• State Verified Answer
  • Locked Locked
  • Replies 17 replies
  • Subscribers 25 subscribers
  • Views 3525 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Run AD scan via script file

jwolff

Hi,

is there a way to trigger an AD scan via script file?

When an AD account is locked, this is not visible in ARM in real time.
However, it is possible to activate an alarm which is triggered when an AD account is locked. The alarm can then be used to start a script.

In this way, locked AD accounts would be immediately visible in the ARM.

Kind regards

Jonas

Parents
  • 0

    Cool Idea, and yes there is an unofficial way to trigger. Look into the ARM installation directory and look for the file "app8ManCommand.exe --help". There is a recan for the OnPrem AD. Unfortunately, it is unofficial and could be "removed" every release :-(. It would be great if all that function would go into the official Web API.

  • 0 in reply to armexpert

    I have created a script that triggers the AD scan.
    When I run the script manually, it works fine.
    However, when the script is run as a result of an account lockout alert, the execution always fails with the message that the collector is unreachable.

    Do you have any idea what the problem could be?

  • 0 in reply to jwolff

    I believe it is the user which runs the script. In user mode you are using an account which has admin rights in ARM. In your alert script, you might be running the script in system context or a user which does not have any access right in ARM. You would see it in the "pnJob.log" which user is used for calling the alert script. You need to configure a user in the script configuration page within the configuration of ARM. 

    If you already configured a user, be sure that this user is an administrator of ARM.

    Hope that helps.

  • 0 in reply to armexpert

    Thanks for the suggestion, I had already tried that. Unfortunately, the same error still occurs.

    By the way, the error message refers to the FQDN of the collector.
    But in the collector overview in the ARM configuration the collector is only set up under its simple name, not as FQDN.

    The collector is the ARM server itself.
    Do you know if it is possible to rename the collector in the ARM configuration?
    When I right click on the collector, all entries in the menu are grayed out.
    I can rename additional collectors without any problem, but not the ARM server collector.

  • 0 in reply to jwolff

    Which version are you using? It should be fixed with 2022.

  • 0 in reply to armexpert

    Thanks for the hint!

    We still have 2021.4.2 installed, but I will upgrade to 2022 soon.

  • 0 in reply to jwolff

    Could you update and is it working now?

  • 0 in reply to armexpert

    Thanks for asking, unfortunately I have not been able to update yet.

    I will keep you informed.

Reply Children
No Data

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.