www.lansweeper.

com

Installation and configuration of Lansweeper 4.1

Installation and configuration of Lansweeper 4.1 ........................................................................................................... 1

Prerequisites ............................................................................................................................................................... 2
Configuring the database server (sql server 2005 and above)......................................................................................... 3
Installing Lansweeper .................................................................................................................................................. 4
Logging on to the Configuration Console ..................................................................................................................... 10
Configuring all scanning options. ................................................................................................................................ 11
Scanning option: Active scanning and Workgroup scanning. ......................................................................................... 13
Scanning option: IP range scanning. ........................................................................................................................... 14
Scanning option: Scheduled eventlog scanning............................................................................................................ 15
Scanning option: Scheduled scanning. ........................................................................................................................ 16
Scanning option: Lsclient.exe ..................................................................................................................................... 17
Scanning with alternate credentials ............................................................................................................................ 20
Troubleshooting connection problems. ........................................................................................................................ 21
Configuring scanning time interval options. ................................................................................................................. 22
Configuring scanning exclusion................................................................................................................................... 23
Recovering product license keys ................................................................................................................................. 24
Configuring Internet explorer to allow custom actions .................................................................................................. 25
Configuring Firefox to allow custom actions ................................................................................................................. 26
Deleting and rescanning multiple computers and devices. ............................................................................................ 27
Creating reports and changing the dashboard.............................................................................................................. 28
Creating custom reports ............................................................................................................................................ 29
Creating E-mail report alerts. ..................................................................................................................................... 34
Creating E-mail eventlog alerts. ................................................................................................................................. 35
Ignoring eventlog events. .......................................................................................................................................... 36
Configuring software license usage. ............................................................................................................................ 37
Configuring operating system license usage ................................................................................................................ 38
Implementing custom actions..................................................................................................................................... 39
Configuring file scanning ............................................................................................................................................ 41
Configuring registry scanning. .................................................................................................................................... 42
Configuring allowed local computer administrators....................................................................................................... 43
Configuring approved software. .................................................................................................................................. 44
Configuring vendor support links. ............................................................................................................................... 45
Mapping devices to types. .......................................................................................................................................... 46
Using the device tester .............................................................................................................................................. 47
Approved active-x controls......................................................................................................................................... 48
Renaming custom fields. ............................................................................................................................................ 49
Configuring anti-virus software names. ....................................................................................................................... 50
Configuring IP range locations. ................................................................................................................................... 51
Adding new device types............................................................................................................................................ 52
Upgrading to the premium version.............................................................................................................................. 53
Adding user pictures to the web interface.................................................................................................................... 54
Premium tool: Lstrigger - triggered scanning of computers........................................................................................... 55
Premium tool: Remote screenshot - see what’s on a remote computer screen. .............................................................. 56
Premium tool: Remote control - Take remote control of your workstations by pushing VNC. ........................................... 57
Premium tool: Remote software uninstall – list and uninstall software on remote computers........................................... 58

1/58
 www.lansweeper.com

Prerequisites

Web server:
Windows 2000 or higher with Internet Information services installed or the Lansweeper build-in web server.
The dotnet framework 2.0 installed (latest service pack).

Server where the Lansweeper service is installed:

Windows 2003 or higher. (Or optionally windows XP or higher)
The dotnet framework 2.0 installed.

Database server:
Windows 2000 or higher (32 and 64 bit)
SQL server 2000 SP4 or higher (or the free SQL express)

Clients:
Windows 2000 and above (Windows 9x clients are not supported)
Windows home versions are not supported.
Event log scanning is not supported on windows 2000.

In this example the web console, database and service are installed on the same machine.

Server name: myserver

Domain: lansweeper.local
NetBIOS domain: lansweeper

You can contact lansweeper if you have any questions or problems:

Website: http://www.lansweeper.com

Support: http://www.lansweeper.com/forum

Support E-mail: lansweeper@hemoco.com

Lansweeper sales & reseller questions: lansweeper@hemoco.com

Skype : Lansweeper

2/58
 www.lansweeper.com

Configuring the database server (sql server 2005 and above)

This is only required if you install Lansweeper in a multi-tier setup!

SQL server 2000 doesn’t need any extra configuration.

If you don’t have a database server the setup will install one for you.

Open the “SQL server configuration Manager”

Enable “Named Pipes” and “TCP/IP”

Set the SQL server Browser to automatic and start it (if not already started)
Restart the SQL service.

3/58
 www.lansweeper.com
Installing Lansweeper

Click next to continue

Accept the agreement and click next to continue.

4/58
 www.lansweeper.com

You can choose to install Database, Service and Website on different servers if you want; in this example we are going to install
everything on one server.

