
/RSTART=<MaxTime>Start at a random time between 1 and <MaxTime> Time is in minutes
/RESTARTDo not schedule to run later if Core Server is not available
-RReset delta scan baseline file
/S=<Core Name>-c <Core Name>Core Server Name. Necessary when sending data to a core.
-stdoutInventory information is written to standard output
/SYNCSynchronize with core database record. Sends all data, not delta.
/T=<path>Transmit this output file to the core specified.
-tSend a mini scan
/V-V255Verbose mode (show UI)
-voutput ldscan version
/W=<n>-wWait for n seconds before starting the scan
/Z=<n>Max retries to contact the Inventory Server Service. Default/minimum = 10

How to generate an inventory output file from MAC client machine for LANDesk support to do further trouble shooting?

$
0
0


Description

During inventory troubleshooting LANDesk support may request an inventory output file (xxx.scn) for further troubleshooting.

Here is the way to generate the inventory file from the MAC client machine.


Resolution

1, From the MAC machine, Go--Go to Folder  /Library/Application Support/LANDesk/bin/ldiscan

2, You can drag the ldiscan to terminal and run ldiscan -h to get all the help information.

macinventory.png

3, You can just add the addtional parameters to export the inventoy file to current folder.

/Library/Application Support/LANDesk/bin/ldiscan -F -s -o ./test.txt

4. The inventory output file will be saved in the text.txt file.

5. Send the txt file to LANDesk support for further investigation.

 

 

Environment:

LDMS 9.5

9.6SP1 Core - stale devices are not deleting from inventory

$
0
0

I have a few devices that I mark for deletion within LDMS. The way I understand this process is that I only mark it for deletion and then by default around 23:00 these are removed from the inventory. But when I come back the next day, I see the stale devices are still there. 

LANDesk Scanner Behavior while scanning System Folders

$
0
0
 
 
 
LANDesk Scanner Behavior while
Scanning files in System Folders
Prepared by Phil Ottesen
LDMS 9.5 9.6

 

 
 
 
 
 
 
 
 
 
 
 
 
 
 
                              Contents
 
Introduction…………………………………………….2  
 
Assumptions…………………………………………….2
 
LANDesk Scanner Behavior………………………………………………2
 
Conclusion……………………………………………...3
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

 

Introduction

 
This Article discusses the LANDesk Scanner when scanning the system folders.
 
 

Assumptions

 
               This article assumes that the reader is familiar with the LANDesk Management Suite. 
 
 

The LANDesk Scanner Behavior

 
 
The LANDesk Scanner when scanning for files in the system folders will report the file version of the files the Operating systems is using.  The version of the file may not be the version of the file that exists in a specified path.  This is because the Operating system has pointers on files that are in the system folder.
 
The scanner will return the version of the file that is in use by the Operating System and not necessarily the version of the file in the specified path.  
 

 

Conclusion

 
This Article applies to LDMS9.5, LDMS9.6
 
 
 
 
 
 

About LANDesk Software

 
Simple IT environments are a thing of the past. IT departments juggle too many tools from too many vendors while facing pressure to cut costs, reduce risk and boost productivity. Workers are adding smart phones and tablets to PC or notebook use, dramatically increasing the number of endpoints and operating systems that must be managed. Organizations need intelligent, integrated control over diverse systems and devices.
 
Customers worldwide use LANDESK®systems lifecycle management, endpoint security and IT service management (ITSM) solutions to simplify IT complexity and manage mobility “mayhem;” discover, track and safeguard assets and endpoints; and enable IT staff to improve service levels—all while reducing costs and requiring less infrastructure.
 
An IDC study found that on average, LANDesk customers realized a three-year return on investment of 698% for their deployed LANDESK® solutions—a nearly sevenfold return. The average payback period to recover the initial investment averaged a short 5.1 months.
 
 
 

9.6 Inventory: device is not showing up on 9.6 console after finish installing the agent

$
0
0

Problem Description:

I have several customer have the problems that after they install 9.6 agent on client machine, they are not able to see the device from console. Or they have 9.5 client installed on client, but after installing 9.6 agent, the inventory information seems not to be updated.

