Discovery problems with SSH and WinRM

Tresselt · ‎05-14-2024

Hello. Im in the process off setting up discovery, and I have a few questions.

I am getting these warnings when discovering an IP address with a Linux Server:

The discovery is somewhat successfull and the Linux server is added/updated to the cmdb, but this "Interactive Probe Shell" ends up "Active, couldn't classify"

On the other hand, when trying to discovery on Windows servers, I get multiple successfull discoveries on an IP range, but also multiple warnings:

Considering that many are being found, I assume the problem is with the WinRM service on the servers, and not something from ServiceNow side that is the problem? The ports are open and the Window Server hosting the midservers are set as a trusted host.

Kieran Anson · ‎05-14-2024

Hey,

Depending on the organisation, some only install "must have" applications installed on Linux to reduce the vulnerability opportunities. From your first screenshot, it looks like lsof (list open files) is not installed...and will unfortunately prevent ADM.

Check with your server team on whether lsof is installed, and whether root is required to perform the command.

For the WinRM issue, the easiest way to sanity check is to login to the VM as the Service Account and run Test-WsMan <ip address> to see whether a connection is allowed

View solution in original post

Kieran Anson · ‎05-14-2024

Hey,

Depending on the organisation, some only install "must have" applications installed on Linux to reduce the vulnerability opportunities. From your first screenshot, it looks like lsof (list open files) is not installed...and will unfortunately prevent ADM.

Check with your server team on whether lsof is installed, and whether root is required to perform the command.

For the WinRM issue, the easiest way to sanity check is to login to the VM as the Service Account and run Test-WsMan <ip address> to see whether a connection is allowed