Choose your SQL server and authentication method.

If you don’t have any sql server, setup will install SQL Express (free)
SQL express (free) has a database limit of 4 GB

If for some reason you cannot connect to your sql server:

Sqlcmd: Error: Microsoft SQL Native Client: An error has occurred while establishing a connection to the server. When
connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not
allow remote connections.

See this knowledgebase article: http://support.microsoft.com/kb/914277/en-us

5/58
 www.lansweeper.com

Running the setup in a domain or workgroup will give different options:

The user running the service must have administrative privileges on all clients being scanned by lansweeper.

This is typically a domain administrator account.

If you have a workgroup you will need an account with the same username/password on all machines.

Workgroup:

Domain:

6/58
 www.lansweeper.com

Use IP scanning to discover devices in your network (printers, routers, …)

If you don’t have an active directory domain you can also use IP scanning and/or workgroup scanning to discover windows
machines.

If IIS is installed, the installer will suggest using IIS as a web server.

If you are already using any web applications on the server we recommend creating a new website on a new port.

If IIS is not installed you can choose the lansweeper build-in web server.

To secure your website, see this link: http://www.lansweeper.com/kb/restrict.aspx

IIS: supports user authentication

Built-in web server: does not support user authentication.

7/58
 www.lansweeper.com

Choose a location to install and click next to continue.

When setup completes you will be able to subscribe to our newsletter to get news about updates, patches & tutorials.
(Not required but recommended)

8/58
 www.lansweeper.com

Click finish to end the installation.

Check if the service is running:

Surf to your server where the Lansweeper service is running (not the website) http://servername:9524

If there are any errors, the errorlog.txt file is in your service folder:

9/58
 www.lansweeper.com

Logging on to the Configuration Console

Named instance Default instance

Server: your SQL-Server

Database: lansweeperdb

You can use integrated authentication or you can connect with a username and password:

Username: lansweeperuser
Default password: mysecretpassword0*

You can change the default password of the SQL user later if you want.

Important!

If you change the password of “lansweeperuser” you also need to edit the following files to reflect the changes:

…\lansweeper\service\Lansweeperservice.exe.config
…\lansweeper\website\Web.config

10/58
 www.lansweeper.com
Configuring all scanning options.

If you have the enterprise version you can select the server you want to
configure.
The premium version will have only one scanning server.

• Automatically make non-active computers active when they are rescanned.

This option can be handy if you set computers to non-active when used as “spare”.
As soon as the computer is seen on the network and rescanned it will become automatically “active”

• Remove computers not found in active directory from all tables.

Warning: computer will be permanently deleted from the database.

• Set computers to non-active if not found in active directory.

Computers will not be deleted from the database.

• Remove computers disabled in active directory from all tables.

Warning: computer will be permanently deleted from the database.

• Set computers to non-active if disabled in active directory.

Computer record remains in the database as non-active.

• Remove active directory users not found in active directory.

Warning: user will be permanently deleted from the database.

• Remove active directory users disabled in active directory.

Warning: user will be permanently deleted from the database.

• Refresh active directory computer details.

All active directory information from computers already in the database will be refreshed.

• Refresh active directory user details.

All active directory information from users already in the database will be refreshed.

• Delete history from all history tables after xx days.

History tables are used to track changes (add/remove of components or software)

• Set computers to non-active if not seen in the last xx days.

Computers will not be deleted from the database.

• Permanently delete computers not seen in the last xx days.

Warning: computer will be permanently deleted from the database.
Not recommended if you have a lot of roaming portable users that don’t come in the network very often.

• Delete event log entries after xx days.

Event log information takes up a lot of database space, it is recommended to keep this value low.

• Delete system errorlog entries after xx days.

The system errorlog can be found on the website.

11/58
 www.lansweeper.com

• Listen port
This is the TCP port used by lansweeper to listen for incoming lsclient requests. It is also used to host the scanning
queue and server status.
Changing this value requires a service restart.

• Computer threads
The amount of simultaneous scans lansweeper performs, on dedicated multi processor machines you can set this value
higher (up to 80-90).
Changing this value requires a service restart.

• IP threads
The amount of simultaneous IP addresses scanned by IP range scanning. It is recommended to keep this value low to
save processor resources.
Changing this value requires a service restart.

• By default the event log scanning only scans errors and warnings, if you need additional information scanned, you can
enable these events.
Changes become active after max. 15 minutes.

Reporting tips:
Track administrator logons.
Track group membership changes.
Track almost full disk warnings.

• If you want to use e-mail alerts it’s important to specify an e-mail relay server in your configuration.

Changes become active after max. 15 minutes.

