Jump to content

Console Communication Issue


Recommended Posts

Hello,

What is the communication method/protocol that the console uses to scan for machines in an IP range? I currently have 107 clients in one subnet reporting as online, but when I scan that subnet to push some client updates, I only end up with 19 found computers. Firewalls are off, NetBIOS over TCP/IP is enabled, and File and Printer Sharing is enabled.

I used to get much better results from the scans. The only thing that has changed is that we moved to new building on a mostly new LAN. We use the same subnets as before, and moved most of the switches from the old location, but we do have some new ones. Since we are getting some results, I wouldn't think that the infrastructure would be the issue. The 19 machines that do show up seem to be random, and are from all areas of the building.

Link to post
Share on other sites

Hi @tdhaslett, the utility uses NetBT over SMB which has been restricted by Windows Updates. You can check the state of the netbios ports on that client, you'll need a tool called NMAP. Get the tool here:

Install it to your server, then run zenmap.exe. Input this scan, where x=the target pc's IP:

  • nmap -sU -p 135,137,139,443,445 xx.xx.xx.xx

 If the ports show up as closed or open|filtered, that machine will not show in your console's push utility.

Example for a machine that will not show up:

59513b7a73efa_137filtered.png.4aa5b360ba2e183da45ecb37c7e798ca.png

 

Example for a machine that will show up:

59513b8538410_137open.JPG.07f2ddfe662908efc0e19229d6aecbd4.JPG

Link to post
Share on other sites

Nice, we've got solid identification on the issue. There's three workaround options available:

  1. Modify (if existing) or create the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters|AllowNBToInternet on the destination computer, it is a 32 bit dword with a value of 1.
  2. You can also bypass this with a GPO to allow an exception for netbios if you are still using Windows Firewall:59516d42dcaf3_KBGPOWorkaround.jpg.d081244d557213aeda12a343d42319b4.jpg
  3. Use an offline installer package created by the console in Policy -> Create Installation Package to install locally or through GPO/SCCM.
Edited by djacobson
picture failed to load
Link to post
Share on other sites

Thakns again Dyllon!

I've done Option 1 via my PDQ Deploy server and scanned a few times. I get a few more machines showing up each time. Is it possible to restart a service on the computers to accelerate the progress? Perhaps the TCP/IP NetBIOS Helper service?

Link to post
Share on other sites

  • 4 months later...

The most reliable option I have found while testing is to utilize GPO and perform the following:

  • Open ports 135, 137 and 445
  • Set WMI predefined GPO options
  • Set RPC predefined GPO options
  • Set inbound remote admin GPO options
  • Run a GPUpdate /Force
  • Restart the endpoint(s) to receive and process the new GPO

Then Scan for clients in Admin > Client Push Install and use the "Scan network and detect client software", "Enable WMI" and "Enable serial client IP detection" options.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.