 

Root Cause:

It will perform a full sync inventory scan on the device after the installation of the agent. Sometimes the SCN file size will exceeds the default size 10MB, thus it's not be able to be processed by the inventory server. You will find a SCN file under ldscan\errorBigScan folder.

 

Resolution:

Please check the file size of the SCN file in errorBigScan folder, then change the settings from core server | Configuration | Services | Inventory | Advanced Settings | Max Scan File Size. By default this size is 10MB, you will need to change it to the size that larger than the file size of the SCN file.

After saving the change, it will require restarting the inventory service.

How to query proxy setting in HKCU

$
0
0

All,

 

We are testing a new proxy and are trying query HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings for a string value - AutoConfigURL.  We have defined a custom data definition in the manage software list for the correct HKCU key and string.  We have verified that it works on some machines where the inventory was ran with the user logged on.

 

From what I can find on other posts, querying HKCU is next to impossible for a reliable query response.  I have tried some of the sample scripts that copy HKCU keys to HKLM (Printer.vbs) and adapted for our purposes, but it will only work when the logged in user is a local admin.  We have very few people with local admin rights.

 

I have seen a few posts suggesting you might have to use strasuser.exe but no examples or feedback indicating it worked.

 

Has anyone successfully queried HKCU?  If so, can you post a sample script/process?

 

We are running a newly re-built 9.6 sp1 core with over 2000 machines which are almost exclusively Windows 7 64-bit Enterprise.


Security - "not auto-protected"

$
0
0

Hi all,

 

Just noticed this today (running 9.6 SP1)-- I usually run the inspection to see if any new computers are reporting that they do not have anti-virus installed. Today for the first time, I noticed there was a new option, "Not auto-protected". Near as I can tell, there is nothing different between those computers and others not on the list (it's only about 20 on this list).

 

Thoughts on what this "not auto-protected" means?

 

THanks in advance

Rollup fails with 'SQL Server does not exist or credentials are not valid' after creating successful database links

$
0
0

Symptom: Rollup fails with 'SQL Server does not exist or credentials are not valid' after creating successful database links.

 

Cause: The rollup core has to be able to resolve the database name it is rolling up via the name in the registry on the core server. If the core server lists the DB by hostname and the core can only hit is by FQDN for example, then the rollup will fail.


Resolution: Change the Server name field in the registry on the CORE server under HKLM\Software\LANDesk\ManagementSuite\Core\Connections\Local to a name or address that the ROLLUP core can resolve for the database. This key is used to build the SQL Connection String that the Rollup uses to talk to the database.

How to get the overwrite policy of the system event logs in the LANDesk inventory

$
0
0

Currently no information about the event logs of the devices are reported in the inventory of the device.

Running the simple script attached on the devices you can retreive the overwrite policy of the system event logs and store them in the registy.

Then modifying the LDAPPL3.TEMPLATE on the core you can tell the Inventory Scanner to retreive these values and add them as custom values to the Inventory.

The script can be easly re-adapted to retreive other properties of the event log files.

It is possible to find more information about the event logs properties at this url on the Microsoft site: http://www.microsoft.com/technet/scriptcenter/guide/sas_log_iwbi.mspx?mfr=true

 

How to use the script

 

  1. Modify the LDAPPL3.TEMPLATE that is in \\<coreserver>\ldlogon and add in the [Registry Info] section these lines:

    ;Event Log parameters
    KEY=HKLM,Software\EventsLogs,Application Policy,Custom Data - OS - Event Logs - Application Log Policy
    KEY=HKLM,Software\EventsLogs,Application Size,Custom Data - OS - Event Logs - Application Log Size

    KEY=HKLM,Software\EventsLogs,Security Policy,Custom Data - OS - Event Logs - Security Log Policy
    KEY=HKLM,Software\EventsLogs,Security Size,Custom Data - OS - Event Logs - Security Log Size

    KEY=HKLM,Software\EventsLogs,System Policy,Custom Data - OS - Event Logs - System Log Policy
    KEY=HKLM,Software\EventsLogs,System Size,Custom Data - OS - Event Logs - System Log Size

  2. Press the button "Make available to Clients" in the Software Licese Monitoring window.
  3. Run periodically the script EventLogInfo.vbs on the devices
  4. The event logs parameters will be available in the inventory under the Custom Data - OS - Event Logs node.

