Logon / Startup Script Scan Setup
By installing and configuring Autodesk Inventory Tool in a centrally accessible location, it can be run as part of a user logon script or a device startup script. In this mode, AIT will inventory the local device and save the results to a central location, with one data store file per device. These individual device data stores can then be imported into an instance of AIT. AIT will only inventory the device if it has not yet been scanned, or a re-scan is due.
This has the benefit that it is not restricted by device firewalls and will run with the local logged on user’s credentials. This requires that Microsoft .NET Framework v4.5.2 or later is installed on each device that will run AIT.
The following describes how to deploy AIT to perform a network inventory scan via logon script. It covers basic setup for a small environment, further planning may be required for larger multi-site networks.
On a server that is centrally accessible, create a folder to hold AIT and a folder to hold the collected data, for example:
- C:\AIT: Root folder that will be shared (Read Only)
- C:\AIT\AIT: Folder to hold the AIT application files (Read Only)
- C:\AIT\Data: Folder to hold the collected data files (Read and Write)
Set permissions on the root folder so that Authenticated Users have Read & execute, List folder contents and Read permissions and apply to subfolders and files:
Set the permissions on the Data folder so that the Authenticated Users group have Modify, Read & execute, List folder contents, Read and Write:
Share the root folder and add Authenticated Users to the share permissions, granting Change and Read permissions:
When combined with the folder permissions, this grants authenticated users read only rights to the share and the AIT application, and read/write permissions to the data folder, so the data store files can be created and updated when users logon.
\\SERVER01\AIT Root folder shared read only access
\\SERVER01\AIT\AIT AIT application folder in the share read only access
\\SERVER01\AIT\Data Data folder in the share read/write access
Copy the contents of the Autodesk inventory Tool folder from C:\Program Files (x86)\Autodesk\Autodesk Inventory Tool\ into the shared C:\AIT\AIT folder:
There should be exactly 51 files present once the copy is complete.
Using a text editor such as Notepad, edit the AIT.exe.config file within the AIT folder, and make the following changes:
- DataStorePath: Set to the UNC path to the data folder within the share, making sure there is a trailing ‘\’.
- PerComputerDataStore: Set to True, so each device running ScanWin saves to a separate data store in the DataStorePath.
For example:
<setting name="DataStorePath" serializeAs="String">
<value>\\SERVER01\AIT\Data\</value>
</setting>
<setting name="PerComputerDataStore" serializeAs="String">
<value>True</value>
</setting>
From a remote machine, run AIT from the AIT application folder from within the share with the parameters "/c localhost /fp /lu /rp /sl" to scan the local computer, for example:
\\SERVER01\AIT\AIT\AIT.exe /c localhost /fp /lu /rp /sl
Confirm that it has run correctly and saved the results within the Data folder within the share. If no results appear in the Data folder, confirm your permissions are set properly.
A batch file should be used to execute AIT which will be itself called by the logon script or will itself be the logon script. The following is the recommended script to be used:
@ECHO OFF
REM Batch script to start Autodesk Inventory Tool to scan the local machine
Title Autodesk Inventory Tool
REM Set the path to the Autodesk Inventory Tool directory share
SET AIT_DIR="\\SERVER01\AIT"
REM Only run if .NET Framework 4.5.2 or later is installed
REG QUERY "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319\SKUs\.NETFramework,Version=v4.5.2" 2>nul
IF ERRORLEVEL 1 (
GOTO DOTNETNOTINSTALLED
) ELSE (
GOTO DOTNETINSTALLED
)
:DOTNETINSTALLED
REM Execute Autodesk Inventory Tool to perform a scan of the local machine
IF DEFINED COMPUTERNAME (
REM Use the actual computer name when available
START "AIT Local Scan" /B /D "%AIT_DIR%\AIT" "AIT.exe" /c %COMPUTERNAME% /o "%AIT_DIR%\Data\%COMPUTERNAME%" /fp /lu /rp /sl
) ELSE (
REM If not, use localhost to identify the local machine
START "AIT Local Scan" /B /D "%AIT_DIR%\AIT" "AIT.exe" /c localhost /fp /lu /rp /sl
)
EXIT
:DOTNETNOTINSTALLED
REM .NET Framework 4.5.2 is not installed, create a log file to indicate this
IF DEFINED COMPUTERNAME (
ECHO %COMPUTERNAME% does not have .NET Framework 4.5.2 installed > "%AIT_DIR%\Data\%COMPUTERNAME%.LOG"
)
EXIT
A copy of the above script can be downloaded here.
The AIT_DIR variable must be modified to point to the share where the data and log files should be written. For example:
SET AIT_DIR="\\ACMEDC01\AIT"
The above script can be copied into the NETLOGON share for the domain or placed in the shared AIT folder. If copying into the NETLOGON share for the domain, copy the batch script to:
C:\Windows\SYSVOL\sysvol\<domain>\scripts
To test running as part of a logon script, either call this batch script from the existing logon script, or if there is currently no logon script, for a test user, enter the batch script name in the Logon script field for the user:
Once it has been tested, it can be rolled out to all relevant users by amending each users Profile in Active Directory Users and Computers using the instruction above or it can be rolled out via Group Policy. Instructions for using Group Policy are included below.
Open the Group Policy Management console from Control Panel > System and Security > Administrative Tools
Expand the Domains tree, right-click a domain or OU name, and select Create a GPO in this domain and Link it here...
In the New GPO dialog box, give the GPO a descriptive name, then click OK
Locate the new GPO in the Domains tree (under the domain or OU that you selected above), right-click it, and select Edit
You now need to determine if you need to use a Logon Script or a Startup Script:
- If your end users have administrative privileges to their local PC, use a Logon Script
- If your end users do not have administrative privileges to their local PC, use a Startup Script
In the Group Policy Management Editor, navigate to User Configuration > Policies > Windows Settings > Scripts (Logon/Logoff), then double-click Logon in the right pane
In the Logon Properties window, click Show Files...
Copy the AIT_Network.cmd batch script into the folder and close the window
In the Logon Properties window, click Add...
Click Browse to open the logon script directory, then select the AIT_Network.cmd batch script and click OK
Verify that the script now appears in the list on the Logon Properties window, then click OK
Close the Group Policy Management Editor window for your GPO, then close the Group Policy Management window
In the Group Policy Management Editor, navigate to Computer Configuration > Policies > Windows Settings > Scripts (Startup/Shutdown), then double-click Startup in the right pane
In the Startup Properties window, click Show Files...
Copy the AIT_Network.cmd batch script into the folder and close the window
In the Startup Properties window, click Add...
Click Browse to open the startup script directory, then select the AIT_Network.cmd batch script and click OK
Verify that the script now appears in the list on the Startup Properties window, then click OK
Close the Group Policy Management Editor window for your GPO, then close the Group Policy Management window
Once all PC's have been inventoried, double-click the Autodesk Inventory Tool shortcut located on the desktop and import the results from the Data share using the steps included in the Importing Data Stores section.