Octoscan2 - Scan Servers via GPO Scheduled Tasks

  • Verified with Windows 2012 R2 Domain Level and Servers (fully patched as of September 24, 2016).


    To scan servers in the system context, you can set up a scheduled task via GPO.


    Make sure that the GPO affects the desired servers only, and that software metering is not enabled for these scans.


    Metering should only be enabled on scans that run in an ordinary user context.


    If you need software metering or login history on servers, you have to additionally run the scanner in the user context, usually through logon GPO.

    Octoscan2 implements sensible default settings for server scans in system/administrator or regular user context.


    Prepare


    • Make sure that Group "Domain Computers" has read/execute access to the share where you published Octoscan2.exe (\\server\OctoSAM$\bin)
    • Make sure that Group "Domain Computers" has change access to the share where the .scan files are collected (\\server\OctoSAM$\data)


    Test Permissions From a Test Server


    Install PSTools from


    https://technet.microsoft.com/…sysinternals/pstools.aspx


    To start an interactive Console as system User:


    • Login with an Administrator Account
    • start cmd run as Administrator
    • psexec -i -s cmd.exe

    A new command window opens which runs as NT_AUTHORITY\SYSTEM. In this new command window start Octoscan2.exe from your network share with /show /keep Options:



    Verify that the .scan file gets written to the expected location and there are no ERROR messages in the Octoscan2 window.


    Do not continue if these prerequisite tests did not run properly!


    Configure GPO


    In the Group Policy Editor



    Set the desired triggers (once a day is recommended). Set a random delay.





    Save the GPO, allow to replicate or force replication


    On the test server run (as Administrator)


    gpudate /forced


    Verify in local task scheduler that the task has been created



    Interactively test the scheduled task (Context Menu Run ...)