Page 1 of 1

Scheduling - local machine - ina32

PostPosted: Fri Jul 08, 2005 10:17 am
by Alan McCay
Hi All

Ok, I have pretty much been smacking my brains all over the wall trying to come up with the best solution for running a scheduled network inventory and the best option I came up with is as follows. I would like any feedback - ideas - Problems that this option may include and anything that will make this work for myself and any one else stuck with the same problem.

Background – I work as a system engineer for a computer company whose first priority when it comes to issues like this is security, so null shares and anonymous logins are definitely a no-go. Running scripts to do tasks are normally what method we use to run programs. My first initial thought was to call the application using a login script. The problem with this is obvious, Our users generally don’t log off their computers, or the computer are running a build or some other function constantly which means the computers are always on. Although the on-demand scan seemed the best method to use, this was not always the case as most of our computers have the admin share and any other $ share disabled for security reasons. I also tried other suggested methods in this forum, but none seem to tackle the issue of security restrictions. Ok we may be over the top, but we have to.

So here are my ideas, and any help or ideas would appreciated.

Ok, first of all the idea of shares is the first problem, so the best option we found would be to host the ina32 file on the local computer ( updating configuration files are not a problem). So now we have two options 1) run the application using the Microsoft scheduling agent or 2) use the registry. Which would you all consider the best option?

Now for the problem, I still have to get the output file to a network location by some secure method. First of all we thought of using a push or pull script to copy the files over. Then we thought of manually logging in and copying the files over (I don’t want to keep doing that) Then we thought, we should just let the agent do its job and copy the files using a unc path (but how do we authenticate)

So you can understand my dilemma. Any advice would be appreciated. How did you all do it? Baring in mind security is an issue, and someone out there must have had the same problem.

PostPosted: Wed Jul 13, 2005 1:41 pm
by condabas
Ok, you lost me..... You can't just share out a folder on the network with domain user rights? Thats all you pretty much all you need to do to get the job done. You can script it to run off UNC path's, thats the way we have it here.

Question: Aren't these users part of your domain? Don't they already have accounts created in that domain? I'm trying to understand why you would use anonymous connections in the first place...

Check out this link on how I have setup my audits, it works like a champ:

http://www.alloy-software.com/forum/vie ... p?tid=2940

Remotely scheduling INA32.exe

PostPosted: Thu Jul 28, 2005 3:44 am
by beacon
I've been beating my head against the wall with the same problem - I want the audit to run out of the user context as a sceduled task. If I put the audit in my login script, users just stopped logging off!

The audit application and result files are on a network share. I've written a WSH script that:
enumerates all computers in an OU in your AD.
Uses schtasks to schedule the ina32 and defrag.

It has to be run from a system with schtasks (you can copy it to Win2K with some minor changes). It also needs wsh 5.6.

Run this script from a command line -
cscript ScheduleAudits.js adminpassword

There are occasions where the scheduled task won't run - if any body figures it out let me know.

PostPosted: Thu Jul 28, 2005 4:19 am
by Alan McCay
Thanks mate.

This option was needed to have regular scans of the systems, but we then decided to use the on-demand and do the scan if and when needed. Our method is written in the audit tips section " securing your data" But obviously this will come in handy for some of our other computers ( laptops )

Regards, Alan
Systems Engineer