- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-26-2025 01:29 AM
Hi folks, As per the subject, our instance (Xanadu) has Credentialless discovery disabled in the system properties but occasionally I still see SQL instances pop up that have been created by it.
Am I missing another setting or piece of functionality that continues to use credentialless discovery?
Thanks in advance
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-26-2025 04:08 AM
This is a known scenario and can be explained by a few underlying mechanisms in ServiceNow Discovery and Service Mapping.
Disabling Credentialless Discovery via the mid.discovery.credentialless.enable property should prevent the MID Server from launching credentialless (Nmap-based) discovery jobs for hosts and applications.
However, some ServiceNow Discovery or Service Mapping patterns explicitly set the Discovery Source to "CredentiallessDiscovery" in their identification sections, regardless of the global credentialless setting.
For example, certain application patterns (like "Apache on Windows") may assign this source when identifying or updating CIs, even if credentialless discovery is globally disabled. This can occur if Service Mapping is running, or if custom or OOB patterns have this logic hardcoded.
Maik
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-26-2025 04:08 AM
This is a known scenario and can be explained by a few underlying mechanisms in ServiceNow Discovery and Service Mapping.
Disabling Credentialless Discovery via the mid.discovery.credentialless.enable property should prevent the MID Server from launching credentialless (Nmap-based) discovery jobs for hosts and applications.
However, some ServiceNow Discovery or Service Mapping patterns explicitly set the Discovery Source to "CredentiallessDiscovery" in their identification sections, regardless of the global credentialless setting.
For example, certain application patterns (like "Apache on Windows") may assign this source when identifying or updating CIs, even if credentialless discovery is globally disabled. This can occur if Service Mapping is running, or if custom or OOB patterns have this logic hardcoded.
Maik