Adding endpoints using active directory scan
In some organizations the network ports are blocked for security reasons. In such cases discovering assets through network scanning may not be possible. Assets can also be discovered through Active Directory scanning.
To add a new AD scan job, go to Manage → Asset Discovery → + Add Asset Discovery. Fill in the following details:
Attributes | Description |
|---|---|
Job Title | Enter a unique title for your scan job |
Discovery Type | Select the discovery type as Active Directory from the drop-down |
Directory Server | Select the directory from the drop-down menu |
Server Group(s) | Provides the list of groups on Active Directory when you click on Browse |
Discovery Job Status | Slider to activate the job |
Job Scheduler | |
Schedule Type | Select a schedule type whether you would like to initiate this job once or recurring job. If you select a recurring job, you can choose days this job must be executed on. For e.g. You want to schedule job every 2nd day at 5.00 p.m. from 1st Jan 2018 to scan your network, include the following details: Recur every: 2 days |
Task Start | Select the date when the task begins |
Schedule Time | You can either choose the "Any" or schedule a proper time from when to start the task and when to end the task |
Asset Onboarding | |
Onboard Assets | To start a scan manually with an option to add assets to specify profiles, click the Onboard asset as 'No'. If you wish to include assets automatically to existing group and attributes, select option 'Yes' |
Asset Overview | |
Description (optional) | The added text will be included in every asset description field |
Password Management Policy | |
Checkout policy | The option is selected as default as one can choose its policy by unchecking the default option and selecting the policy from the drop-down list available. |
Rotation policy | The option is selected as default as one can choose its policy by unchecking the default option and selecting the policy from the drop-down list available |
Reconciliation policy | The option is selected as default as one can choose its policy by unchecking the default option and selecting the policy from the drop-down list available. |
Exclude from Account Discovery | When ticked, the accounts of this asset will be excluded from the Discovery job. |
Access Entitlement and Reporting | |
Owner (optional) | If you have listed owner information of all the assets, please include here |
Location (optional) | The added location field will be included in every asset location |
Criticality Level (optional) | An added critical field will be included in every asset. This is important while structuring reports and notifications |
Tags (optional) | You can associate an asset with your desired single or multiple tags like Infosec, Banking Core Server, ATM Switches, etc. Refer to section Tags for more information about adding context with tags. |
Make sure you tick the Active checkbox and click the Save button to save the discovery job or Save + Run Now button to run the discovery.