1

Hi Guys,

I some data entry workgroup PC’s that have a local admin login account. I cannot get Spice Works (SW) to scan and inventory these devices. I can ping the machines, RDP to them with the local admin login account with no problem, but when SW’s tries to access it cannot. I was told by support to try .\LocalAdminAcc and that would pull in the local computer name. All these things did not work… What am I missing here?

2 Spice ups
2

you might try adding a user “Spiceworks-Monitor” to the PC under local. then giving it full access but a password only you know. then seeing if that one can link and do what it needs to under the PC. i had to do that with one client because their security system was revoking the “spiceworks scan” access to the set local admin. after i got it a specific account. it worked just fine for me. also, if you have a “network admin” you might use that account as well.

3

This is not specific to one machine. It does not work for any of the machines, not in a domain. The current account i am using is a local admin on all our machines. Thanks for the reply.

4

What OS is the machines?

Does it return their IP but no data or does it not even find them?

Make sure file and printer sharing is enabled in the network and sharing centre, and pings are allowed, if you use a 3rd party firewall you’ll need to do this manually.

5

Well tried to anyway as you mentioned with another Admin local account “spiceworks” and no go as I expected. I guess Spice Works does not inventory workgroup based machines.

6

Yes it does.

I inventory them, I also provided you some information above.

Domain based machines tend to have everything applied for them from policy, since you are using a workgroup it’s still possible, but may require a little more manual effort to get them going, since you have no central management,

Be patient, bare with me and I’m sure in a day or two you’ll be working

You do know what .\localaccount is doing right? (If SW team told you to use this, there is a reason, but .\ technically means local machine (as in the one you are on)

7

It knows there is a machine there with that IP but can not login to inventory. Firewall is turned off and pinging no problem. I just verified that file and printer sharing is enable…Thanks for suggesting at least. :slight_smile:

8

I haven’t finished, that’s the first step.

But I need to know what Spiceworks does see - does it find a device but not inventory the details or does it not even see the device?

Can you share a screenshot of what the inventory sees for this device?

9

.\localaccount is doing right?….Yes i know what it means and I have attempted this, hell I even put in the actual computer name myself instead of the .\ to ensure it was not pulling a domain name.

10

.\ wont pull a domain name for 2 reasons. !. you don’t have one, 2. .\ is local, it doesn’t care for a domain.

Add a device that is failing to scan in the device scanning page manually, as it’s own device, tick the box and click scan - lets see what happens when it’s on it’s own

11

From a troubled machine

Run a Command Prompt as Administrator on the machine that is failing, and enter / paste the following (without quotes):

“netsh advfirewall firewall set rule group=“windows management instrumentation (WMI)” new enable=Yes”

Import the attached registry entry - it allows execution from an remote account via UAC (you may need a reboot) - if importing a registry file concerns you, look in it and Google the code or search this community for “Rod-IT WMI”

You will see many people thanking me.

Spiceworks_UAC_remote_allow.reg (167 Bytes)

12

Yes it sees a “device” but can not login.

Capture.JPG

13

See my above posts, but tell me.

Is this a home or embedded edition of Windows or a Pro/enterprise/ultimate version?

14

Ok I completed both recommended tasks successfully and rebooted but I have the same result “login Failed”.

15

What version of windows are these?

16

Yes I have seen your posts…see attached.

Capture.JPG

17

Did the last attachment answer your question? I am just looking for the manual process to add a machine to complete your other recommendation…

1 Spice up
18

Does it have any IDS or IPS software on it, does it have a 3rd party firewall?

When you ran the registry file did it say imported ok?

Did the WMI file say 4 or 8 items edited?

19

It did yes, thank you.

20

Something else to test.

Open a command prompt and ping;

Ping timeentry3-pc you will get a reply of an IP (lets pretend 1.2.3.4).

Now ping this IP like this

Ping -a 11.2.3.4 - does it return the same name, if it does not you have stale DNS records and you will need to fix this first.

If it does it should either reply timeentry3-pc or timeentry3-pc.yourdomain.com