Q: Should I install the program on a server or on a workstation?
A: Both a server and a workstation can run Total Network Inventory 3. It’s just a matter of usage convenience, because it's not a client-server application, and you need to have access to the graphical console of the computer it's installed on, either directly or by using a remote desktop utility. However, if you run it under the domain admin account, you’ll be able to scan all computers as "current user" – otherwise you’d need to specify domain admin credentials explicitly.
However, take note that if you install the program on Windows XP SP2/SP3 or Vista SP0/SP1 and there are a lot of scan threads launching simultaneously, there may be issues with connections to remote computers. This is caused by a restriction on the maximum number of TCP half-open connections (connection attempts, SYN_SENT socket state) existing in the aforementioned Windows versions, which doesn't allow for more than 10 outbound connections to be in this state at a time. After reaching this limit, all other connections in the system (including those executed by this program) are queued and may reach their timeout, thus producing inconsistent results. This issue is also known as the “Event 4226” issue, because reaching the limitation produces a record in the System Event Log with EventID 4226. Windows 2000, Windows XP SP0/SP1, Windows Vista SP2, Windows 7/8, and all Windows Server systems don't have such a limitation. Thus, in the general case, we recommend to install the program on server systems or modern desktop systems.
Q: How to backup/restore the Storage or move the program to another computer?
A: The Storage is located in a separate folder (file system directory). It can be located by right-clicking the storage root group and selecting Show in Explorer. Then go up one level and copy/archive the whole storage folder.
Program settings can be backed up by copying/archiving a folder entitled Total Network Inventory 3 in your account's Application Data folder (referred to by %APPDATA% environment variable), if you chose Install for me during the program installation. If you chose Install for all, the settings are stored in "С:\Documents and Settings\All Users\Application Data\Total Network Inventory 3" (Windows 2000/XP/2003) or "C:\ProgramData\Total Network Inventory 3" (Windows Vista/7/8/10/2008/2012). You can also find this folder by clicking Open tasks folder in the Scanner tab or Open templates folder in the Table reports tab and then going up one level.
To restore the program, install it on another computer (but don't run it) and extract your backed-up settings to the Total Network Inventory 3 folder in the Application Data folder for your profile or all users, depending on your choice during the installation (after the installation, this folder is automatically created and contains one file: config.ini). Also, extract the storage folder locally: for instance, to My Documents. Then run the program and browse to the storage folder when prompted (if its location differs from the path stored in previous settings).
Q: How do I deal with the errors "Access is denied" or "Unknown user name or bad password"?
A: These errors can occur for several reasons:
Check your username and password.
You need to have administrator access to remote computers to be able to scan them (local administrator or domain administrator rights). If you have logged on as domain administrator or remote computers have the same name and password for the local administrator account as your account, you can use the Current user scan option. Otherwise specify the user name in full format: DOMAIN\Administrator.
Remote administrator access with blank password is not allowed starting with Windows XP.
This version of Windows cannot be scanned remotely. It’s an OS limitation, and the Access denied error will be displayed at all times. However, it’s possible to scan XP Home locally by running the standalone audit tool tniwinagent.exe (located in the program's installation folder) on that machine. It’ll generate an .inv file with scan results, which should be copied to the program's storage (it will be imported upon TNI’s next launch or immediately, if TNI is running) or imported by using the Storage main menu or any group's context menu.
Workstations running Windows XP, Vista or later client versions and not connected to a domain don't allow the local administrator to authenticate as himself by default. Instead, the ForceGuest policy is used, which means that all remote connections are mapped to the Guest account. But again, the administrator rights are required for running the scan. Thus, you need to update the security policy on each computer using one of the following ways:
* Run secpol.msc, expand Local policies / Security options, locate the Network access: Sharing and security model for local accounts policy and change its value from Guest to Classic.
* Disable the Use simple file sharing option in File Explorer’s Folder Options.
* Modify the registry: set the forceguest value, located in the "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa" key, to zero.
For Windows client versions starting with Vista, an additional step should be taken: it concerns the User Account Control (UAC). It restricts administrator rights for remote logons in certain cases. You should either disable UAC or make changes to the registry: create a DWORD parameter (name: LocalAccountTokenFilterPolicy; value: 1) in the "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system" key (source). A reboot may be required.
You can modify both settings easily by running a .reg file with the following contents on such computers (omit the last two lines for Windows XP):
Windows Registry Editor Version 5.00
Q: How do I deal with the error "RPC server is unavailable"?
A: This error may be caused by one of the following reasons:
Try temporarily disabling the firewall on the remote computer. If the target computer runs on Windows XP SP2/SP3, Vista or 7, see the question regarding the Windows Firewall setup.
According to the Microsoft documentation:
"WMI is preinstalled in Windows 7, Windows Vista, Windows Server 2008, Windows Server 2003, Windows XP, Windows Me, and Windows 2000.
Windows NT Workstation 4.0 SP4 and later: WMI is available through "Add/Remove Windows components" in Control Panel, as WBEM option install. A later, more comprehensive, version is available as an Internet download from http://www.microsoft.com/downloads. See "WMI CORE 1.5 (Windows 95/98/NT 4.0)".
Windows 98/95: WMI CORE 1.5 (Windows 95/98/NT 4.0) is available as an Internet download from http://www.microsoft.com/downloads. This download requires Microsoft Internet Explorer version 5 or later."
