In our main branch, we have computers on the domain that have the agent installed. Additionally, there are a number of personal laptops that are brought in that connect to our public wireless connection and occassionally VPN into the network for file sharing/etc.

 

For these laptops, we do not presently have local admin credentials. I have set up a remote office to manage these machines and intend to manually install the agent to communicate back to the DC server.

 

On a test machine, I got this set up in this configuration and was able to pull inventory reports without DC server having local admin credentials. What limitations should we expect when running in this configuration? Can we push patches?

 

It looks to be a business process issue we are up against here, but I am looking for the least intrusive solution that will allow us to ensure we don't allow vulnerable systems on our network.

 

-Aaron