- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-08-2022 12:50 PM
I'm trying to create a checklist for our build team so that we dont run into issues with Discovery. I have looked at KBs/Discussion posts and they all have bits and pieces. I need a full checklist. Heres what I have but please correct me if I'm wrong anywhere (I'm still new to ServiceNow Discovery). We use install a MID server on a domain controller and want to discover all servers on the same domain. We only want to discover Windows servers.
1. MID Server account user Is a Domain Admin with Admin permissions on both the server the MID Server is running on and also the target server
2. MID server host can reach ports 135, 139, 445 target server. (is that all the ports we need to check?)
3. The MID Server account user has Admin access to the \admin$\temp folder on the target server
4. MID Server user created in ServiceNow has the mid_server role
5. Host server that MID Server is installed on needs the following operating systems:
- Windows Server 2012
- Windows Server 2016
- Windows Server 2019
6. PowerShell 3.0 or newer
7. Target Server needs Windows firewall disabled
8. MID Server host should have a Quad core processor with a speed of 2+ GHz
What am I missing for Windows discovery? What are all the WMI requirements? Local Admins should get full WMI Access right?
Solved! Go to Solution.
- Labels:
-
Discovery
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-08-2022 07:03 PM
You list is pretty accurate. Just one additional point for windows discovery. First wmi communications starts on port 135. After communications runs on higher dynamic port. Here is the range which should also open between mid and your infrastructure if there is any firewall in between.49152 - 65535 range for later wmi communications. Refer this kb windows section. https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0868224#:~:text=ServiceNow%20Discovery%20uses%20WMI%20for,the%20remainder%20of%20the%20communication.
Hope this helps.
Regards
RP
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-08-2022 01:30 PM
That should give you what you needs. You have most of it already, but the credential and permissions it has are super important.
Also, never, ever install it on a server that is used for anything else. During Discovery it can get very busy, I have seen it eat up 8 CPUs and 16GB RAM in no time flat. Now, that is usually short lived but it will spike over and over again during scans.
Also, I would suggest PowerShell 5.1 or newer and PowerShell Remoting enabled on the servers you will scan. The latest version of PowerShell gives more information that PowerShell 3 did on some of the calls (at least that is what I experienced). Remember, the version of PS matters on both the MID Server host and on each host it scans as it remotes most scripts and allows the local box to run the script for itself.
Aoife
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-08-2022 07:03 PM
You list is pretty accurate. Just one additional point for windows discovery. First wmi communications starts on port 135. After communications runs on higher dynamic port. Here is the range which should also open between mid and your infrastructure if there is any firewall in between.49152 - 65535 range for later wmi communications. Refer this kb windows section. https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0868224#:~:text=ServiceNow%20Discovery%20uses%20WMI%20for,the%20remainder%20of%20the%20communication.
Hope this helps.
Regards
RP
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-11-2022 01:54 PM
thanks everyone!
