Archive for the ‘Landesk’ Category

Landesk : Scanning for custom registry changes on clients with LDMS SP2

February 19, 2011 Leave a comment

Today I am playing around with our Landesk LDMS 9 SP2 system and I was wondering if it was possible to scan for custom registry keys on the client machine. In my case I needed to know if all Windows XP SP3 machines were configured to allow NTLMv2 traffic only (info here). The key we are looking for is :

HHEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa….     with value: lmcompatibilitylevel

This is the correct procedure to implement this:

1. On the Landesk Core server browse to and open <servername>\Program Files (x86)\LANDesk\ManagementSuite\ldlogon\LdAppl3.Template

2. Go to the [Registry Info] section and add the following entry and save the file:

KEY=HKLM, SYSTEM\CurrentControlSet\Control\Lsa, lmcompatibilitylevel, Custom Data – Network – LmCompatibilityLevel

3. Start the Landesk Management Console and go to: Tools – Reporting/Monitoring – Manage Software List

4. Click on: Make available to clients to ensure that the Landesk Core server makes this change available to the clients

5. In the Landesk Management Console go to: Configure – Services

6. Click on the Inventory tab and choose Unknown Items

7. Click on the Computer.Custom Data.Network.LmCompatibilityLevel rule and click on: Allow

8. Now you will get a message that the Inventory Service should be restarted. Select: Yes

9. Now you can force an inventory scan on the client or just wait for the automatic scheduled scan.

10. If the scan is complete you can Rightmouseclick on the client machine and select inventory. Browse to the newly created entry.

There is another great tool that can be usefull as well. Its called LDMS_Client and created by Droppedpackets and can be found here. I hope you found this usefull and feel free to comment.

%d bloggers like this: