Examples
This section provides examples of running the AIT console application. There are three main sections:
Discovery Methods
The Discovery method determines how computer devices will be discovered on the network. Each discovered device will be pinged to determine if they are currently active on the network, and if they are they will be included in the scan.
The discovery methods available are outlined below.
To ensure proper data collection, the /fp (file package), /lu (last used), /rp (registry package), and /sl (software log) parameters must always be specified when using any of the discovery scan methods.
AIT must be run from an administrative command prompt when running any of the commands below. Example:
- Click Start (also shown as the Windows logo in the Start menu).
- Type Command Prompt and right-click Command Prompt when it appears in the Start menu.
- From the resulting context menu, click Run as administrator.
Active Directory
To discover devices from Active Directory, the /domain parameter can be used. This will retrieve devices from the specified domain, and output a local file called AD_Computers.txt, which will be included when scanning. For example:
AIT.exe /domain acmecorp.local /fp /lu /rp /sl
To limit Active Directory discovery to a specific branch of the Organizational Unit tree, an LDAP address can be used. For example, to limit device discovery to just devices within the Computers OU in the acmecorp.local domain, the /domain parameter can be specified as:
<p>AIT.exe /domain CN=Computers,DC=acmecorp,DC=local /fp /lu /rp /sl</p>
IP Range
To discover devices via an IP address range scan, the /iprange parameter can be used, specifying either the IP range in the format “from-to”, for example “10.211.55.1-10.211.55.255”, or via a CIDR network address, for example “10.211.55.1/24”. Both of these examples identify the same network range.
The IP address range scan uses ICMP to ping each IP address within the range, and each address that responds will be included in the inventory scan. Here is an example of using the "from-to" format:
AIT.exe /iprange 10.211.55.1-10.211.55.255 /fp /lu /rp /sl
Here is an example of using a CIDR network address format:
AIT.exe /iprange 10.211.55.1/24 /fp /lu /rp /sl
AIT will attempt to ICMP ping each IP address, and if there is a response, the IP address will be included in the inventory scan. If your environment is not configured to allow ICMP echo requests, it will need to be configured before using this method. More information for enabling ICMP options via Group Policy can be found here: https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/create-an-inbound-icmp-rule
Device List
To scan multiple devices from a device list, create a text file with one computer per line, for example:
# Lines starting with hashes act as comments and will be ignored.
ACMEPC01
ACMEPC02
ACMEPC03
AIT can read the file and scan each device using the /file parameter. For example:
AIT.exe /file C:\AIT\computers.txt /fp /lu /rp /sl
Authentication
When credentials need to be entered to authenticate to devices, there are two options. First, the /user and /password command line switches can be used. For example:
AIT.exe /computer ACMEPC01 /user User01 /password Pswrd01 /fp /lu rp /sl
However, this is not the best practice as the credentials are stored and displayed in plain text. The recommendation is to use the Secure Credentials Utility to generate encrypted credentials.
Importing and Exporting Data
Importing Data Stores
When using the Logon / Startup Script mode of operation, USB Drive method, or when multiple instances of ScanWin have been deployed, the data stores created by these can be imported into a central ScanWin instance, which will consolidate the scan results. For example:
AIT.exe /import C:\AIT\Data
Exporting Data
Using AIT with the /export and /output parameters outputs a .XLSX file prefixed with the base file name. For example:
AIT.exe /export /output C:\AIT\Export\Acme-Corp
This will export into the folder C:\AIT\Export, with the log file name having the prefix Acme-Corp. If the /output parameter is not specified, the export will output to .\Output.
Additionally, if the /exportfiles parameter is specified, any collected files are output within a CollectedFiles folder where there will be a subfolder for each device that has collected files, and a folder per file (as multiple files with the same name may be collected).
AIT persists the results of each scan in a local XML data store called DataStore.xml, and all devices that have been scanned within the last 90 days will be included in the output reports. This enables multiple scans to be combined into a single data export.
The .XLSX file that is output from AIT can be opened in Excel as a tabular report, where it can be filtered and reviewed.