Scheduling - local machine - ina32

Alloy Network Inventory is a comprehensive, budget-friendly, easy-to-deploy network inventory solution that provides you with accurate and up-to-date information from every computer on your network.
 

Scheduling - local machine - ina32

Postby Alan McCay on Fri Jul 08, 2005 10:17 am

Hi All

Ok, I have pretty much been smacking my brains all over the wall trying to come up with the best solution for running a scheduled network inventory and the best option I came up with is as follows. I would like any feedback - ideas - Problems that this option may include and anything that will make this work for myself and any one else stuck with the same problem.

Background – I work as a system engineer for a computer company whose first priority when it comes to issues like this is security, so null shares and anonymous logins are definitely a no-go. Running scripts to do tasks are normally what method we use to run programs. My first initial thought was to call the application using a login script. The problem with this is obvious, Our users generally don’t log off their computers, or the computer are running a build or some other function constantly which means the computers are always on. Although the on-demand scan seemed the best method to use, this was not always the case as most of our computers have the admin share and any other $ share disabled for security reasons. I also tried other suggested methods in this forum, but none seem to tackle the issue of security restrictions. Ok we may be over the top, but we have to.

So here are my ideas, and any help or ideas would appreciated.

Ok, first of all the idea of shares is the first problem, so the best option we found would be to host the ina32 file on the local computer ( updating configuration files are not a problem). So now we have two options 1) run the application using the Microsoft scheduling agent or 2) use the registry. Which would you all consider the best option?

Now for the problem, I still have to get the output file to a network location by some secure method. First of all we thought of using a push or pull script to copy the files over. Then we thought of manually logging in and copying the files over (I don’t want to keep doing that) Then we thought, we should just let the agent do its job and copy the files using a unc path (but how do we authenticate)

So you can understand my dilemma. Any advice would be appreciated. How did you all do it? Baring in mind security is an issue, and someone out there must have had the same problem.
Alan McCay
Junior
 
Posts: 9
Joined: Mon Mar 14, 2005 11:17 am

Postby condabas on Wed Jul 13, 2005 1:41 pm

Ok, you lost me..... You can't just share out a folder on the network with domain user rights? Thats all you pretty much all you need to do to get the job done. You can script it to run off UNC path's, thats the way we have it here.

Question: Aren't these users part of your domain? Don't they already have accounts created in that domain? I'm trying to understand why you would use anonymous connections in the first place...

Check out this link on how I have setup my audits, it works like a champ:

http://www.alloy-software.com/forum/vie ... p?tid=2940
condabas
Senior
 
Posts: 42
Joined: Mon Jul 07, 2003 11:52 am
Location: Seattle, WA

Remotely scheduling INA32.exe

Postby beacon on Thu Jul 28, 2005 3:44 am

I've been beating my head against the wall with the same problem - I want the audit to run out of the user context as a sceduled task. If I put the audit in my login script, users just stopped logging off!

The audit application and result files are on a network share. I've written a WSH script that:
enumerates all computers in an OU in your AD.
Uses schtasks to schedule the ina32 and defrag.

It has to be run from a system with schtasks (you can copy it to Win2K with some minor changes). It also needs wsh 5.6.

Run this script from a command line -
cscript ScheduleAudits.js adminpassword

There are occasions where the scheduled task won't run - if any body figures it out let me know.
beacon
Member
 
Posts: 13
Joined: Mon May 05, 2003 12:03 am

Postby Alan McCay on Thu Jul 28, 2005 4:19 am

Thanks mate.

This option was needed to have regular scans of the systems, but we then decided to use the on-demand and do the scan if and when needed. Our method is written in the audit tips section " securing your data" But obviously this will come in handy for some of our other computers ( laptops )

Regards, Alan
Systems Engineer
Alan McCay
Junior
 
Posts: 9
Joined: Mon Mar 14, 2005 11:17 am


Return to Alloy Network Inventory 4

Who is online

Users browsing this forum: No registered users and 1 guest

cron