GFI LanGuard uses standard Microsoft operating system protocols to query the Active Directory for the domain controller. It then queries the domain controller for the information on the computer(s) in the domain.
This article guides you on how GFI LanGuard determines the OU (Organizational Unit) of a computer.
Test Outside of GFI LanGuard
- Run the following command:
runas /user:<LanGuard_Attendant_Service_Account> cmdEnter the password for the account.
NOTE: Alternately, you can log in to the LanGuard server using the LanGuard Attendant Service Account credentials.
- Run the command in the cmd window from step 1:
- Run the following command to get a list of all computers in the domain
dsquery computer domainroot -s <DomainController>
GFI LanGuard Getting OU Information of a Computer
- GFI LanGuard checks for the existence of an activedirectorycomputers.xml file on a 2003 class computer on either of the two the following locations:
C:\ProgramData\GFI\LanGuard 11\Cache\ directory
C:\Documents and Settings\All Users\Application Data\GFI\LanGuard 11\Cache\
- If activedirectorycomputers.xml is present and is less than 24 hours old, it checks the file for the computer OU.
- If the activedirectorycomputers.xml is greater than 24 hours old or is missing, the
PlatformServicesmodule does a lookup of all computers in the domain (not just the ones in the database) and refreshes or create the
- If the computer is not listed in the file, the computer is placed in the base of the domain.
- New computers that have been added to the domain in the last 24 hours or moved their position in the OU structure do not detect the new position.
An immediate caching of the entire domain can be forced by choosing to Add more computers in the wizard: Add computers from network > Refresh domains list.