AuditWizard™ V7 How to Configure the Automated Scanner for your LAN The following is intended as a step-by-step guide to setting up an automated auditing system within a local area network (LAN) using AuditWizard. In this example, we will be using a shared network drive, NETSHARE, shared from the PC called ‘NETSERVER’. Note, it is not necessary for the share to be on Windows Server, only that the share is visible to all PCs that are to be audited, however it is recommended to have the share on a network server (in a production environment) to prevent file-sharing limitations. Standard workstations are only capable of allowing 10 concurrent connections at one time (Servers are not limited by this). ***Disclaimer: Please ensure that you have the necessary expertise before continuing, as Layton Technology, Inc. cannot be held responsible for any problems, which you may encounter while modifying your Server settings. Every attempt has been made to make this document as clear as possible however, due to issues or settings in each environment results may vary. We cannot troubleshoot any part of the network or server problems, when found to be a fault in the configuration of the server or the network. Support staff is only able to give assistance with AuditWizard™ Step 1 - Preparing the Network 1. Create a new folder on your PC and call it ‘NETSHARE’. This will be the primary shared folder. 2. Beneath the ‘NETSHARE’ folder create two sub-folders, DATA and SCAN. Note, when building the scanner, you specify the top level folder (Netshare), and AuditWizard will create the ‘Scan’ and ‘Data’ subfolders for you. 3. Right click on the ‘NETSHARE’ and select Properties. Click on the Sharing Tab, and share this folder as ‘NETSHARE’. Apply the Change. You should see the hand appear underneath the folder icon as shown below: Check the folder permissions from the Security Tab for the Scanner and Data folders. Ensure that as a minimum, all users (everyone and Domain users) have read and execute permissions to the SCAN folder and ALL permissions to the DATA folder. Also ensure that the permissions for NETSHARE allow all users to have ‘Full’ access. Make sure to also apply the changes to permissions on each of the folders. 1 of 8 How to Audit LAN Step 2 - Building the AuditWizard™ Scanner 1. Start the main AuditWizard program and log in as an auditor or Admin, if security has been enabled. 2. If the Startup screen is displayed, select Close then click on the Build scanner Wizard icon, or you can go to the Wizards | Audit Scanner Wizard Menu. 3. From the Build Wizard, select the Profile you wish to use, then click Next to continue configuring the scanner. We recommend using the Default option for this example, then click ‘Next’. 2 of 8 How to Audit LAN 4. From the Build Wizard, select the Method you wish to use, then click Next to continue configuring the scanner. We recommend using the Network – Login Script option for this example, then click ‘Next’. 5. From the next screen, you will be able to specify the path to the NETSHARE folder that was created above (in step 1). Share path: \\NETSERVER\NETSHARE Scanner path: \\NETSERVER\NETSHARE\SCAN. Data path: \\NETSERVER\NETSHARE\DATA Please note the screen shot below uses the UNC (Universal Naming Convention) path, which is the most reliable method. The UNC method allows for the scanner to communicate across the network. We recommend using the default settings from this screen below, which will automatically search for a Scan and Data subfolder. If not present, the Wizard will create them for you 3 of 8 How to Audit LAN You can use the Browse buttons for each of the above paths to avoid typing mistakes however, ensure that you always go via network neighborhood (or its equivalent) to enforce the use of UNC notations for the two paths. Mapped drives should not be used for the NETSHARE path especially as the drive mapping may be different on PCs in your network (only use drive mappings if you are certain it is a common drive for all users). Click ‘Next’ when you are done specifying the paths. 6. Choose an operation mode for the scanner. Non-Interactive does not allow the user to interact with the scanner, and this option can be set to hide from the user (most used option). First Time Interactive will display a pop up to the user on the initial scan only, which will allow them to enter basic asset information and other advanced information from the Asset Data Fields. When set to Interactive, the scanner will always allow the user to interact with the scanner to enter information. 4 of 8 How to Audit LAN For this test, you may want to set the Interactive scan first, and then at any time you can reconfigure the scanner to run Non-Interactive, by running the Scanner Wizard again. In a production environment, the most typical setting is ‘Non-Interactive’ and ‘Hide in the background’. Click ‘Next’ to continue. 7. From the Scanner Collection screen, you can modify how the scanner will interrogate the PC for specific data. We recommend leaving the defaults; however the ‘Advanced’ buttons will allow you to further define what information is collected. If the Interactive mode was selected, you can specify which screens the user will see and interact with by checking or unchecking boxes. If Interactive was chosen, we recommend experimenting with the different settings by building the scanner, then invoke the scanner Click Next to continue. 8. From the next screen set the Re-audit Interval field to be the minimum number of days between audits. In most cases a value of 7 to 14 days is a good compromise between auditing too frequently, and potentially missing important changes in the configuration of the PC being audited. ‘0’ indicates the audit will run every time it is invoked. Click ‘Next’ to continue. Special note about Re-audit interval – When the interval is set to more than zero days, if you try to re-audit the PC before the interval has elapsed, it will not run. For testing, a zero day interval may be best. 9. On the Scanner Configuration screen, you will be able to review the current details to be audited and accept the values, or you can click ‘Back’ to change them. Click ‘Next’ to continue. 