 

Click on the link below to download the script

http://community.landesk.com/support/servlet/JiveServlet/download/5697-2-20921/EventLogInfo.vbs

How software packages are gathered for Inventory

$
0
0

Applies to LDMS 8.8 & LDMS 9.0

 

Software Packages found in a client’s inventory are made up and gathered from two different segments. Executed software packages and Discovered software packages.

 

To make the process easier to understand, the segments are being referred to by two different names. These names serve only the purpose of understanding the process and are not intended to be used outside of this document.

Executed software packages

During a managed client’s use, programs that are executed are tracked by softmon.exe. Softmon inspects the file and stores information about the file in the registry. This information stored in the registry is referred to as usage data. A registry key is written to the following location for each executed program: HKEY_LOCAL_MACHINE\SOFTWARE\LANDesk\ManagementSuite\WinClient\SoftwareMonitoring\MonitorLog

How executed software packages are scanned

At the beginning of the software scan the first piece of information gathered is the usage data from the registry. The process ldiscn32.exe opens the MonitorLog registry key listed above. Example:

Example1.JPG

One by one ldiscn32.exe will enumerate the MonitorLog keys. After each key is enumerated then an individual file software scan is initiated on that file at its physical location.  The remaining file information is gathered from the physical package.

This serves two purposes.

1)    1) If the file does not exist on the drive where it is expected, then the inventory scanner will discard it as a package and not return it in the scan file. This way the software package information is accurate. 2) Softmon.exe does not store all the information about the file that is captured by the discovered scan. So by doing a scan on the file, the package will have complete information instead of just usage. Usage only captures information shown in the screenshot above.

 

Once done the scanner will enumerate the next key and scan the next file.

Example of the Inventory scan information that is returned after the execution data is combined with the file data.

example3.JPG

The operation type that ldiscn32.exe uses on the files when conducting the scan for a file on the network is QueryBasicInformationFile.  Otherwise for local files the Operation is QueryOpen. For instance, if \\core88\ldlogon\wscfg32.exe has been executed, then ldiscn32.exe will use the same path to gather file information.

 

Limitations that do not apply to executed software

Executed software package scanning is not bound by the same limiting switches and functions that discovered software packages are.  For instance, the ldappl3.ini has a section called excludedir which prevents file scanning in a directory. Also, the inventory scanner has a switch /D= which limits to and specifies a start in directory for scanning. Lastly, if mode=listed in the ldapp3.ini limits normal scanning to what is listed or predefined. None of these apply to executed software scanning. If these limitations did apply then SLM data including usage data would be skewed and affected.

Discovered software packages

Discovered software packages are files discovered during the file software scan. Only files that meet the scanning criteria such as file extension are discovered.

How discovered software packages are scanned

 

After the inventory scanner finishes the executed software packages it proceeds to scan the managed node for any software package that meets scanning criteria. Scanning criteria is a combination of switches used with ldiscn32.exe and the configurations defined in the ldappl3.ini.

The software scan returns the following information in the scan when discovering packages.

Example2.JPG

 

Examples of limitations and configurations:

Inventory scanner parameter

Using the switch /D=(drive\directory) will force the software scan to start in the specified directory and search subdirectories. The software scan will be limited to what is specified and not search folders that are not specified.

