Automating Network Folder Audit

The Inventory Analyzerpackage for Network Folder Audit of a network segment is typically deployed to a shared folder hosted on a file server. The shared folder must be accessible to all computers and authorized users on this network segment.

When deployed to a shared folder, Windows Inventory Analyzer, Linux Inventory Analyzer, and Mac Inventory Analyzer can be launched automatically using domain logon scripts, scheduled tasks, or other scripting solutions. The resulting audit snapshots are also stored on this network share, in an Intermediary Repository subfolder.

When started, Alloy Discovery can automatically scan all the intermediary repositories (if you have multiple instances of Network Folder Audit), and load the detected audit snapshots to the database. There are several methods to automatically launch the audit agents and produce audit snapshots on a regular basis:

• For networked computers running Windows OS, you use the following methods:

• In a Windows domain, apply a Domain Logon Scripting.

  Windows XP and later domain controllers feature the logon scripting facility for configuring desktop environments for users. The default location for domain logon scripts is the NETLOGON shared folder built during the Active Directory installation. For example, for details on domain logon scripting, see the Microsoft TechNet topic "Use Startup, Shutdown, Logon, and Logoff Scripts".

  If you have the Inventory Analyzer deployed to the Audit network shared folder on a file server named AuditServer, add the following line to your domain logon script to run the audit during the logon sequence:

  \\AuditServer\Audit\ina32.exe

  If this script is assigned to each domain member, the Inventory Analyzer runs on each computer in the domain when a user logs on to the domain.

  Example of Windows domain logon script

  @ECHO OFF

  NET USE N: \\AuditServer\Audit

  START /WAIT N:\ina32.exe

  NET USE N: /DELETE

  Note for Novell NetWare users:
  When adding the Inventory Analyzer to your NetWare logon script you will have to use an additional command-line option to allow for the logged-on user information to be recorded properly. The following script line demonstrates this:
  \\AuditServer\Audit\ina32.exe /userid="%LOGIN_NAME"
  This should correctly pass the NetWare username to the Inventory Analyzer using the scripting macro %LOGIN_NAME.

• In a non-domain networks, apply one of the methods to configure each client computer:

• Windows Startup Menu

  The launch command is added to the system startup menu, and executed when the computer boots up. While this method may seem easy to implement, there's no guarantee that your users won't disable the launch command.

• Windows Registry Startup Keys

  The launch command is added to the system startup list (HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run) and executed when the machine boots up.

  This method can be used when there is no domain controller on your network. This provides more security over using the Startup Menu method, since regular users on XP/Vista/7/8 platforms can't change the contents of the system registry under HKEY_LOCAL_MACHINE.

• Windows Task Scheduler

  You can use the Windows Task Scheduler to start the audit at a specified date and time. This is effective because these tasks can be run regardless of whether a user is logged on to the computer.

  NOTE: The steps below show how to create a scheduled task on a computer running Windows 10. For other Windows versions, refer to your Windows documentation.

  To automate the audit using the Task Scheduler:

  1. Open the Windows Task Scheduler. For example, type Task Scheduler in the Windows search box, and click the top result to open the Task Scheduler. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

  2. If you want to place the new task to a new folder, right-click the Task Scheduler Library branch, select the New Folder option, and create a new folder.

  3. Click the Actions menu, and then click Create Basic Task.

  4. Type a name for the task and an optional description, and then click Next.

  5. To select a schedule based on the calendar, click Daily, Weekly, Monthly, or One time, click Next; specify the schedule you want to use, and then click Next.

  6. Click Start a program, and then click Next.

  7. Click Browse to navigate to the executable program (ina32.exe), and then click Next.

  8. Click Finish.

NOTE: Using Domain Logon Scripting, Windows Startup Menu or Windows Registry startup Keys may lead to audits running every logon or reboot. To reduce the frequency of audits, audit schedule of the Network Folder Audit Source should be defined.

• For networked computers running Linux or Mac OS, from the shared folder where the Inventory Analyzers have been deployed, you use features such as the cron daemon to automate audit agent's performance:

  • Automating audit on clients machine running Linux

  • Automating audit on clients machine running Mac

Related Information:

Windows Inventory Analyzer