Normally you enable report mailing on only one scanning server.

Event log alert mailing can be enabled on multiple scanning servers.

How to define which reports and alerts to e-mail is shown later in the documentation.

12/58
 www.lansweeper.com

Scanning option: Active scanning and Workgroup scanning.

Available in trial and premium versions of Lansweeper.

Active scanning allows you to scan multiple domain and selected OU’s
without the need to install any client on the workstations.

Active scanning is a “set it and forget it” option, it will query your
domain controllers to find out recently connected workstations and
servers. It is recommended if you have an active directory domain.

There is no client or extra software needed on your computers.

• Active scanning domains.

Fill in the DNS name and the NetBIOS name (pre-windows
2000) name of your domain.
Make sure you check the “enable active scanning” checkbox.

• Domain controller site filtering.

By default active scanning queries all domain controllers in the domain for recently seen computers. You can limit this
behavior to specific sites with this feature.
This feature only applies to domain controllers, not to computers, normally you don’t need to use this.

• Active scanning OU filtering.

By default active scanning scans all recently seen computers in the domain, use this feature to limit the scanning to
specific ou’s.

• Active scanning workgroups.

Active scanning scans all computers in the specified workgroups.
To detect the computer they should be visible when browsing with windows explorer in the network neighborhood.

Changes become active after max. 15 minutes.

How does active scanning works for active directory domains?

Lansweeper queries all domain controllers in the domain for new logged on computers, this process is repeated every 15
minutes. New computers found are added to the scanning queue maximum once every 8 hours.
When you start or restart the service, active scanning looks for computers logged on in the last 14 days. If a computer is
currently offline it will give an RPC error (which can be safely ignored)

How does active workgroup scanning works?

Lansweeper queries the computers visible in the specified workgroup in the network neighborhood; this process is repeated
every 15 minutes. New computers found are added to the scanning queue maximum once every 8 hours.

13/58
 www.lansweeper.com

Scanning option: IP range scanning.

Available in trial and premium versions of Lansweeper.

IP range scanning can discover network devices in your network which have the SNMP, SSH, HTTP, HTTPS, FTP, SMTP, SIP,
Telnet or Jet direct protocol enabled.

There is no client or extra software needed on your computers.

• Time-Out
Pinging the target IP address times out in X seconds. In high traffic networks it is recommended to increase this value.

• Don’t ping
When enabled: All IP addresses will be scanned regardless of the ping result (slower)

• No windows
When enabled: Windows machines will be ignored by the IP range scan (recommended)

• Credentials
Clicking this button bring up the credentials screen for this range.
Each ip range can have different credentials.

• Default domain
When “No windows” is unchecked, the credentials of this domain will be used first. (You can specify up to three domain
or workgroup names)

• Snmp community string

You can specify up to three SNMP community names per range.

• SSH credentials
These credentials are used to logon onto Linux,Unix,Mac,… machines.
To discover these machines you must enable SSH on them.

It is recommended to use IP range scanning only for devices (check the “No windows” check box)
Linux,unix,mac computers are considered “devices” in Lansweeper.

14/58
 www.lansweeper.com

Scanning option: Scheduled eventlog scanning.

Available in trial and premium versions of Lansweeper.

Use this scanning option to incrementally update your server’s eventlog and generate the necessary alerts in time.

There is no client or extra software needed on your computers for this feature.

In most scanning options the computers are scanned every day or every couple of days.
Most users want to have the event logs of important servers scanned faster (every hour) to generate e-mail alerts.

Eventlog scanning scans only the eventlog and ignores the other scanning wait time settings. It can be used in combination
with all the other scanning options.

• Recurring
Scanning occurs every xx minutes or hours (use in combination with M/H)

• M/H
M: The scanning occurs every xx minutes.
H: The scanning occurs every xx hours.

• Scan
Computer: scan one single computer by name.
ADSI path: scan all computers in an active directory container (recursive)

• Target
Computername (NetBIOS name) if you choose “Computer”
path name if you choose “ADSI path”
ADSI paths are scanned recursively.

• Domain
NetBIOS domain name of the computers being scanned (needed to select the proper credentials)

At the scheduled time the computers will be added to the scanning queue, the actual scan time depends on the size of the
queue at that time.

15/58
 www.lansweeper.com

Scanning option: Scheduled scanning.

Available in trial and premium versions of Lansweeper.

Scheduled scanning allows for scanning computers, complete domains or OU’s at scheduled time intervals.

There is no client or extra software needed on your computers.

• Scan
Computer: scan one single computer by name.
ADSI path: scan all computers in an active directory container (recursive)

• Target
Computername (NetBIOS name) if you choose “Computer”
Path name if you choose “ADSI path”
ADSI paths are scanned recursively.

• Domain
NetBIOS domain name of the computers being scanned (needed to select the proper credentials)

At the scheduled time the computers will be added to the scanning queue, the actual scan time depends on the size of the
queue at that time.

16/58
 www.lansweeper.com

Scanning option: Lsclient.exe

Available in all versions of Lansweeper.

Although the name would suggest otherwise lsclient.exe is no real client or agent.
Basically it just sends a message to the server “hello, I’m here, scan me on this IP Address” and stops working.
The service queue’s this request and starts scanning the client when ready.

All the scanning is done by the lansweeper service.

Lsclient is the only scanning option in the freeware lansweeper version.

Lsclient.exe is copied to your installation folder

Usage: Lsclient.exe “name of server where the service is installed”

As a test we try from the command prompt:

“C:\Program Files\lansweeper\Client\lsclient.exe” myserver

or
“C:\Program Files\lansweeper\Client\lsclient.exe” myserver /showresult

/scanonip is a new option. You can use it if you have vpn clients and want to scan them on the IP address they currently have
without the need to have DNS updated.

17/58
 www.lansweeper.com

How to use lsclient in a standard login script?

In this example the startup script is called “startup.cmd”

Contents of the startup.cmd

%logonserver%\netlogon\lsclient.exe myserver

Now copy the lsclient.exe to your netlogon folder.

18/58
 www.lansweeper.com
Deploying lsclient by using a GPO

More technical info on: http://support.microsoft.com/kb/322241/en-us

Make sure that you use a logon script instead of a startup script because this is running in the context of the user.

A sample vbs script that runs the lsclient hidden could look like this:

Set WshShell = CreateObject("WScript.Shell")

WshShell.run "%logonserver%\netlogon\lsclient.exe myserver",0

19/58
 www.lansweeper.com

Scanning with alternate credentials

On this page you can specify alternate credentials to scan other domains or workgroups.

Domain should bet the NetBIOS name of your domain.

If you want to use credentials from a computer that cannot be verified (example: a DMZ standalone computer or workgroup)
you can check the box “Don’t try to authenticate username\password”

If you need alternate credentials for workgroups you need to specify the user as ”.\username”

When scanning workgroups you need a common username/password combination that has administrative privileges on all
workgroup computers.

20/58
 www.lansweeper.com

Troubleshooting connection problems.

You can connect from the server to one of the clients to check if the WMI settings and access permissions are ok.

The test checks if WMI access and registry access using WMI is possible.

If you find error errors please visit our knowledgebase

Errors are almost always caused by these problems:

• Windows firewall or other firewall blocking access. (99% the cause of the
problem)
• Dns problem: Dns points to a wrong IP address.
• WMI and Dcom are not enabled on the client.
(in a default windows installation this is enabled)
• Access denied: the server user does not have administrative permissions
on the client.

If you have checked our knowledgebase and didn’t find an answer, please visit our
support forum http://www.lansweeper.com/forum

21/58
 www.lansweeper.com

Configuring scanning time interval options.

This table defines which items are updated when a computer is scanned.

-1 = Disable scanning for this item.

0 = always scan this item.
X = scan this item every x days.

If a computer is scanned for the first time, all items with a waittime higher than -1 are scanned.

Examples:

• Cdrom = 60
When the computer is scanned, cdrom information is scanned if it wasn’t scanned in the last 60 days.

• Codec = -1
When the computer is scanned, codec information is never scanned.

• Files = 0
When the computer is scanned, file information is scanned each time.

• Network = 1
When the computer is scanned, network information is scanned if it wasn’t scanned in the last 24 hours.

Changes become active after max. 15 minutes.

Which scan types use the wait time settings:

• Use wait time:

Lsclient, active scanning, scheduled scanning, IP range scanning, Rescan on webpage

• Do not use wait time: (full rescan)

Full rescan on webpage, lstrigger, first time scan

Wait time applies

22/58
 www.lansweeper.com

Configuring scanning exclusion.

If you wish to exclude some computers from scanning you can add them to this list.

Make sure you use the NetBIOS name of the computer.

To exclude all computers starting with “lan-“ you can use “lan-%”

23/58
 www.lansweeper.com

Recovering product license keys

You can enable/disable product keys you want scanned.

This list is extendable to add future product keys.

3 types of keys are currently supported: Plain text, Microsoft and Adobe.

Keys in the HKEY_CURRENT_USERS registry key are not supported.

Do not add any registry locations for Microsoft office products, these will be scanned automatically.

Changes become active after max. 15 minutes.