"C:\Program Files\LANDesk\LDClient\LDISCN32.EXE" /NTT=CORE88:5007 /S=CORE88  /I=HTTP:// CORE88/ldlogon/ldappl3.ldz /V /D=c:\windows\

Main LDAPPL3.INI configurations

ScanExtensions=(extension)

ScanExtensions lists the extensions that will be searched for. Default is .exe(recommended)

ExcludeDir=(directory)

Excludes the folder specified and all sub-folders from software scanning.

Mode=(mode)

Determines if the scanner scans files listed in the ldappl3.ini or not. Possible values (all, listed, unlisted). Default setting is listed (recommended).

Using other modes must be carefully considered, for instance MODE=ALL will force machines to scan for every single file meeting the scan extension setting. This will create very large scan files, also the database tables will become much larger due to the additional data.

Conclusion

Both segments of the scan provide the most complete information possible after being combined.  The information is placed in the “Computer – Software – Package” section of inventory.

How to run an Agentless Inventory scan on multiple computers from the Core Server with LDDiscover.exe

$
0
0

Applies to LDMS 9.0 to 9.6


Description

How to run agentless inventory scans on multiple computers from the core? This would run the agentless inventory scan on multiple computers at a time using lddiscover.exe.

 

Use LDDiscover.exe to run the command on IP address ranges.

1) On the core server go to ...\LANDesk\ManagementSuite\Utilities\LDDiscover\
2) Run lddiscover.exe

LDDiscover.JPG
3) Click on Configure

4) Click on the Commands tab

LDDiscoverCommandsV3.JPG

5) Add the agentless inventory scan command as seen in the picture (replace Core with the name of the core server)

     To save the scanfile localy for your record you can extend the command to save the scan. See Inventory Scanner Switches for details

    \\core\ldlogon\ldiscn32.exe /NTT=core /S=core /F /SYNC /O=c:\ScanFileOutput.txt

6) Click on the IP Addresses tab

LDDiscoverIPRange.JPG
7) Add the range of IP Addresses you want to run the command on
8) Click on the Accounts tab

LDDiscoverAccounts.JPG
9) Enter the domain admin username and password that you would like to run the command as
10) Click OK
11) Click discover to find out which clients are responding to ping

12) Put a check in the boxes by the systems you would like the command to run on

13) Click Run to run the command on the systems

How to limit or prevent software scanning on specific devices or drives.

$
0
0

How to limit or prevent software scanning on specific devices or drives.

 

Description

This article is for LANDesk Administrators that have file servers or other devices where running a full software Inventory scan is utilizing resources and is not necessary. Where a LANDesk agent is used to manage the device but scanning all the software on the entire machine or certain drives is not desired.

 

Applies to LDMS 8.7 SP6 or later.

Applies to LDMS 8.8 SP2 or later.

 

Resolution 1

Limit the software scanning by drive or directory.

 

Doing this will have the following affect:
The Inventory Scanner will still gather Application Suites and OS Updates (from the uninstall key) and the associated installed packages and their usage data (from the registry). Removing items from the [Applications] section of the ldappl3.ini does not have an effect on the end result of the scan when drives are already excluded.
Making this change decreases the inventory scan time but does not completely cut out looking at apps and packages.

 

Excluding Drives or Directories in the LDAPPL3.INI

1) To exclude a drive or directory from inventory scan, modify the LDAPPL3.INI on the affected client.

C:\Program Files\LANDesk\LDClient\Data\LDAPPL3.INI

2) Page down a couple of times to the [Exclude Folders] section. To exclude drive C from being software scanned add the following  ExcludeDir=c:\ as the first line in the section.

3) Or to exclude specific directorys add a line by the following format into the same section ExcludeDir=\LDCLIENT\SDMCACHE\.

ldappl3b.JPG

9.6 SP1 Update: This can be done in the Managed Software List as shown below:

Exclude.png

 

 

Modifying the local scheduler tasks and shortcuts

Because the ldappl3.ini is customized on the client, the inventory scanner switches and tasks will need to be modified so it does not download the ldappl3.ini from the core or peers.

1) From a command prompt browse to Drive:\Program Files\LANDesk\LDClient.

