(imported topic written by mcalvi91)
when we run an local subnet scan, we have several failures on the task where they all seem to fail at the same point in the task (see below).
In addition we have a few systems reporting in as unmanaged assets which are infact managed. We can find the system in the bigfix console as having recently reported. We were wondering what the Asset discovery system utilitizes to determine that an asset is unmanaged?
===================
The action has been run 1 time, and will not be run again.
The action failed.
Completed: delete __appendfile
Completed: delete folder.bat
Completed: appendfile @ECHO OFF
Completed: appendfile mkdir “{pathname of windows folder & “\temp\nmap”}” > NUL 2>NUL
Completed: appendfile del “{pathname of windows folder & “\temp\nmap\nmap*.xml”}” > NUL 2>NUL
Completed: move __appendfile folder.bat
Completed: wait “{pathname of client folder of site “BESSupport” & “\RunQuiet.exe”}” folder.bat
Completed: // run nmap with default parameters
Completed: regset "
HKEY_LOCAL_MACHINE\SOFTWARE\BigFix\EnterpriseClient\BESScanner-NMAP
" “LastScanStartTime”="{now}"
Completed: delete nmapquiet.bat
Completed: // create a batch file so that the NMAP scan will be silent
Completed: delete __appendfile
Completed: delete nmapquiet.bat
Completed: appendfile @ECHO OFF
Completed: appendfile “{pathname of client folder of site “BESSupport” & “\RunQuiet.exe”}” “{pathname of folder “BESScanner-NMAP\NMAP” of parent folder of regapp “BESClient.exe”}\nmap.exe” -sV -sS -sU -p T:22,T:23,T:80,T:135,T:139,T:445,T:235,T:61616,U:{value “ListenPort” of key “HKEY_LOCAL_MACHINE\SOFTWARE\BigFix\EnterpriseClient\GlobalOptions” of registry} --exclude “{concatenation “,” of (addresses whose (it as string != “0.0.0.0”) of ip interfaces whose (loopback of it = false) of network as string)}” {if (exists key “HKEY_LOCAL_MACHINE\SOFTWARE\BigFix\EnterpriseClient\BESScanner-NMAP” whose (value “NmapVersion” of it as string as version >= “4.20”) of registry) then " -O1 --osscan-guess" else " -O --osscan-guess"} -T 4 { (unique value of (subnet addresses whose (it as string != “0.0.0.0”) of ip interfaces whose (loopback of it = false) of network as string) as string) & “/” & (number of bits (0;1;2;3;4;5;6;7) whose (it) of ( it as integer ) of ( if it contains “.” then preceding text of first “.” of it else it ) of ( it; following texts of substrings “.” of it ) of ( unique value of (subnet masks of ip interfaces whose (loopback of it = false) of network as string ) as string) as string) } -oX “{pathname of windows folder}\temp\nmap\nmap-{computer name}-{(now - “01 Jan 1970 00:00:00” as local time)/second}.xml” >NUL 2>NUL
Completed: move __appendfile nmapquiet.bat
Completed: // run nmap scan
Completed: wait “{pathname of client folder of site “BESSupport” & “\RunQuiet.exe”}” nmapquiet.bat
Completed: // update reg statistics
Completed: regset "
HKEY_LOCAL_MACHINE\SOFTWARE\BigFix\EnterpriseClient\BESScanner-NMAP
" “LastScanFinishTime”="{now}"
Failed: regset "
HKEY_LOCAL_MACHINE\SOFTWARE\BigFix\EnterpriseClient\BESScanner-NMAP
" “NumberOfScansRun”="{value “NumberOfScansRun” of key “HKEY_LOCAL_MACHINE\SOFTWARE\BigFix\EnterpriseClient\BESScanner-NMAP” of registry as integer + 1}"