The Windows Browser service updates the computer list every 12 minutes, so a computer can go offline, but remain visible in My Network Places. However, in this case you are more likely to get the Ping failed status. But if the ICMP protocol (ping, echo) is not allowed in your network, you might want to disable pinging in Options - Scanner - Use ICMP ping. After this, you will be able to scan online hosts which don't respond to pings, but all offline hosts (and also unoccupied IP addresses) will show the RPC error status, and thus it will slow down the scanning of large IP groups or ranges.
If you scan the computer by name, it could be resolved to an invalid or not existing (unoccupied) IP address due to problems with DNS or WINS. If you scan the computer by IP address, you are likely to receive Ping failed, but if pinging before scanning is disabled, you will receive the RPC error when scanning an offline or unoccupied address (see the previous point). A TNI user has encountered this problem and described it on our forum: http://www.softinventive.com/forum/index.php?showtopic=428
If the scanned name or IP address belongs to a network device which can be pinged, but is not a Windows computer (NIX-computer, network printer, router, managed switch, type library, IP phone, firewall, thin client, etc.), it cannot be scanned via the RPC protocol and shows this error. However, the program tries to scan this host via other protocols (SMB, SSH and SNMP), and the scan result may vary depending on the settings for these protocols and the nature of the scanned network host.
Q: How can I find out which port numbers are used by TNI, so I can configure the firewall?
A: By default, TNI uses the SMB protocol to scan Windows computers. It can be allowed by enabling the File and Printer Sharing exception in the Windows Firewall or TCP port 445 in other firewalls. You could also enable TCP port 139 (NetBIOS) for older systems.
Also, TNI uses the RPC protocol to scan Windows computers (direct WMI connection) if SMB fails. To allow remote RPC connections, you should either disable Windows Firewall or set it up in the following way:
Q: How do I deal with the following warning "TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts"?
A: This warning may appear when you run the network scan under Windows XP SP2/SP3 or Windows Vista SP0/SP1 with port scan enabled. In these operating systems a controversial limitation of not more than 10 concurrent TCP connect attempts ("half-open connections") has been introduced by Microsoft to reduce the speed with which malicious software spreads over the networks. You can find more information in this Microsoft article. When you see this message in the scanner log, it means that the program detects that some computers have no open ports and there is an event with ID 4226 (source: Tcpip) in the system Event Log with the same message. As a consequence of reaching the aforementioned limitation, the program cannot reliably detect whether ports on computers are open or not. That's why the program starts to ignore the port scan results and connects to all computers using all selected protocols to provide successful scans. This policy remains active during the current session, that is, until the next program restart. To avoid this warning you can do the following:
Q: How to fix the error "No network provider accepted the given network path"?
A: Take the following steps:
Q: How to fix the error "Call was canceled by the message filter"?
A: Take the following steps:
Q: How do I set up the program to scan computers when users log on to a domain?
A: This is a shortened guide. The full version of this guide is available here.
Q: Is it possible to scan Windows 95/98/NT machines?
A: It's possible, however these systems can only be scanned remotely (via the RPC protocol). First of all, you should install Microsoft WMI core components for Windows 95/98/NT. WMI CORE 1.5 (Windows 95/98/NT 4.0) is available as an Internet download from http://www.microsoft.com/downloads.
Then place a link to "\WINDOWS\SYSTEM\WBEM\WinMgmt.exe" into the startup folder and reboot, or run the file manually.
Additionaly, in order to perform the remote online scan, you need to run a registry file (*.reg) with the following content on a Windows 95/98 machine:
Alternatively, you may change these values manually. Rebooting is advised. After this, you should be able to connect remotely using any credentials or as current user.
Please note that support for Windows 95/98/NT is provided "AS IS", because Microsoft has officially stopped supporting these operating systems.
Q: I have selected several assets in a network tree, but the report shows only one. Why?
A: In TNI 3 the Network tree has two node selection modes: single and multiple. To build a report for several nodes, either select a group (the report will be built for all assets in this group and all subgroups) or enable multiple selection by ticking the Multiple selection checkbox over the tree — checkboxes will appear in front of each node. Rectangular selection (as well as selection using Ctrl or Shift) is not used for building reports and is used for working with the nodes in the tree (drag'n'drop moving, deleting, etc). For more details, see Selecting a node.
Q: How to get a list of computers which have particular software installed?
A: Go to the Software accounting tab, use the Search bar and filters to find the necessary software and select it to display a list of computers it's installed on (in the details area on the Installations page). You can select the items in the list and copy or export them, or click the Installations summary link to get a printable report.
Q: Why does the program show that no antivirus (or firewall, or antispyware) is installed?
A: TNI 3 can recognize all antiviruses and firewalls (in Windows XP SP2/SP3, Windows Vista, 7, and 8) and antispyware (only in Windows Vista, 7, and 8) that support Windows Action Center (previously known as Windows Security Center), that is, if they are displayed by the Action Center. The vendors of antivirus (firewall and antispyware) software should provide this support from their side, because they have to publish the product information and status to the system in a special way. Otherwise neither our product, nor Windows itself can recognize such software (in this case Windows Action Center should usually generate a message from time to time that the computer is not protected by antivirus/firewall/antispyware).
Unfortunately, even with the support from the side of the security products, this does not work on Windows 2000 and earlier and also on all Windows Server systems, because they don't have Action Center, that is they don't provide an interface for these products to publish their status to the system and thus to other applications.
We are going to add support for direct detection of the most popular products without dependency on the Action Center interface in the future versions of our program.