SDP Scan offerings a glance

SDP Scan offerings a glance

There are several use cases to be addressed to scan user machines. Here are the solutions available with SDP now.

- User machine rarely reaches the organization domain / Network (user login once a week using VPN and other times using local authentication)
- User won't login to AD and uses local authentication alone. / User-machine never reaches organization domain / Network
- User present/login using AD and reaches organization domain / Network ONLY via VPN.
- User present/login using AD and reaches organization domain / Network (Org., site are widely spread across sites)

Please refer to the solutions available below :

A. User machine rarely reaches organization domain / Network  or User machine reaches Org domain once a week using VPN 
B. User never login to AD and uses local authentication alone./ User machine never reaches organization domain / Network

- In this case, SDP needs to be hosted in public. SDP will scan the machine during the restart of the user machine ONLY and push the data to SDP. 

Features that can be used are 

1. Standalone Audit - Using GPO -> Push Logon Script. Use Import from Active Directory logon script steps available in the below link  -> https://help.servicedeskplus.com/configurations/discovery/methods-of-deployment.html$ad
Here ae_script.vbs file needs to be pushed to the user machine. 
2. Installing Agent in the remote machine. 

--> Configuring vbs script as a logon/startup script for scanning all the Windows machines. The ae_scan.vbs file can be configured as a logon script in the active directory with script parameter as "-SilentMode".This will scan the target workstations upon user login and push the scanned inventory data to AssetExplorer Server.

Note : In this case, when a user restarts the application and not connected to the internet for a long time, the scanned XML file will not reach the SDP and stay back in the local drive.
The user needs to manually execute the ae_script.vbs and push it to SDP.

telnet command should work - Example -telnet <custom public domain> <port>

telnet sdpmsp.com 443 to push the data from the user machine.
Make sure the user machine proxy is allowed to push the data



   
C. User present/login using AD and reaches organization domain / Network ONLY via VPN. SDP should be hosted public . If private user should connect through VPN


Using GPO -> Push Login Script. Use Import from Active Directory logon script steps available in https://help.servicedeskplus.com/configurations/discovery/methods-of-deployment.html$ad
Here ae_script.vbs file will be pushed to the user machine. This will scan the machine during the restart of the user machine and push the data to SDP. In this case, SDP can be hosted in private/public.

1. Using GPO -> Push Logon Script. This needs to be done at least once to push the script. Use Import from Active Directory logon script steps available in https://help.servicedeskplus.com/configurations/discovery/methods-of-deployment.html$ad
Here ae_script.vbs file will be pushed to the user machine. This will scan the machine during the restart of the user machine and push the data to SDP. In this case, SDP needs to be hosted in public.
2. Installing Agent in the remote machine. - Refer to How does the Agent scan work for machines that are connected through VPN mode?

Even in just login/logout from AD or user machine, the data will be pushed based on the below settings
Admin -> Security settings - Stop uploading scanned XMLs via non-login URL


D. User login using AD and reaches organization domain / Network. (Org., branches are widely spread across regions / WAN setup). 

How do I scan machines connected through Wide Area Network (WAN)?

In a widespread organization distributed across various sites, the ServiceDesk Plus server may not be able to access all the assets in sites. Hence, a Remote AE server is installed in each site which scans and maintains all the workstations, and user information of the respective sites. The data from the Remote AE Server is pushed to the ServiceDesk Plus Server either manually or by scheduling the data periodically.  Since there is a constant need to update the users and workstation information in the ServiceDesk Plus Server, you can automate the process by specifying the central server details in the remote server thereby synchronizing the two servers.  


In this model , the Remote AE should be reachable to the user machines. Remote AE will then consolidate all user machine details and push to the S

Customers interested in using the Distributed Asset Scan feature can get the AssetExplorer Remote Server (Remote server) license from our licensing team which can be applied in AssetExplorer Remote server installations. 
This license is equivalent to the number of nodes purchased for ServiceDesk Plus.


          • Related Articles

          • Agent scan understanding

            Agent scan in ServiceDesk plus happens in two way 1) Server to target machine  2) Agent from Machine to Server MODE 1:  1) Server to target machine        -This scan happens when you login to ServiceDesk plus \ Asset explorer from your workstation or ...
          • How to migrate data from SDP MSP to SDP ?

            Below are the only details which can be exported from SDP MSP and imported to SDP application. 1) You can export request data from ServiceDesk Plus MSP (SDP MSP) using XLS format. Requests -> Goto Admin -> Reports -> New custom report -> Tabular ...
          • How Assets data will be imported / overwritten ?

            While performing a scan in ServiceDesk Plus, the criteria that helps to identify the uniqueness of the workstations is in the following order, Agent ID ( only for Agent-based Scan) Service Tag Workstation Name MAC Address With the help of these ...
          • When will the Assets get duplicated ?

            Please find the possible scenarios when the machines are renamed with _old Scenario 1:    When the workstations are swapped in the network.  Consider two workstations, MACHINE-A with service tag ST-1 and MACHINE-B with ST-2. Both the workstations are ...
          • Query to show workstations that has a scan status

            PGSQ & MSSQL: Below query that will show the Assets that has a scan status. select systeminfo.workstationname "Workstation Name", LONGTODATE(audithistory.audittime) "Last Scanned on", audithistory.auditstatus "Scan status" from audithistory left join ...