There are two main ways you can scan a Windows computer: with a scanning agent or without a scanning agent. Both options return the same data, but the scanning agent allows for offsite scanning and is immune to credential and firewall issues. Outlined below are the requirements for scanning Windows workgroup computers with or without an agent.
Regardless of which option you choose, Lansweeper will pull most Windows computer data from WMI (Windows Management Instrumentation), a management framework built into Windows operating systems. Some data is pulled directly from the client machine's registry as well.
Requirements for scanning without a scanning agent
To scan a Windows workgroup computer without an agent, the computer must meet the following requirements:
You can run this VBScript on your workgroup computer to correctly configure most settings, including Windows Firewall, User Account Control and security model settings. A reboot may be required after running the script.- Architecture
32-bit or 64-bit
- Operating system
Windows 2000 or any more recent Windows operating system. Agentless scanning only supports non-Home editions of Windows.
- Firewall
As Lansweeper pulls most Windows computer data from WMI (Windows Management Instrumentation), you need to ensure that WMI traffic is allowed through your client machine's and other firewalls. By default, Windows sends WMI data over random ports, as explained in this Microsoft knowledge base article. You need to either:
• Configure your firewalls in such a way that *all* WMI traffic (over random ports) is allowed. Windows Firewall includes a remote administration exception that you can enable to allow WMI traffic, as explained in this knowledge base article. For third-party firewalls, you'll need to consult your firewall documentation.
• Configure a fixed WMI port and allow traffic through that port. Setting up a fixed port is supported by Windows Vista and more recent operating systems.
• If you are unable to allow WMI traffic through your firewalls, scan your computers with the LsPush scanning agent instead, which does not require firewall reconfiguration. - Credentials
You must provide Lansweeper with a username/password combination that has administrative privileges on the client machine.
- User Account Control
If the client machine is running Windows Vista or a more recent operating system, User Account Control (UAC) must be disabled on the computer, at a minimum for the user account you'll use to scan the machine.
- Security model
The computer's security model must be set to Classic.
- Installed software
No Lansweeper software is required on the client machine you're scanning. You do need to ensure that the Windows Management Instrumentation service is running on the machine, as this is what Lansweeper will use to retrieve data, but this service should already be running by default.
Requirements for scanning with a scanning agent
To scan a Windows workgroup computer with our LsPush scanning agent, the computer must meet the following requirements:
- Architecture
32-bit or 64-bit
- Operating system
Windows 2000 or any more recent operating system. Unlike agentless scanning, agent based scanning supports Home editions of Windows.
- Firewall
No firewall reconfiguration required!
- Credentials
No credentials required!
- User Account Control
No UAC reconfiguration required!
- Security model
No security model reconfiguration required!
- Installed software
No Lansweeper software is required on the client machine you're scanning. You do need to ensure that the Windows Management Instrumentation service is running on the machine, as this is what Lansweeper will use to retrieve data, but this service should already be running by default.