Has anyone disabled TLS 1.0 on their Lansweeper server?

maximillianx · ‎04-24-2017

We need to disable the TLS 1.0 protocol on our IIS server running Lansweeper (per a compliance audit), but when we do, we get a dialog box stating that Lansweeper is upgrading 1 of 145 components (paraphrased, I don't have a screenshot available), and it just hangs there. Re-enabling 1.0 and restarting IIS resolves this issue.

We were able to successfully disable SSL 3.0 with no issue but as soon as we disable TLS 1.0, we get problems.

Anyone else successfully disabled TLS 1.0 with no issues?

We're using the Nartac IIS Crypto tool to do this, btw. Performing the changes via the registry yielded the same results.

Thank you!

Bruce_B · ‎05-04-2017

Just to follow up on this. We've tested this further internally, and the current effect of disabling TLS 1.0 on your Lansweeper server is the following:

For connections to your database from your service to be successful you need to have SQL Server 2008 or newer installed and need to have the latest Microsoft Cumulative Update installed for your SQL Server installation. Older SQL Server versions don't seem to have an update available specific to this and Microsoft no longer provides support for these SQL Server versions.
New Advanced Lansweeper installations on SQL Server will fail on the database connection part of the install. We'll look into fixing this in a future Lansweeper release, though we can't provide a release date for this yet.

In short, if you want to disable TLS 1.0, it appears that this is fine, if your Lansweeper is already installed and your database is installed on SQL Server 2008 or newer, with the latest Cumulative Update.

Edit: further testing has revealed that disabling TLS 1.0 will also negatively impact the scanning of warranty information for assets. This is also something we'll resolve in a future release.

View solution in original post

banthon1 · ‎05-25-2017

https://support.microsoft.com/en-us/help/3135244/tls-1.2-support-for-microsoft-sql-server

for anyone else that needs this...

Bruce_B · ‎05-04-2017

Just to follow up on this. We've tested this further internally, and the current effect of disabling TLS 1.0 on your Lansweeper server is the following:

For connections to your database from your service to be successful you need to have SQL Server 2008 or newer installed and need to have the latest Microsoft Cumulative Update installed for your SQL Server installation. Older SQL Server versions don't seem to have an update available specific to this and Microsoft no longer provides support for these SQL Server versions.
New Advanced Lansweeper installations on SQL Server will fail on the database connection part of the install. We'll look into fixing this in a future Lansweeper release, though we can't provide a release date for this yet.

In short, if you want to disable TLS 1.0, it appears that this is fine, if your Lansweeper is already installed and your database is installed on SQL Server 2008 or newer, with the latest Cumulative Update.

Edit: further testing has revealed that disabling TLS 1.0 will also negatively impact the scanning of warranty information for assets. This is also something we'll resolve in a future release.

Marvin · ‎04-28-2017

+1 for this.
Disabling TLS 1.0 will be required for us as well.

maximillianx · ‎04-25-2017

TLS 1.0 will be deprecated next year, will you be updating the framework before then?

Bruce_B · ‎04-24-2017

Edit: not entirely correct, check post below.

Has anyone disabled TLS 1.0 on their Lansweeper server?

New to Lansweeper?

Try Lansweeper For Free