Known issues:

• Key’s for Office versions 2000 and below are not available (they are not stored on the computer)
• Microsoft MAK keys cannot be recovered (they are not stored on the computer)

24/58
 www.lansweeper.com

Configuring Internet explorer to allow custom actions

Make sure that the activeX controls are enabled.

You can add your website to the trusted sites for security reasons.

Go into Security Settings - trusted sites.

Change the following setting to "Enable"

[Initialize and script ActiveX control not marked as safe.]

25/58
 www.lansweeper.com

Configuring Firefox to allow custom actions

First download the plug-in from http://www.lansweeper.com/kb/firefoxplugin.aspx

nplansweepershellexec.dll should be placed in your Firefox Plugins folder

Afterwards restart Firefox if it was running.

You can disable/enable the plugin afterwards from the Firefox menu/tools/add-ons.

26/58
 www.lansweeper.com

Deleting and rescanning multiple computers and devices.

Select all the computers in the grid (ctrl & shift) for multiple selections.

“Delete”: This will delete the computer details and all related information from your database.
“Rescan”: Rescans the selected computers (wait time applies)
“Full Rescan”: Rescans the selected computers (wait time does not apply)
“Refresh”: Refreshes the grid with updated information from the database.

You can use filters and custom sorting to select the computers you want.

The same logic applies to the “Scanned devices” screen.

27/58
 www.lansweeper.com

Creating reports and changing the dashboard.

With the dropdown box you can select from all the available reports in the database.

Sort order = the lower the number, the higher the report will be displayed in the interface
Priority 1 : High priority
Priority 2 : Important
Priority 3 : Informational
Color = show in red if the report contains items
Show % = shows the percentage of computers contained in this report

28/58
 www.lansweeper.com
Creating custom reports

In this example we will create a sample report, basic SQL knowledge is required.

We want to display all software found in our network from the publisher “Apple Inc.”

To create a new report click on the “New” button.

Drag the 2 needed table “tblcomputer” and “tblsoftware” to the query builder and select the needed fields.

Let’s filter out software only from “Apple Inc.”

29/58
 www.lansweeper.com

SQL used for this report:

Select Top 1000000 tblComputers.Computername, tblComputers.ComputerUnique, tblSoftware.softwareName From

tblComputers Inner Join tblSoftware On tblComputers.Computername = tblSoftware.ComputerName Where
tblSoftware.SoftwarePublisher = 'Apple Inc.' Order By tblComputers.Computer

Let’s save our report and give it a name:

Don’t use any special characters in the View Name, it is unique and used for internal storage.

Our report is now available and can be exported to Excel, Csv, XML, …

You can also add the report to the web interface.

You can change the date format used on the web pages on the “home” configuration screen.

30/58
 www.lansweeper.com

Creating a basic computer report

Each computer report must start from table “tblcomputers”

If you want to hotlink the computer name in the web interface you need the fields: computername, computerunique

Adding custom computer information

Custom computer fields are stored in table “tblcompcustom”

Make sure to “select all rows from tblcomputers”, this will also include computers in the report without any custom fields.

Adding user details

User details are stored in table “tblADusers”

If you want to include user details, add the table to the report, link it on both username and userdomain and make sure to
“select all rows from tblcomputers”, this will also include computers in the report with empty usernames.

31/58
 www.lansweeper.com

Information about all WMI classes and fields can be found on this link:

http://msdn.microsoft.com/en-us/library/aa394084%28v=VS.85%29.aspx

Each field from the WMI class maps to a field in the database table.