2) Once there run the commandlocalsch.exe /tasks |more to find the different tasks that call ldiscn32.exe. Note the handle for the tasks that ldiscn32.exe is called in.

cmd1.JPG

3) Next delete those local scheduler tasks with the following command: localsch.exe /del /taskid=777            (replace 777 with the appropriate task handle(s))

4) Finally add the modified tasks without the /I= switch using the following sample command: LOCALSCH.EXE /taskid=777 /exe="c:\program files\landesk\LDCLIENT\LDIScn32.EXE" /cmd="/NTT=CoreFQDN:5007 /S=CoreFQDN /NOUI" /freq=86400

For more help with local scheduler see DOC-2002

5) After all of the local scheduler tasks have been modified to remove the /I= command line, the same needs to be done for any start menu shortcuts to the Inventory scanner.

 

Note: The client will now scan according to the changes made above, however if a new ldappl3.ini is copied down, then the changes may be lost. This can happen due to an agent install or running an inventory scan with the /I= switch.

 

--------------------------------------------------------------------------------------------------------------------

Resolution 2

Removing software scan all together.


The inventory scanner has a /F- switch that can be used. When this switch is used then the inventory scanner does not do any software scan. It will not pull Application Suites, OS Updates, usage, or packages associated with Application Suites.

 

If software scanning is not desired however information from the uninstall key is needed then use the /RSS switch after the /F-. This will return the application suites.

 

The implimentation does not require modification of the ldappl3.ini file.

1) Instead only modify the localscheduler tasks and shortcuts following instructions above but using a command line based on this sample: LOCALSCH.EXE /taskid=777 /exe="c:\program files\landesk\LDCLIENT\LDIScn32.EXE" /cmd="/NTT=CoreFQDN:5007 /S=CoreFQDN /F- /NOUI" /freq=86400

2) After changing the local scheduler tasks, add the /F- to the inventory scanner shortcut.

 

Note: The client will now scan according to the changes made, however an agent re-install would overwrite these changes.

What information Application Suites is designed to return.

$
0
0

Update: As of 9.0 SP2 the inventory object is called "Add or Remove Programs" instead of Application Suites. The scanner uses the same logic and criteria as listed below to gather that data.

 

What information Application Suites is designed to return.

 

Applies to LDMS 8.8 SP2 or later.

 

The design is to show suites of applications that are installed on a device. Application Suites returns information from the uninstall key in the registry, similar to Add Remove Programs however there is different criteria for each.

Sample path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

 

Criteria for the inventory scanner to capture this information from the Uninstall key.

 

1)The LANDesk inventory process requires that an Uninstall Key have a DisplayName string in order to capture it.*

2) The Uninstall record will not be returned to Application Suites if the Keyname is in the format of KBxxxxxx (even if it has a DisplayName string). Those Uninstall records are instead returned to the "Computer - OS - Updates - Update" section created just for these updates.*

RegDisplay1.JPG

 

3) If there are two registry keys in the uninstall key that contain the same value for "DisplayName" where one key is a GUID key and the other is a named key then LANDesk will capture the data from the GUID key.*

RegDisplay2.JPG

Criteria difference between LDMS Application Suites and Microsoft Add Remove Programs

 

Microsoft additionaly filters what Add Remove Programs will display from the Uninstall key. Add Remove Programs will not display programs that contain a "SystemCompnent" DWORD with the value of 1.

RegDisplay3.JPG

 

This translates into having more entries in the LANDesk Application Suites than in Add Remove Programs. This additional information captured by LANDesk can be used to gather all the Suites together. Thus giving additional data to the LANDesk user all in one location which can be used for queries etc.

 

Example of an Application Suite that is not displayed in Add Remove Programs due to having a SystemComponent DWORD with a value of 1:

AppSuite1.JPG


Create a query to show computers that haven't scanned in for x days

$
0
0

You can use some sql statements when creating a query to make them more dynamic.  One example is to create a query showing machines that haven't scanned in for more than x days.

