Credential less Discovery

Paul125
Kilo Guru

Hello, I have activated credential less discovery and it was successfully installed. I can also see "Pattern Launcher: Credentialless Discovery Network Device" being triggered in the ecc queue when discovery lacks credentials  for any device. After completing the discovery, If I look into the input I am seeing just class name and ip address. No Mac address, name being returned.

I read in the document that I should auto-assign IP-Ranges needed for this but we don't use subnet discovery feature to discover subnets. We use Infoblox integration to populate subnet data. Please help me with an answer/clarification if credentials less discovery only works when we use subnet discovery. Thanks!

1 ACCEPTED SOLUTION

Michael Skov2
Kilo Guru

From docs:

The Nmap commands executed during credential-less Discovery can:

  • Perform reverse DNS name resolution to identify the host from the IPv4 address.
  • Return the MAC address of the host if that host is on the same subnet as the host executing the Nmap command.
  • Detect applications installed on a target host.
  • Detect the operating system of a target host and the OS version.

https://docs.servicenow.com/bundle/london-it-operations-management/page/product/discovery/concept/nmap-credential-less-discovery.html

Is the host on the same subnet as mid server?

View solution in original post

3 REPLIES 3

Michael Skov2
Kilo Guru

From docs:

The Nmap commands executed during credential-less Discovery can:

  • Perform reverse DNS name resolution to identify the host from the IPv4 address.
  • Return the MAC address of the host if that host is on the same subnet as the host executing the Nmap command.
  • Detect applications installed on a target host.
  • Detect the operating system of a target host and the OS version.

https://docs.servicenow.com/bundle/london-it-operations-management/page/product/discovery/concept/nmap-credential-less-discovery.html

Is the host on the same subnet as mid server?

Paul125
Kilo Guru

Thanks for the reply Mike. They are not in same subnet but on the same network.

Paul,

If I had to guess I would say reverse DNS lookups aren't working properly in your network and this is why you aren't getting the name back. I've seen this before where reverse DNS lookups aren't configured right. I'm guessing this is the problem. My guess is MAC address isn't being returned because it probably get's that from an ARP request and if they aren't on the same network subnet it won't work based upon what Michael said (by the way great out line of what is needed Michael I'm keeping this for my own notes).