Installing Octoscan2

Publish Octoscan2 to the Network

You are completely free on how to make Octoscan2 available on the network. Either use a global share visible to all Users and Machines (recommended) or publish it to several locations depending on your network topology or security requirements.

Warning!

Its important to make sure that Octoscan2.exe and octoscan.config are read-only for all users and cannot be overwritten except by the OctoSAM Inventory administrator. All parts of the Path must be readable by the executing user. Due to a bug in Windows 7, NTFS bypass traverse checking is not supported for starting Octoscan2.

Warning!

When you install the scanner locally on your windows machines using any type software management system, do not install it in %ProgramFiles%/OctoSoft or a subfolder of that. You may risk conflicts with other Octosoft tools in the future.

Start Octoscan2 at User Logon

Good practice for starting Octoscan2 for all users and machines in your network is to place a call to Octoscan.exe in your login script or define a group policy to start the executable at logon.

Tip

This forum thread provides information about how to Setup GPO and Security Zones

See Chapter “Push Installation” on how to handle mobile Machines that do not frequently log on to the corporate network.

Server Scans

On Servers, some features can only be scanned if the scanner runs in elevated Administrator user context:

  • UAL Usage Data from WMI (Windows Server 2012 or newer)
  • UAL Overview Data from WMI (Windows Server 2012 or newer)
  • Hyper-V Information (Windows Server 2012 or newer)
  • Cluster Information (Windows Server 2008 or newer)

If you need this information, you have to make sure that the scanner runs with Administrator permission from time to time.

Tip

A proven way to start the scanner on servers with admin rights is to schedule a Scheduled Task via Group Policy.

Collect the Generated .scan Files

Octoscan2 writes its compressed output file (the scan file) to a folder you specify via the OutputFolder parameter in the configuration file.

The filename consists of a GUID to make sure that each generated scan file name is unique and does not get overwritten by other scans.

Most convenient configuration is to have all scan files written to a globally visible share, where they are directly processed by the Import Service. But again, you are free to use any method for collecting scan files and make them available to the OctoSAM Inventory Import Service.

You can also use the OctoSAM Inventory Replication Service to collect scan files from a set of remote locations.

Warning!

All Users must have write permissions to their configured OutputFolder. For security reasons you might want to configure different OutputFolder settings for different user or machine groups. You can do this by using conditional configuration in your configuration file, by using multiple configuration files, or through environment variable expansion within the configuration file.

Using advanced NTFS access right configuration, you can also configure a drop only folder where files can be written but not read or modified once they are written, see: http://sysadmin1138.net/mt/blog/2009/10/filesystem-drop-boxes-on-ntfs.shtml

Command Line Options

% Octoscan2 options
/clean
Immediately clean all local traces of Octoscan2, regardless of any settings in the configuration file. This removes all local files and registry settings.
/f
Force an immediate full scan, regardless of any settings in the configuration file.
/keep
Together with /show: keep the window open even if Octoscan2 would exit based on the current configuration.
/q
Gracefully end an active Octoscan2 scan process running in the background. This option can be used to stop Octoscan2 when Metering is enabled.
/show
Show the program window during operation
/reveal
Show the program window of the active Octoscan2 scan process running in the background. This option can be used to inspect status messages of a running Octoscan2
/tag:tag
Allows to specify a tag name that is stored in the .scan file and can later be used to identify the invoker of the scanner.

% Octoscan2.exe /tag:startedfrommygpo

For example, if you invoke octoscan2 from multiple policies, you can specify the policy name here. This lets you identify which policy caused the scan.

/x
Disable exception handling code on program level. Used for debugging only.

Metering Mode

If Metering is not enabled, Octoscan2 exits after producing the scan file. On the other hand, in metering mode, the scanner needs to be active during the whole user session. At startup, a scan file is produced as usual, including summarized metering information gathered in the previous session.

Metering Information is stored locally on the computer until the next invocation of Octoscan2.

Immediate Metering Mode

In Immediate Metering Mode, Octoscan2 will periodically write an immediate metering file which can be imported instead of saving metering locally for the next scan. This can be used in terminal server and Citrix farms if there is a high probability that the user will not work on the same server within a reasonable time or where the Servers are periodically reset.

Upgrade Octoscan2

If you want to update Octoscan2 on a central share, Windows will most likely block the update because of open file handles, especially if Software Metering is active. Usually, it's not a problem to close the open file handles from the server side if you update outside peak hours. The script

% close_octoscan2_handles.cmd

provided in Support/Scripts closes just the handles to Octoscan2.exe leaving other open file handles to the share intact. Octoscan2 also provides a scheme for updating the scanner without having to close handles see this Forum article.