Wait time name Table Info

- tblcomputers Main table that contains all computer objects
- tbladusers Active directory user information
- tbladcomputers Active directory computer information
- tblapprovedsoftware Contains all approved software
- tblcplogoninfo User logons
- tblcustdevices Main table that contains all device objects
- tblcustdevhd Linux harddisk information
- tblcustdevprinter Printer toner information
- tbldomainroles Links to tblcomputersystem, domainrole
- tblcompcustom Custom computer information
- tsyschassistypes Links to tblSystemEnclosure, chassistype
- tsysdevicetypes Links to tblcustdevices, devicetype
AUTORUN tblAutorun Win32_StartupCommand class scanning
BASEBOARD tblBaseboard Win32_BaseBoard class scanning
BATTERY tblBattery Win32_Battery class scanning
BIOS tblBIOS Win32_BIOS class scanning
BOOTCONFIG tblBootConfiguration Win32_BootConfiguration class scanning
BUS tblBus Win32_Bus class scanning
CDROM tblCDROMDrive Win32_CDROMDrive class scanning
CODEC tblCodecFile Win32_CodecFile class scanning
COMAPPLICATION tblCOMApplication Win32_COMApplication class scanning
COMPONENTCAT tblComponentCategory Win32_ComponentCategory class scanning
COMPSYSPROD tblComputerSystemProduct Win32_ComputerSystemProduct class scanning
COMPSYSTEM tblComputersystem Win32_ComputerSystem class scanning
DCOMAPP tblDCOMApplication Win32_DCOMApplication class scanning
DESKTOP tblDesktop Win32_Desktop class scanning
DESKTOPMON tblDesktopMonitor Win32_DesktopMonitor class scanning
DISKPARTITION tblDiskPartition Win32_DiskPartition class scanning
DISPLAYCONF tblDisplayConfiguration Win32_DisplayConfiguration class scanning
DISPLAYCONTRCONF tblDisplayControllerConfiguration Win32_DisplayControllerConfiguration class scanning
ENVIRONMENT tblEnvironment Win32_Environment class scanning
EVENTLOG tblntlogevent Win32_NTLogEvent class scanning
FILES tblFileVersions Custom files scanning
FLOPPY tblFloppy Win32_DiskDrive class scanning
GROUPS tblGroups Win32_Group class scanning
HARDDISK tblDiskdrives Win32_LogicalDisk class scanning
IDECONTROLLER tblIDEController Win32_IDEController class scanning
IEACTIVEX tblIEActiveX Internet Explorer Active-X controls scanning
IEBARS tblIEBars Internet Explorer Bars scanning
IEBHO tblIEBHO Internet Explorer Browser helper objects scanning
IEEXT tblIEExtensions Internet Explorer Extensions scanning
INFRARED tblInfraredDevice Win32_InfraredDevice class scanning
KEYBOARD tblKeyboard Win32_Keyboard class scanning
MEMORY tblPhysicalMemory Win32_PhysicalMemory class scanning
MEMORYARRAY tblPhysicalMemoryArray Win32_PhysicalMemoryArray class scanning
MONITOR tblMonitor Monitor type and serial number scanning
NETWORK tblNetwork Win32_NetworkAdapterConfiguration class scanning
NETWORKCLIENT tblNetworkClient Win32_NetworkClient class scanning
ONBOARDDEVICE tblOnBoardDevice Win32_OnBoardDevice class scanning
OS tblOperatingsystem Win32_OperatingSystem class scanning
OSRECOVERY tblOSRecoveryConfiguration Win32_OSRecoveryConfiguration class scanning
PAGEFILE tblPageFile Win32_PatchFile class scanning

32/58
 www.lansweeper.com
PARALLELPORT tblParallelPort Win32_ParallelPort class scanning
PCMCIA tblPCMCIAController Win32_PCMCIAController class scanning
POINTING tblPointingDevice Win32_PointingDevice class scanning
PORTABLEBATTERY tblPortableBattery Win32_PortableBattery class scanning
PORTCONNECTOR tblPortConnector Win32_PortConnector class scanning
POTSMODEM tblPOTSModem Win32_POTSModem class scanning
PRINTERS tblPrinters Win32_Printer class scanning
PROCESS tblProcesses win32_process class scanning
PROCESSOR tblPROCESSOR Win32_Processor class scanning
PROXY tblProxy Win32_Proxy class scanning
QUICKFIX tblQuickFixEngineering Win32_QuickFixEngineering class scanning
REGISTRY tblRegistry Custom registry keys scanning
SCSI tblScsicontroller Win32_SCSIController class scanning
SERIALNUMBER tblSerialnumber Software license key scanning
SERIALPORT tblSerialPort Win32_SerialPort class scanning
SERVICES tblServices Win32_Service class scanning
SHARES tblShares Win32_Share class scanning
SOFTWARE tblSoftware Installed software scanning
SOUND tblSoundDevice Win32_SoundDevice class scanning
SYSTEMENCLOSURE tblSystemEnclosure Win32_SystemEnclosure class scanning
TAPE tblTapeDrive Win32_TapeDrive class scanning
USBCONTROLLER tblUsbcontroller Win32_USBController class scanning
USERS tblUsers Win32_UserAccount class scanning
USERSINGROUP tblUsersInGroup Users that belong to NT group scanning
VIDEOCONTROLLER tblVideoController Win32_VideoController class scanning

33/58
 www.lansweeper.com

Creating E-mail report alerts.

First we need to create mail groups.

One mail group can contain multiple e-mail addresses if you separate them with a “;”

When this is done we can select the reports we want to e-mail and we can choose the mail group we want to send to.

Selected reports will be mailed each night if they contain any results.

Empty reports will not be mailed.

Don’t forget to configure a mail server and enable report mailing !

34/58
 www.lansweeper.com

Creating E-mail eventlog alerts.

