Discovery Windows Device on different AD Domain/Tree/Forest

garyopela · ‎09-24-2012

I am trying to discover a device that is on a differen't AD tree than mine. I have an account on that tree that i'm trying to use. I've setup an entry in my Discovery Configurations for the account with a Type of Windows. I then go to discover the device. I can see it's name and IP, but then I get WMI Authentication Failed error messages.

Is it possible to discover devices on a different AD Tree using an account from that AD Tree?

garyopela · ‎10-02-2012

Okay, I think this has me able to at least connect to the machine, at least i'm getting a different error now:
The RPC server is unavailable.

From what i've read here, this indicates eithe ri have no access to query WMI, or there is possibly a firewall issue in the way. This is a very unique environment i'm querying that does involve several firewalls and NATd addresses, so i'm scanning the hole in the firewall and i can see the name of the target machine, but cannot run any WMI queries.

I'm working this with network team now.

Thanks for your help!

garyopela · ‎10-08-2012

Okay this got it all working, thank you, Mr. Schulze!
Just a note, in order to get through all of the firewall issues, and to get PS working fully, I had to add the IP and HostName of the target server to my local hosts file on my mid-server. That was the last step needed.

It is failing at impersonation for mssql through powershell, but that's not a show stopper, since i don't really discovery anything on SQL instances right now.

By the way this was on Aspen release of discovery. We are preparing to upgrade to Berlin right now.