 

So choose Computer item on the left side and Last Updated by Inventory server on the right side.

Next choose the < in the middle field.  Finally, type the following into the field that lets you specify a value:    GetDate()-30

Add this to the query and it should look like:

"Computer"."Last Updated by Inventory Server" &lt;"GetDate()-30"

 

Note: For Oracle databases, replace GetDate() with SYSDATE.

 

Save the query and each time that you run it you will computers that haven't scanned in for more than 30 days.

 

NOTE: Here is an article with screenshots that will also show how to create a report from the data and send the report in an e-mail:

http://community.landesk.com/support/docs/DOC-5788

Database Repair Utility (DBRepair.exe download)

$
0
0

Download


Download dbrepair85.zip for LANDESK 8.5 through 8.7 databases.

 

Download dbrepair8.8.zip for LANDESK 8.8 databases.

 

Download dbrepair06022011.zip for LANDESK 9.0 and 9.5 databases. Compatible with 9.0 supported Core OS's: Windows Server 2003 32 bit and Windows Server 2008 R2x64. This dbrepair includes the new snapshot function as described in UsingSnapshotInDbrepairRev1.pdf.

 

Download DBRepair9.5 For Landesk9.5


Download 96DBRepair.zip for LANDESK 9.6

 

Download 9.6SP1dbrepair.zip for LANDESK 9.6 SP1

 

DISCLAIMER

USE OF THE DBRepair.EXE APPLICATION SOFTWARE IS SOLELY AT THE USER’S AND/OR COMPANY’S OWN RISK.  THIS SOFTWARE APPLICATION IS AVAILABLE “AS IS,” AND LANDESK SPECIFICALLY DISCLAIMS ALL WARRANTIES INCLUDING ANY IMPLIED WARRANTIES.

 

For LDMS 9 it should only need to be run initially after upgrading because 9.0 doesn't allow client scanner corruption to enter the database unless configured otherwise. See DOC-7456 for more information on how this is accomplished and how to allow custom unmodeled data into the database. In some circumstances it may be necessary to allow unknown items, in those cases using snapshot and a scheduled dbrepair is useful. This is also described in the UsingSnapshotInDbrepair pdf.

 

 

Download the appropriate attachment and extract dbrepair.exe to the Managementsuite directory on the core server. The path to the ManagementSuite directory is by default C:\Program Files\LANDesk\ManagementSuite.

 

 

Instructions for Use

1. Stop the inventory server service on the core server before running DBRepair.

 

2. Verify that DBRepair.exe is in the ManagementSuite directory.

 

3. Double click DBRepair.exe to run it.

 

 

Note

: Once DBRepair.exe opens, anything that appears in the tree is unmodeleddata. This includes either custom data that you have deliberately added (via a custom data form or by modifying ldappl3.ini) or data corruption.

 

4. Delete database corruption if if is present as it can cause various issues.

 

 

Note

: If you have no custom data that you want to keep, then click on Computer at the top of the window and click the 'clean' button. If you have some custom data that you want to keep, then individually click on the items that are not custom data and click the 'clean' button.

 

5. Close DBrepair.exe.

 

6. Restart the Inventory Server service.

Example

If an item in the DBRepair.exe tree list appears to be a valid

part of the inventory tree, it's not. Keep in mind that everything

listed is unmodeleddata, so it can be safely removed. You only need to

keep the items that you have added specifically as Custom Data.

 

DBRepair.exe that looks like this:

 

Computer

-Custom Data

-Motherboard

-Loftwa6re

 

Normally there is no such value as Loftwa6re. Clearly, the Loftwa6re item represents database corruption. However, even though Motherboard looks valid, by virtue of it being in this list, it is not valid and it should be removed.

Event ID 0: Invalid Pointer Error in Application Log on the Core Server

$
0
0

Description

The description for Event ID ( 0 ) in Source ( LANDesk Inventory Server ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Invalid Pointer

 

 

 

Cause

 

An invalid pointer reference occurs when a pointer's value is referenced even though the pointer doesn't point to a valid block. This is caused by not enough resources for the SQL server.