If you want to receive e-mail alerts if an error happens on one of your servers you can use the eventlog alerts.
This is best used in combination with scheduled eventlog scanning.

Changes become active after max. 15 minutes.

You can specify multiple alerts each with their own mail group and filters.

• Operator
Use the “like” operator to search for partial matches.

• Eventtype
1: error
2: warning
3: Information
4: Security Audit Success
5: Security Audit Failure

Don’t forget to configure a mail server and enable eventlog mailing !

35/58
 www.lansweeper.com
Ignoring eventlog events.

Some recurring warnings can fill your database quickly.

If you want to ignore recurring warnings then you can create a filter for them.

The ignored events will never be saved in the database.

36/58
 www.lansweeper.com

Configuring software license usage.

On the left you see all the software found in your network.

If you want to track license usage of a software item, you can select it and add it to the list of tracked software.

# Purchased : amount of licenses that you purchased for this product.

# Price: price for one license.

In the details you can select multiple versions and products for one license type.
You can use the wildcard ‘%’ in the version to specify multiple versions.

The total calculation and missing licenses can be found on the web page:

37/58
 www.lansweeper.com

Configuring operating system license usage

On the left you see all the windows operating systems found in your network.
If you want to track license usage of an operating system, you can select it and add it to the list of tracked Operating systems.

# Purchased : amount of licenses that you purchased for this operating system.
# Price : price for one license.

The total calculation and missing licenses can be found on the web page:

38/58
 www.lansweeper.com
Implementing custom actions

Actions are run locally on the computer where you browse to the lansweeper web interface.
The actions run in the security context of the user starting the web browser.

Computer actions:

• Description: what appears in the web interface

• Action: the command to execute

• Variables: {computer}, {domain}, {username}, {userdomain}, {tag}, {ipaddress}, {fqdn}, {actionpath}

• Icon: which icon to show in the interface.

• Sort order: the lower the number, the higher the report will be displayed in the interface.

• Enabled: show this action in the interface.

• Confirmation: ask for confirmation before executing this action.

• Advanced: show in the basic or advanced section.

In large active directory domains it might be advisable to replace {computer} by {fqdn} to connect to the full dns name.

User actions:

Variables: {username}, {userdomain}, {displayname}, {telephone}, {fax}, {mobile},{email},{OU},{cn},{actionpath}

39/58
 www.lansweeper.com

Device actions:

Variables: {ipaddress}, {actionpath}, {mac}

You can add your own icons to the “actions” folder in the web folder.

40/58
 www.lansweeper.com

Configuring file scanning

• Filename
you can use 3 optional parameters : %programfiles%, %programfiles(x86)% and %windir%
if you use the %programfiles(x86)% parameter and the OS is 32 bit then the result will be the same as the
%programfiles% parameter.

• Enabled
Enable scanning of this file.

• File size, company, version and other info is scanned for this file.

Results of these file scans can be used to create custom reports using the report builder.

Examples:
Which computer doesn’t have the latest version of Firefox installed?
Which computer doesn’t have the latest version of Antivirus scanner X?
Which computer doesn’t have the needed DLL for application X?

41/58
 www.lansweeper.com

Configuring registry scanning.

Rootkey: select the root key in the remote registry

Regpath: select the path to scan
Revalue: select the value to scan
Enabled: enable scanning of this item

Note that you cannot scan registry keys for the user that is logged on. HKEY_CURRENT_USER refers to the user performing the
scan. (the service user)

42/58
 www.lansweeper.com

Configuring allowed local computer administrators.

Add all users that are allowed to be local administrator on their computer to this list.

You can use “%” as a wildcard.

This information is used in the report : “Not allowed local administrators”

43/58
 www.lansweeper.com

Configuring approved software.

Add all approved and safe software to the list on the right.

This will help you to find “illegal” software usage.

The computer’s software web page will show the approved software with a green icon.

44/58
 www.lansweeper.com

Configuring vendor support links.

You can use the {assettag} and {model} parameter to link to computer vendors support pages.

This information is used in the support link on the actions web page.

45/58
 www.lansweeper.com

Mapping devices to types.

If you enable snmp on your devices you can use the OID to automatically map the device to a device type and model.

If you manually change the device type of a device, make sure that you check the “lock against scanning” checkbox.
Doing this will make sure your manual changes are not overwritten by future scans.

46/58
 www.lansweeper.com

Using the device tester

The device tester is a standalone tool found in the “actions” folder (devicetester.exe)

If you have problems to scan certain devices you can use this tool to see the scanning details and test snmp, ssh, passwords, …

You can also run the device tester from the web actions.

Syntax:

Devicetester.exe {ipaddress}

47/58
 www.lansweeper.com

Approved active-x controls.

