Preparing Enviroments for Agent Less Scanning
In the following steps it will be explained how to deploy the settings to the various Hosts of the domain so that they can be scanned by the IT Asset Tool server. This procedure can be carried out automatically by following the guide at this link.
- Open the Group Policy Management, expand your tree and right click on your domain name. Click on "Create a GPO in this domain, and Link it here..."
- Select the Name for this Group Policy Object (Example: IAT)
- Right click in our new GPO an click on "Edit"
- Browse the tree until you find "Inbound Rules" under Windows defender, then right click an select "New Rule"
- Select "Custom" and click Next
- Select "All programs" and click Next
- Now, Select "Any" under protocol Type and click Next
- Under "Which remote IP address does this rule apply to?" select "These IP Adress" and click "Add" button to select from which hosts to allow connections
- Enter The IP Address of IT Asset Tool Server and click "Ok"
- Now, you can click "Next"
- Now, you can select the Action selecting "Allow the connection" and click "Next"
- Now you need to select the profile where apply the rule settings, therefore choose "Domain" and click on "Next"
- Select now the name for the firewall Policy and click "Finish"
- Now we have to set the startup for the "Remote registry" windows service, browse the tree until you find "System Services"
- Find "Remote Registry" and right click on it
- Select "Automatic" on Startup mode and click on ok
- Under security filtering click on "Add"
- Click on "Advanced"
- Click on "Find Now"
Select "Computer Domain" and click on "Ok"
- Click on "Ok" Button and close Group Policy Object.
- Set now the audit of user exploring the GPOM under "Audit Policy"
- Select "Audit logon event" and with right click select "Proprieties"
- Set the audit action to track selecting "Success" and "Failure" and click to "Ok" Button.
- Repeat this procedure and set the audit Account to track "Success" and "Failure" Events and click to "Ok" Button. Close now the GPO manager.
In order to see the newly configured policies applied on the domain computers, it is necessary to wait for the deployment and restart the client computers.