Hi,
I've got a computer in the Essentials dashboard that shouldn't be there. Its name is DESKTOP-XXXXXXX where "XXXXXX" looks like a Dell Service Tag, for an OptiPlex 7020. It shows as Offline, Backup status Unknown, no update or security status, no alerts.
I don't recall ever connecting a Dell desktop to this server. I can't find any matching computer in Active Directory Users and Computers, DNS, registry, or the file system.
I know how to remove a computer from the Essentials dashboard, but before I do that, I'd like to know how it got there. Doesn't a machine have to be running Essentials Connector to show up in the dashboard? If someone ran the connector pointed at our server on the HTTPS address, but could not authenticate, would their machine still show up?
Where is the device list stored? It would help if could track back to determine when it was added.
Thanks for any thoughts,
Mark
Is it listed in ADUC?
No, couldn't find it in ADUC, DNS, registry, or the file system. That's why I'm wondering where the Essentials dashboard gets its info. A database? An XML file somewhere? Any way to see when the computer was added?
You should be able to see the certificate that was handed out to that computer in the CA. In issued certificates sort by column 'Issued Common Name' and find the computer. On that certificate you can see the date it was issued and in most cases that is also the date the Connector software was installed.
Okay that’s just brilliant! Thank you. Yes, that gives me a date and time in January 2020. I’m trying to remember if I was somehow testing a donated computer or something… Are you aware of any logs that keep track of computer joins? It would be nice to know the network IP address that it had at the time. Hmm…wonder if my router logs go back that far.
I've just removed the device from the dashboard, which revoked the certificate as expected.