 

Resolution

 

Upgrading the memory on the SQL server has been found to resolve this issue. Multiply the total devices the Core Server will be managing by 2 MB to get a better estimate. For example, 5,000 devices require 6-10GB of RAM. Note this RAM would be dedicated to the use of LANDesk; a dedicated SQL server is the recommendation to prevent performance issues.

 

Optional

 

Create a windows scheduled task that would restart the inventory service each night at 1am or once a week depending on your network.


How to scan for custom registry information using LANDesk

$
0
0

Description

 

Need to configure LANDesk to scan for a new registry value and include that value as part of the LANDesk Client device's inventory.

 

Resolution

LDMS 9.0 and older

 

1.     On the core server, modify the following file with a text editor: (ie. notepad)

 

     C:\Program Files\LANDesk\ManagementSuite\ldlogon\ldappl3.template

 

                    (samples attached)


2.     Scroll down to the section called Registry Info

3.     Add a new line following this syntax:

 

     KEY='VALUE PATH', 'VALUE', 'INVENTORY BRANCH'

 

where 'VALUE PATH' is the path where the registry value is located (i.e. HKLM\Software); 'VALUE' is the name of the value that you would like LANDesk to scan (i.e. MyValue); 'INVENTORY BRANCH' is the branch in the LANDesk inventory tree where this new value needs to be saved (i.e. CUSTOM DATA.)

 

4.     Save the LDAPPL3.TEMPLATEfile and close the text editor.

5.     Open the LANDesk Management Suite Console.

6.     Go to Tools | Reporting/Monitoring | Manage Software List

7.     Click on 'Make Available to Clients'

8.     Clients will start sending the custom registry information along with their next full inventory scan.

9.     Go to Configure | Services | Inventory and select the 'Unknown Items' Button. Here you need to finfd the item you are scanning for and allow it.

10.   Run the full inventory again and the item will appear in the inventory of the device.

 

The registry value being scanned must have a value. For example, a zero-length binary value with no value will not scan.

 

This topic is also covered in the User's Guide's page number 454. Attached are a sample LdAppl3.template file and a word document with more details.

 

Note: In order to be able to read this registry value, appropriate security settings must be in place.

 

 

LDMS 9.5 and newer

 

With the 9.5 version you have two choices, follow the same steps as for 9.0 or use the Core Console.

 

To access the GUI in the console as below, go to Reporting / Monitoring > Manage Software List > Right click on Registry Items > Add

 

1.PNG

 

Once you have configured your inventory scanner using the Core Console you will then want to select the Make Available To Clients button (ss (2014-02-04 at 10.24.39).png) in the Manage Software List Menu and this will distrubute your changes to your devices. Then you can submit inventory on various machines to test your new changes.

 

 

 

Create Reports on new Custom Data

The following steps will help you create a report to view the newly created custom registry key.

 

1.     Go to Tools> Reporting/Monitoring

2.     Right click on My Reports and select New Custom Report

3.     Give the report a name and description

4.     Click the New button under the Query section

5.     Select the Custom Data inventory value and insert it with an Exists function

6.     Select the Select Columns button

7.     Add the Custom Data value into the viewable column information to see the value of the key

8.     Click Save and OK and then run the report.

Inventory scan taking 30+minutes with RODC

$
0
0

We have a few remote sites with RODC (read only domain controllers). The problem seems to be where the inventory scan uses LDAPWHOAMI.EXE to interrogate the domain for user information to include in the inventory. LDPAWHOAMI normally takes a few seconds to run depending on the size of the domain but runs for at least 30 minutes whilst trying to communicate with a RODC before timing out and finding another domain controller to return the information requested. If it was just the inventory scan this would not be such a problem but the knock-on effect when provisioning machines or installing software with a scan after is significant.

 

Is there any fix or workaround for this?

Is there a switch to skip the LDAP part of the inventory scan?

Viewing all 456 articles
Browse latest View live


<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>