Add Remote Computers to your SpiceWorks Inventory

brett10 · 2008-10-21T10:22:40.000Z

I have nearly 200 laptops that are out in the field, and seldom if ever come in to the office.

I posted a question about this and received a great solution from DinkLock.

I took DinkLock’s instructions a step further and created an installer package that I placed on my web server. Per my instructions, users click a link to install the Stand Alone Data Collector and start the scan. The installer also creates a Scheduled Task that re-scans the computer weekly. The scan data is automatically sent to my SpiceWorks server.

I created and attached a tutorial that shows how to make your own Stand Alone Data Collector Installer for Windows XP and SpiceWorks 3.0 or later. I don’t know if it will work for or earlier versions of SpiceWorks. Maybe someone can try it and let me know.

The installer can be run from a web server, a network share, or a removable disk (CD, thumb drive, etc.).

If anyone has any suggestions for improvement I’d love to hear them.

Many thanks to DinkLock for his fast and very helpful reply.

Brett

Update:

Ok, after a good bit of tweaking and testing, I’ve reworked the Remote Data Collector Installer. The installer package is smaller and much easier to set up.

I’ve posted a zip file with all of the necessary files including a new tutorial with detailed instructions.

The file is larger then this forum allows so I made it available at http://sites.google.com/site/bullmanfiles .

vernonsmit1463 · 2008-10-23T12:24:52.000Z

Interresting! Any info on data sizes transmitted by the laptops? I assume the laptops connect via VPN to you network and then upload the data to the SW server or do you host the SW server on the Internet? If hosted on the Net which ports did you open on your firewall?

Also, is it possible to have a single collector for multiple clients (computers) at a remote site?

brett10 · 2008-10-23T13:09:22.000Z

The transmitted data is about 113 KB.

My remote users do not connect via VPN. The data is automatically sent over the Internet.

My SpiceWorks server is behind a firewall. I simply forward port 9675 to the server that hosts SW. The port that you will need to forward is the same one that is in the url that you use to access your SW.

The Data Collector that you create with my instructions will be an .exe file (audit.exe). My deployment method of choice is to place audit.exe on a web server and provide a link to it. The user simply clicks on the link, and chooses Run or OK for any security messages. After the package is downloaded, the user clicks Extract. The rest is automatic. You can either publish the link on your web server, or send the link in an email. You probably cannot send Audit.exe as an email attachment due to its size, and due to the fact that most email servers will reject or block executable attachments.

The only thing that I do different from the instructions, is I tweaked my batch files just a bit to prevent too much info from displaying during the initial run.

Setup.bat:

@Echo off
schtasks /create /tn SWAudit/tr c:\sw\audit.bat /sc weekly /d WED /ru System
CLS
echo.
echo Please wait
audit.bat

Audit.bat:

@Echo off
c:\SW\bin\sagent.exe -P 9675 -s 72.54.xxx.xxx -v
CLS

72.54.xxx.xxx is the address of my firewall (partially hidden to protect the innocent)

Let me know if you need help

Brett

phillipdixon2255 · 2008-10-30T08:17:19.000Z

Rather than having the scheduled task call the audit.bat file (which then opens the command line window) you can add the line:

schtasks /create /tn SWAudit /tr “C:\SW\bin\sagent.exe -P 9675 -s xxx.xxx.xxx.xxx -v” /sc weekly /d WED /ru System

This adds the task and it seems to run as normal without the popup.

casper81322140 · 2008-11-01T13:38:21.000Z

@Brett: you may want to remove the ip from the word document aswell !

It’s still in there!!

akp982 · 2008-11-02T02:49:26.000Z

Blinking great

Love it, i have some users on the road and keeping track of them over vpn is painful, this idea rocks

Thanks

andy

brett10 · 2008-11-04T08:05:48.000Z

Great suggestion Phillip. The less the user sees the better.

Thanks for pointing that out Casper. I’ll fix that as soon as I figure out how to change or delete the attachment.

Brett

brett10 · 2008-11-07T11:35:51.000Z

Ok, after a good bit of tweaking and testing, I’ve reworked the Remote Data Collector Installer.

I’ve posted a zip file with all of the necessary files including a new tutorial with detailed instructions.

The file is larger then this forum allows so I made it available at http://sites.google.com/site/bullmanfiles

phillipdixon2255 · 2008-11-19T03:17:45.000Z

I’m not sure what to do with the port forwarding on my firewall. What port does Spiceworks listen to for updates? 9675? On the spiceworks preference the server is set to 80 but it this just the web server part of it? I’m assuming that 9675 needs to forward to 9675 internally? At the minute I’ve forwarded 9675 > 80 but I get the error message below.

D[14:33:10.171000] Posting dataType=Computer,assetName=PC-001,AssetUUID=XXXXX0601465214AAXXXXX,Rows=1 to http://xxx.xxx.xxx.xxx:9675/dataloader/loaddata

D[14:33:10.171000] read timeout for post is 75 secs

I[14:34:55.218000] Something went wrong posting Computer data for PC-001-XXXXX0601465214AAXXXXX: Errno::EBADF: Bad file descriptor - connect(2)

brett10 · 2008-11-19T07:28:35.000Z

Phillip,

The port number that you see in preferences is the one to use.

I dont know anything about your firewall, but you need to forward all IP traffic on port 80 to the IP address of your SpiceWorks box. If you tell me what kind of firewall you have, I may be able to help you.

