Find your people. Pick a challenge. Ship something real. The CreatorCon Hackathon is coming to the Community Pavilion for one epic night. Every skill level, every role welcome. Join us on May 5th and learn more here.

Windows server discovery authentication

mary_lindell
ServiceNow Employee

3 weeks ago

If you are using ServiceNow windows discovery successfully. What method of authentication are you using and how do you secure it? Windows Domain Auth, gMSA, Microsoft JEA, Agent Client Collector install...?

 

0 Helpfuls
  • 343 Views
2 REPLIES 2

svirkar420
Tera Guru

3 weeks ago

HI @mary_lindell , We are using the Group Managed Service Account (gMSA) method because it offers automatic password rotation, enhanced security, and centralized management through Active Directory without manual credential maintenance. It also allows multiple servers to securely use the same managed account while ensuring the credentials are maintained by Microsoft Active Directory. Also, this was selected by our client out of other options.

 

If this response helped resolve your issue or question, please consider marking it as Accepted Solution and giving it a 👍.
This helps others in the community find useful answers more easily.

Regards,
Saurabh V.

mary_lindell
ServiceNow Employee
In response to svirkar420

3 weeks ago - last edited 3 weeks ago

Thank you for your reply Saurabh. It seems that security conscious companies are moving to combination of gMSA + Kerberos + WinRM + JEA for hardened, zero-NTLM discovery architecture. However, I have run into issues with this configuration for random servers and was wondering if you have tips for troubleshooting authentication errors in this sort of configuration? 

 

Any help or tips are appreciated.  

0 Helpfuls