You can approve active-x control detected by lansweeper.

They are used in the “IE: Unauthorised …” reports and can also be found on the computer’s configuration web page.

48/58
 www.lansweeper.com

Renaming custom fields.

You can change the display name of the custom fields shown on the website.

Note that you will still need to use the “customX” name when you create reports.

49/58
 www.lansweeper.com

Configuring anti-virus software names.

This information is used in the following reports:

• Server: All servers with Anti-virus

• Server: All servers without Anti-virus software
• Workstation: All workstations with Anti-virus software
• Workstation: All workstations without Anti-virus software

If you use other anti-virus software you can add the name to this list.

50/58
 www.lansweeper.com

Configuring IP range locations.

You can define custom Locations, named “IP Location” in Lansweeper. It’s an easy way to group computers and devices
together based on IP address.

If the IP address is not in any of the ranges it will be marked as “undefined”

51/58
 www.lansweeper.com

Adding new device types.

Items in gray are system items and cannot be changed or deleted.

52/58
 www.lansweeper.com
Upgrading to the premium version.

After purchase you receive a license key which you can copy/paste into
the home screen.

If you can’t find your license key, please contact us at

lansweeper@hemoco.com and provide your order reference or order e-
mail address.

How to register the premium tools?

1) Registration for each administrator and computer.

Start one of the premium tools from the administrator's computer (for example: remote uninstall)

Click Register in the menu and copy/paste your license key.

2) Registration for all administrators.

Place a file "license.txt" with your license code in the same folder as the executables
("%programfiles%\lansweeper\actions" in the default setup).

53/58
 www.lansweeper.com

Adding user pictures to the web interface.

If you want to add pictures for your users you can add them in the pictures folder of your web server:

Folder = NetBIOS name of your domain (change this to reflect the name of your domains)
Picture = username.jpg (SamAccountname)

54/58
 www.lansweeper.com

Premium tool: Lstrigger - triggered scanning of computers.

Lstrigger has the same functionality as clicking “full rescan” in the web interface and is provided for backwards compatibility.

Use this tool to force/trigger remote scanning of a workstation from the command line.

Example:
lstrigger "servername" "computer" "domain"
Default port = 9524

lstrigger "servername" "computer" "domain" "port"

C:\>lstrigger myserver lansweeper-001 lansweeper

Change “servername” to the name of the server running your lansweeper service.

When you trigger a scan all information for this computer is rescanned regardless of the waittime set.

Lstrigger only works on computers that are already in the database.

55/58
 www.lansweeper.com
Premium tool: Remote screenshot - see what’s on a remote computer screen.

• Client requirements : Windows 2000 or higher

• No need to install software on the client.
• Both machines must be in trusted domains.
• The user should have administrative privileges on the client.
• TCP ports 139, 445 must be open on the server from the client.
• The “Server” service must be running on the target machine.
• The “Remote registry” service must be running on the target machine.
• The Default shares must be available on the client (C$, admin$)

You can also use this program from the command line or from the action screen.

Usage:
screengrab.exe {computer} /AP

Optional parameters:
/AP = ask permission
/NP = don’t ask permission

56/58
 www.lansweeper.com

Premium tool: Remote control - Take remote control of your workstations by pushing VNC.

Remote control the screen of your workstations to give them remote support.
The free VNC service is automatically pushed to the client on first use.

• Client requirements : Windows 2000 or higher

• No need to install software on the client.
• Both machines must be in trusted domains.
• The VNC service is pushed to the client and removed after the remote control session.
• The user must have administrative privileges on the client.
• TCP ports 139, 445 and 5900 must be open on the server from the client.
• The “Server” service must be running on the target machine.
• The “Remote registry” service must be running on the target machine.
• The default administrative shares must be available on the client (C$, admin$)

You can also use this program from the command line or from the action screen.

Usage:
lsremote.exe {computer} /AP

Optional parameters:
/AP = ask permission
/NP = don’t ask permission

57/58
 www.lansweeper.com

Premium tool: Remote software uninstall – list and uninstall software on remote computers.

You can also use this program from the command line or from the action screen.

Usage:
remoteuninst.exe {computer}

The only requirement is WMI and administrative rights on the remote computer.

There are 3 types of software:

MSI packages:
These are uninstalled by the MSIexec command.
Adding the /QN /NORESTART parameters makes the uninstall invisible to the remote users.

Other installers:
These might have optional parameters available to run the uninstall window hidden but this depends on the software vendor.
Silent uninstall is not always available for non-msi installers.

Not allowed to remove:

Some software is not allowed to be removed by the software vendor because it might break windows functionality.

58/58