Discovering Devices from Azure AD

Kent Gloriana
Tera Contributor

‎12-12-2023 07:01 PM

Hello fellow Dev, Could someone help me. I'm having a problem on discovering devices in our organization. At first we are able to discover the devices in our organization before we migrated to Azure AD. but now we couldn't discover the computers except the routers. Thanks for your help.

 

Regards,

Kent

0 Helpfuls
  • 832 Views
5 REPLIES 5

Rahul Priyadars
Tera Sage
Tera Sage

‎12-12-2023 07:21 PM

Hi Kent

 

On Premise AD is shifted to Azure Ad.

Is your Windows Credentials are working fine for Windows OS Based Devices?

I assume Unix OS Based devices are discoverable as it uses SSH.

Also SNMP is working fine so n/w devices are getting discovered.

 

Let me know.

Regards

RP

0 Helpfuls

Kent Gloriana
Tera Contributor
In response to Rahul Priyadars

‎12-12-2023 08:07 PM

Hi Rahul,

Thank you for your response. Yes we have created a windows credential but still it did not discovered the devices.  Error still occurred. Please see attached file for the error.

KentGloriana_0-1702440418600.png

 

0 Helpfuls

Rahul Priyadars
Tera Sage
Tera Sage
In response to Kent Gloriana

‎12-12-2023 09:51 PM

I see Your Credential is working fine.

I assume Port 135 is open between Mid Server and Host for First Communication.

Later Discovery Communicates on Higher WMI  Ports  (WMI, PowerShell, and Windows Firewalls - Support and Troubleshooting (servicenow.com)). Assuming these are also Open.

 

Also read this 

=========

Windows administrative shares are hidden server resources that Discovery uses to temporarily store the results of processes run by specific probes. The MID Server script file LaunchProc.psm1 launches the process, writes its output to the administrative share on the machine, and then retrieves the results for the MID Server. Access to administrative shares is restricted to users with administrative rights to the target, such as users, local or on the domain, who belong to the local Administrators group.

With the Madrid patch 3 release, all Windows probes that use WMI protocol call the LaunchProc.psm1 script file and use the $admin share folder as default. The "Windows - Classify" probe uses WMI protocol and thus need access to the discovered computer admin share.

==============

 

Regards

RP

0 Helpfuls

Pratiksha
Mega Sage
Mega Sage

‎12-13-2023 01:14 AM

We recently did migration. It was lift and shift. With that the configuration did not changed. We have moved the mid server to cloud and did testing if it can reach to the devices or not. The credentials worked fine as they were service accounts mostly. So check if the mid server is allowed to communicate, check if the credentials still work, make sure the IP address is whitelisted. 

0 Helpfuls