Open topic with navigation

Use > Inventory > Running an Active Directory Scan

Running an Active Directory Scan

After a gateway is first installed, you can use the Scan Active DirectoryMicrosoft's Active Directory is a service that stores and manages network-based entities such as applications, files, printers, and people. option to scan the network for computers that are not audited. For information about gateways and how to install them see Managing Gateway Settings.

Before performing the Active Directory scan, make sure to open the network ports for the gateway to communicate effectively with the domain controller. In your firewall settings for the service, enter port 53, and select the option UDP (for DNS) or TCP protocol. To manually open ports in your Internet connection firewall, refer to operating system help.

Scan the Network for Computers Not Being Audited

1. Log in to the Service Desk Console as a Discovery Manager and choose the Gateway tab.
2. Click Scan Active Directory.
3. At the prompt, click Yes. An agent task for the gateway is created. After the gateway receives the task, the scanning process starts.

When the scan finishes, the computers that are not audited are listed. The following types of machines are discovered: CI.Workstation and CI.Server.

After the agent is deployed, as described in Deploying Agents to Other Computers, types of CI.VirtualWorkstation and CI.VirtualServer are detected.

If the system does not detect the configuration item type or operating system, it is identified as an unknown device. See View Discovered Assets and Change the Type.

When a configuration item is discovered, the Discovery Method field is populated in the Audit Detail section of the Details tab, as shown:

Apart from the Active DirectoryMicrosoft's Active Directory is a service that stores and manages network-based entities such as applications, files, printers, and people. scan, the other discovery methods are SCCM, LanProbe, Netscan, remote, user created, self registered (for gateway and client installations), and terminal sessions.

From time to time, computers might be added to the network. If LanProbe is enabled, new computers are discovered automatically. If LanProbe is not enabled, you must run another Active Directory scan in order to discover them.

After you generate a list of computers that are not audited, you can manage these computers by deploying an agent to them (see Deploying Agents to Other Computers) or by auditing them remotely (see About Running Agentless Audits).

Related Information

HEAT Discovery Asset Management

Manage Inventory Settings

Manage Gateway Settings

Deploying the MDI Service

Configuring Mobile Device Inventory

Topics

Inventory

How Discovery and Inventory Auditing work

About Mobile Device Inventory (MDI)

About MDI Client and the MDI Service

Tasks

Viewing and Managing Asset Data

Using Audits

Using Inventory Discovery and Auditing

Auditing Virtual Machines

APNS Certificate Tool

Reference

Deploying Agents to Other Computers

Inventory Lifecycle

Troubleshooting

Copyright © 2011-2014 FrontRange Solutions USA Inc. | All Rights Reserved