Important: If you are running a web server that resides on your LAN, port 80 is probably already forwarded (to your web server). If this is the case, you will need to change your SpiceWorks port. You cannot forward the same port to more then one address. If your web server is in a DMZ, or outside of your firewall, you should be ok.

Brett

phillipdixon2255 · 2008-11-19T07:55:49.000Z

The port number on the spiceworks is set to 80. I’ve set the agent to use port 9675 and configured the firewall to forward TCP 9675 > 80 on the LAN.

I’ve tried changing the port but I didn’t like the port number appearing on the user helpdesk web site.

brett10 · 2008-11-19T08:11:14.000Z

If its working with your configuration great, but I suspect that its not. Change the port in your agent batch file to match your SpiceWorks port.

phillipdixon2255 · 2008-11-19T08:51:20.000Z

It works when I have my firewall & Port forwarding to port 80. I’m not too keen on having that opened to the rest of the world so I might have to change it.

daveshryack2650 · 2008-11-19T16:59:06.000Z

@Bullman … great topic … have to dig deeper when time permits

Phillip3326 wrote:

It works when I have my firewall & Port forwarding to port 80. I’m not too keen on having that opened to the rest of the world so I might have to change it.

Had you considered changing the SW install port to your preferred 9675 ?? by doing this you can ensure that it’s not an encoding issue like “Blank Sux” is equivelent to BlankS~1 in DOS 8.3 and Blank%20Sux in URI … Illegal DB characters may be to blame or even NAT/Routing limitations of your FW. hmm…

check out this URLencoder tool >> ENCODE2 for troubleshooting URL encoding hope this helps or at least is informative. I’m interested in tweaking out on this but alas got no time.

brett10 · 2008-11-20T08:51:00.000Z

Phillip3326 wrote:

The port number on the spiceworks is set to 80. I’ve set the agent to use port 9675 and configured the firewall to forward TCP 9675 > 80 on the LAN.

I’ve tried changing the port but I didn’t like the port number appearing on the user helpdesk web site.

If your users access your helpdesk website from the Internet, then you probably do not need any additional port forwards.

IMHO it would still be best to change the SpiceWorks port number for security reasons. The reason I use 9675, is that was SpiceWorks default during my install. Just make sure that the SW port and the port specified in the batch file match.

If you don’t want your helpdesk users to have to remember a url with a port number, you can create a web page at your original SW url that automatically forwards to the new url.

martynelsonjr7627 · 2008-11-22T04:48:36.000Z

This is my first post so bare with me.

I wanted to reply to your post about firewall ports. I currently use a Watchguard x10 and could use some direction on how to get this to work.

Sorry if this is not enough info for you. Please let me know whatelse I should provide you.

You’re posts are wonderful for SW novice and look forward to learning more.

Regards,

Marty Nelson, Jr.

brett10 · 2008-11-24T08:18:37.000Z

Marty,

I’m not sure about the WatchGuard, but for many firewall devices, the process involves at least 2 steps. In all likelihood, there will be wizards to help you with the configuration.

The first step is usually to define the new service if the service is not already pre-defined. Examples of pre-defined services are HTTP, FTP, SMTP, and most other common services. To define a service, you will need to provide a name, and a port range. The name should be something descriptive. The port range will be a single TCP port that is the same as the port used by your SpiceWorks server.

The second step usually involves the creation of an access rule. To create an access rule, you instruct the firewall to send any data that is destined for the service that you created in the first step to a specific IP address on your LAN. The IP address will be that of your SpiceWorks server.

For example, lets say that you named your service “SpiceWorks”, and the port number is 9675. The IP address of your SpiceWorks box is 192.168.0.100. Your rule would look something like this:

Source = any Destination = 192.168.0.100 Service = SpiceWorks

If you created the rule properly, any data that arrives at your firewall on TCP port number 9675 via the WAN (external or WAN IP address), will be forwarded directly to your SpiceWorks server.

When you set up the remote data collector, your Config.bat file should have the port number that is forwarded to your SpiceWorks box, and the WAN IP address of your firewall.

You can use this same technique to publish a web server or any other server that is on your LAN (behind your firewall), and make it available to users on the Internet.

I hope this helps.

Brett

sean7799 · 2009-07-13T08:12:21.000Z

Thank you for the time spent on this. I’ll be looking to implement this over the next week or so.

** edit:

Most excellent. that works for one of my two groups of external groups.

One group is manager type folks who are online quite often. so i modified the scheduled task to create two tasks each run every two days. i couldn’t figure out how to craft a command line scheduled task with multiple schedules.

My other group are hands on assembly folks. they are only online for short periods of time at random intervals. Luckily, they are all running Vista so I’m going to modify this process to use the Vista options for Scheduled task which will allow me schedule the task to run when the event logs records an event such as Event 4201 (Network Detected). it should be as easy as importing an .xml file

danvachon · 2009-09-03T12:25:28.000Z

This is really a great tool

But here’s my little problem, I’m trying to use it with group policies and need it in .msi. I tried compiling it with advanced installer, it creates the msi and installs something, but the scheduled task doesn’t get created…

Any ideas on how to set it up???

brett10 · 2009-09-04T14:04:46.000Z

Hi DanV,

When you say that you want to use it with Group Policies, I assume that the target computers are either on your LAN or are connected via VPN. If that is the case, you do not need the Remote Data Collector.

Please give me a little more information about your intended use and I will try to help you out.

Brett