SCCM 2012R2: Active Directory System Discovery vs Network Discovery questions.

Hi,

Our SCCM install was setup by someone who is no longer here and we found a slight problem we're trying to correct.  We have our Discovery methods setup to use AD System, AD User, and Heartbeat.  However, in the AD System area we found that not all of our domains were entered so it's missing a bunch of our machines.

Our Boundaries are setup to find the proper IPs but if the domain isn't listed in the AD System Discovery list, I assume that means it will just skip anything that doesn't match.

I went in and added in the rest of our domains and told it to Run Full Discovery Now but I'm looking to find out how I can monitor what it's doing to know if it's finding the missing machines or not.

On a side note, I'm also wondering if there's a reason to not just use the Network Discovery option since it seems like that just hits up every IP and would find them regardless of what domain they are on.

Any insight or suggestions to this would be great.

Thanks!

July 20th, 2015 12:25pm

You can monitor adsysdis.log to see how system discovery is progressing.  For Network Discovery, I never enable it.  For discovering computers, AD System Discovery, properly scoped is what you want.  Network discovery would discover all kinds of network devices/endpoints that likely just become noise in the console.

Jeff

Free Windows Admin Tool Kit Click here and download it now
July 20th, 2015 12:31pm

Network discovery is only really useful for workgroup computers. Almost no one use it as it doesn't really work that well.
July 20th, 2015 12:31pm

The boundaries are not use for discovery they are used for content location and also now management point.

The network discovery method as is own Subnet and IP scope it doesn't take it from the configure boundaries.

For the log go to your SCCM install folder under log find these.

AD_SYSTEM - adsysdis.log
AD_SECURITY_GROUP - adsgdis.log
AD_SYSTEM_GROUP - adsysgrp.log
AD_USER - adusrdis.log
NETWORK - netdisc.log


Here some info about boundaries taken from tehcnet: 

In System Center 2012 Configuration Manager, a boundary is a network location on the intranet that can contain one or more devices that you want to manage. Boundaries can be an IP subnet, Active Directory site name, IPv6 Prefix, or an IP address range, and the hierarchy can include any combination of these boundary types. To use a boundary, you must add the boundary to one or more boundary groups. Boundary groups are collections of boundaries. By using boundary groups, clients on the intranet can find an assigned site and locate content when they have to install software, such as applications, software updates, and operating system images

Free Windows Admin Tool Kit Click here and download it now
July 20th, 2015 12:33pm

So I just found out that not all of our domains are trusted back to our main domain.  I also found lots of errors in the ADSysDis log file due to that.

Failed to enumerate directory object in AD container....
Failed to bind to LDAP...

Is it possible to have the SCCM server at our main domain somehow add in the machines from those other domains and be able to manage them, patch them, etc?

Thanks.

July 20th, 2015 12:46pm

Concur with all the other comments.

One additional thing to note in trply to this statement though: "On a side note, I'm also wondering if there's a reason to not just use the Network Discovery option since it seems like that just hits up every IP and would find them regardless of what domain they are on."

Network Discovery is not a ping sweep so this is incorrect -- if your network team even allowed ping sweeps I'd surprised. Network Discovery queries a Microsoft DHCP server or queries your network devices using SNMP to find endpoints on the network. This can work, but as mentioned by the others, doesn't usually work that well and when it does it also finds all kinds of things that can't be managed by ConfigMgr anyway.

Free Windows Admin Tool Kit Click here and download it now
July 20th, 2015 12:48pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics