LabTech Support Forums

Network Probe Templates

This forum is for discussion of network probe related issues.

Moderator: jware.connectwise

Re: Network Probe Templates

Postby ian.integra-xp » Mon Dec 30, 2013 12:24 pm

ken, your logic is flawed. You may have seen pcs with the netbios port open, but only because someone has manually opened the port. The fact that there is a machine with that port open doesn't mean its a windows pc either, it could be a linux box, a nas, or other things which support netbios. It tells you nothing really.

If you have a domain you can run a logon script to check for the presence of \windows\ltsvc. This is obviously not possible in a workgroup. You could have the situation where all machines could have their firewall blocking everything.

Scanning for ports will, at best, pick up misconfigured machines despite what you think you are managing to do. On many networks it will tell you that ip x.x.x.x is responding, but the mapping from that to a machine which is registered or not registered depends on how up to date dhcp is. The same machine can be registered via ethernet, wifi and vpn connections with three different ips. Addresses can fail to update in dns so the machine name may not correspond with the ip which is registered.

What *would* be nice would be something which did this for Active directory where we can be sure that the known machines should all either be in labtech or removed from active directory. I believe this is on the cards - don't know if its in 2013.1 or not.
-- Ian Murphy
ian.integra-xp
Hero Member
Hero Member
 
Posts: 570
Joined: Tue Nov 15, 2011 12:29 pm

Re: Network Probe Templates

Postby teamits » Mon Dec 30, 2013 4:18 pm

ian.integra-xp wrote:Addresses can fail to update in dns so the machine name may not correspond with the ip which is registered.


That tends to be the reverse DNS zone not cleaning itself up I think. However, in my experience LabTech also tends to "latch on to" hostnames and the network list is not updated when a PC moves to a different IP or even when a different PC gets assigned the first IP. I have pointed out in the past this may result in less sold licenses...for example we have a client with a large distributed network and they use DHCP so the addresses change frequently.

ian.integra-xp wrote:What *would* be nice would be something which did this for Active directory where we can be sure that the known machines should all either be in labtech or removed from active directory.


Do you mean like Group Policy? I believe the MSI installer can be used to do that, and that's been around a while. I did just find that they add/leave the uninstaller entry when the MSI is used but still not when the .exe is used. We have generally just used a login script to check for and install .Net and the agent. (note the installers need to be copied to a local drive)

All that said, there is a "LT- New Computer Detected*" internal monitor that alerts when new IPs are found by the probe.
Steve
teamits
Hero Member
Hero Member
 
Posts: 1577
Joined: Wed Dec 31, 1969 8:00 pm

Re: Network Probe Templates

Postby jburroughs.awecomm » Thu Nov 30, 2017 1:40 pm

ian.integra-xp wrote:No, I didn't say that. I said that it scans the network, blindly trying to connect to open ports to work out what each box is. If a box responds on 132/135 then its likely a PC and it will try to install the agent. If these ports don't respond then it wouldn't make any sense to try and install anything.

LT makes use of snmp information to classify nodes. Once snmp responds it uses the device information to apply snmp templates. Outside of these two cases there isn't much else which can be picked up. I'm not sure if osx and linux are automatically detected. I would guess not.

Ian


LT scans and tries to install the agent on every single device in the network range you configure in the probe's scan settings, assuming you have both the scan and deploy options enabled. There is zero intelligence built in - ZERO. Check the deployment manager logs if you don't believe me. Check if it is a Windows device before trying to push an MSI installation? Yeah right. The probe tries to install to every IP in the range (including your network devices), plus the broadcast IP, plus multicast addresses like 224.0.0.0. It's jaw-dropping behavior, I agree. LT recommends you only use their probe for agent installation if you do not have an AD environment. If you do have AD, they recommend that for pushing out the agent. Combining their targeting approach with their use of PSexec and considering their recommendation NOT to use that solution, I would not expect them to ever fix their deployment "solution" as they never built a proper deployment solution to begin with.
jburroughs.awecomm
Newbie
Newbie
 
Posts: 2
Joined: Thu Dec 08, 2016 10:19 am

Previous

Return to Network Probe

Who is online

Users browsing this forum: No registered users and 2 guests