Applies to LDMS 8.8 & LDMS 9.0
Software Packages found in a client’s inventory are made up and gathered from two different segments. Executed software packages and Discovered software packages.
To make the process easier to understand, the segments are being referred to by two different names. These names serve only the purpose of understanding the process and are not intended to be used outside of this document.
Executed software packages
During a managed client’s use, programs that are executed are tracked by softmon.exe. Softmon inspects the file and stores information about the file in the registry. This information stored in the registry is referred to as usage data. A registry key is written to the following location for each executed program: HKEY_LOCAL_MACHINE\SOFTWARE\LANDesk\ManagementSuite\WinClient\SoftwareMonitoring\MonitorLog
How executed software packages are scanned
At the beginning of the software scan the first piece of information gathered is the usage data from the registry. The process ldiscn32.exe opens the MonitorLog registry key listed above. Example:
One by one ldiscn32.exe will enumerate the MonitorLog keys. After each key is enumerated then an individual file software scan is initiated on that file at its physical location. The remaining file information is gathered from the physical package.
This serves two purposes.
1) 1) If the file does not exist on the drive where it is expected, then the inventory scanner will discard it as a package and not return it in the scan file. This way the software package information is accurate. 2) Softmon.exe does not store all the information about the file that is captured by the discovered scan. So by doing a scan on the file, the package will have complete information instead of just usage. Usage only captures information shown in the screenshot above.
Once done the scanner will enumerate the next key and scan the next file.
Example of the Inventory scan information that is returned after the execution data is combined with the file data.
The operation type that ldiscn32.exe uses on the files when conducting the scan for a file on the network is QueryBasicInformationFile. Otherwise for local files the Operation is QueryOpen. For instance, if \\core88\ldlogon\wscfg32.exe has been executed, then ldiscn32.exe will use the same path to gather file information.
Limitations that do not apply to executed software
Executed software package scanning is not bound by the same limiting switches and functions that discovered software packages are. For instance, the ldappl3.ini has a section called excludedir which prevents file scanning in a directory. Also, the inventory scanner has a switch /D= which limits to and specifies a start in directory for scanning. Lastly, if mode=listed in the ldapp3.ini limits normal scanning to what is listed or predefined. None of these apply to executed software scanning. If these limitations did apply then SLM data including usage data would be skewed and affected.
Discovered software packages
Discovered software packages are files discovered during the file software scan. Only files that meet the scanning criteria such as file extension are discovered.
How discovered software packages are scanned
After the inventory scanner finishes the executed software packages it proceeds to scan the managed node for any software package that meets scanning criteria. Scanning criteria is a combination of switches used with ldiscn32.exe and the configurations defined in the ldappl3.ini.
The software scan returns the following information in the scan when discovering packages.
Examples of limitations and configurations:
Inventory scanner parameter
Using the switch /D=(drive\directory) will force the software scan to start in the specified directory and search subdirectories. The software scan will be limited to what is specified and not search folders that are not specified.
"C:\Program Files\LANDesk\LDClient\LDISCN32.EXE" /NTT=CORE88:5007 /S=CORE88 /I=HTTP:// CORE88/ldlogon/ldappl3.ldz /V /D=c:\windows\
Main LDAPPL3.INI configurations
ScanExtensions=(extension)
ScanExtensions lists the extensions that will be searched for. Default is .exe(recommended)
ExcludeDir=(directory)
Excludes the folder specified and all sub-folders from software scanning.
Mode=(mode)
Determines if the scanner scans files listed in the ldappl3.ini or not. Possible values (all, listed, unlisted). Default setting is listed (recommended).
Using other modes must be carefully considered, for instance MODE=ALL will force machines to scan for every single file meeting the scan extension setting. This will create very large scan files, also the database tables will become much larger due to the additional data.
Conclusion
Both segments of the scan provide the most complete information possible after being combined. The information is placed in the “Computer – Software – Package” section of inventory.