10. The next screen will show the summary of the Scanner configuration prior to building (deploying) the scanner to the remote share. If you have found something that needs to be changed, simply click the Back button. When clicking Next, it will attempt to deploy the scanner files to the remote share and will confirm if the operation was successful. Click ‘OK’ to acknowledge the message. If an error occurred writing to the ‘Scanner’ path, go back to step 4 to ensure the correct UNC path is selected in the box to deploy the scanner to. 11. The next window will display the full path to the scanner and the command to use in your network logon script, depending on the network type used. You may want to write this down for use in Step 3 below. 5 of 8 How to Audit LAN 12. Click ‘Finish’ and you will be prompted to test the scanner that has just been deployed (recommended). This will ensure that the path to the data folder is resolved correctly, and that there are no errors. If you find that there is an error, you may need to repeat this process again to ensure it was not a permissions issue, or the network path to the ‘Data’ may not have been resolved correctly. Step 3 – Configuring your Network Logon Script The following steps require access to your Domain Controller, PDC or Novell Tree) and some knowledge of user administration under Windows NT/2000/2003. Please ensure that you have the necessary expertise before continuing as Layton Technology, Inc. cannot be held responsible for any problems which you may encounter while modifying your Server settings. Windows Server Configuration: 1. Click Start, point to Settings, click Control Panel, then click on Administrative Tools, and then click User Manager for Domains. On Windows 2000 Server it will be the ‘Users and Groups’ Snap-in from ‘Computer Management’ or from Active Directory, ‘Active Directory for Users andComputers’. For more information on Novell scripts, please visit this link below: http://support.novell.com/ Logon scripts can be assigned to individual users or groups of users. It is however likely that you are only using a single logon script for all users. To determine if you are using a logon script on your system, double-click a user 6 of 8 How to Audit LAN from the displayed list and click on the Profile Tab. If a logon script is in use, its name will be displayed in the Login Script Name box. In Active Directory, you can also have a ‘Group Policy’ set up to run the script against all users. 2. By default, Windows NT looks for logon scripts on the Primary Domain Controller in the directory %systemroot%\SYSTEM32\REPL\IMPORT\SCRIPTS, where systemroot is the disk drive and directory in which Windows NT Server was installed. For more information on NT Server, visit the link below: http://www.microsoft.com/ntserver/techresources/WpGlobal.asp 3. If you are running in a Windows 2000 Server environment, the path will differ slightly to the scripts folder. The following is the path under Windows 2000 Server: %systemroot%\sysvol\sysvol\domain_name\scripts, where systemroot is the disk drive and directory in which Windows 2000 Server was installed. Here is a link to a document on Microsoft’s web site that explains in detail how to configure a logon script on 2000 Server: http://support.microsoft.com/default.aspx?scid=kb;en-us;322241 4. If you are running 2003 Server, the path to the Scripts folder is also slightly different: %SystemRoot%\System32\Repl\Imports\Scripts (This folder does not exist by default, so it must be created). For more information on how to set up the logon script in 2003 Server, please refer to this document: http://support.microsoft.com/default.aspx?scid=kb;en-us;324803 If you are not currently running a logon script 5. Using Windows Explorer on the Server, navigate to the scripts folder defined above, then using MS Editor (from a command prompt, type in ‘Edit’) ** , create the file audit.bat and edit it. 6. Select the users which you want to be audited from the displayed list and click Profile. Enter the name of the batch file that is to be run, say audit.bat. Specify only the filename, not the full pathname! If you are already using a logon script 5. Using Windows Explorer on the Server, navigate to the scripts folder defined above, using MS Editor (from a command prompt, type in ‘Edit’) ** , then edit the logon script. 6. Move to the bottom of the logon script and add the following line: START \\NETSERVER\NETSHARE\AUDITWIZARD\SCANNER\SCAN32.EXE *Note There is a space in between the word ‘Start’ and the UNC path. ** Please note, we have found the use of MS Editor is more compatible with writing a batch file (BAT file) than any other text editor. There have been some cases where using a standard text editor as opposed to MS Editor would not allow the script to run at all. 7 of 8 How to Audit LAN If you have any 16-bit systems on your network (Windows 3.11 or DOS) then you will have to replace SCAN32.EXE with LAUNCH.EXE. Note also that LAUNCH.EXE is a 16-bit application and as such the path to the executable MUST be 16 bit compliant that is in DOS 8.3 format. The above path is NOT compliant as the server name exceeds 8 characters in length! It is recommended to execute LAUNCH.EXE from a Mapped drive as opposed to a UNC path. Step 4 – Configuring the Upload Process Although the auditing process will now be automatic it still remains necessary to upload the results of the audits from the DATA folder into the AuditWizard database. AuditWizard is already configured to do this automatically in the standard version at pre-defined intervals by selecting Profile| Active Profile | User Interface | Upload Settings. By default, the box will be checked to ‘Auto Upload Audit Data when there are at least X number of audits ready’. By default the time is set to 1 asset, which allows audits to be uploaded in a timely manner without imposing too much of an overhead on the AuditWizard PC. Leave the Minimum Audit Count at 1 to force AuditWizard to upload audits as and when they are available. This can be changed to any number of preference, however we recommend leaving the default value. This will process audit data as it becomes available. Note, the program must remain open to upload the results. The upload path should have been set to the DATA folder as the scanner was built. However check this by selecting Profile| Active Profile | Scanner Deployment. The path to the DATA folder is defined by the Upload From field. Note: The SQL version will use a program called the Autoloader. This program will run as a system service, once activated. It will then start to pull in the audits from the data folder, with or with out the program open. You can start this by going to Audit | Autoloader Service Control | Start. Document updated 11-20-2006 8 of 8 How to Audit LAN
© Copyright 2024