Management and Security
The Ivanti Unmanaged device discovery (UDD) tool is accessed from the main Ivanti console (Tools > Configuration > Unmanaged Device Discovery). This tool provides a way for you to find devices on your network that haven't submitted an inventory scan to the Ivanti core database. UDD has multiple ways of finding unmanaged devices. This tool also provides Extended device discovery (XDD), which relies on a device agent that listens for network ARP and WAP broadcasts. The extended device discovery agent on a device then checks discovered devices for the Ivanti agent. If the Ivanti agent doesn't respond, extended device discovery displays the device in the Computers list. Extended device discovery is ideal in situations involving firewalls that prevent devices from responding to the normal ping-based UDD discovery methods.
This chapter contains the following online help topics that describe the Unmanaged device discovery tool's dialog boxes. From the console interface, these help topics are accessed by clicking the Help button on their respective dialogs boxes.
Use this dialog box to customize and launch unmanaged device scans. To access this dialog box, at the Unmanaged device discovery tool windows, click the Scan network toolbar button.
- Saved configurations: Shows the saved scanner configurations. Save a configuration by changing the settings you want, then clicking New, name the configuration, and with your new configuration selected, click Save.
- More >>: Expands the dialog box to show discovery options.
- Network scan: Discovers devices using an ICMP ping sweep. This is the most thorough and recommended discovery method.
- IP OS fingerprinting: An additional level of discovery that uses packet responses to try and determine the installed OS on a discovered device.
- Use SNMP: An additional level of discovery that uses SNMP for device detection.
- Discover devices with LANDESK PDS2 installed: Discovers devices using the older Ivanti PDS2 agent.
- Discover devices using NT domain: Discovers devices in a Windows NT domain. This option uses the NT domain account information and doesn't require an IP address range, though you can specify one. Select this option and click Configure to show the NT domain configuration dialog box where you can customize the NT domain discovery settings.
- Filter by IP range (for both NT domain and LDAP): Filters NT domain and LDAP discovery by the IP ranges specified in Starting IP and Ending IP.
- Discover devices using LDAP: Discovers devices in an LDAP directory. Select this option and click Configure to show the LDAP configuration dialog box where you can customize the LDAP discovery settings.
- Discover IPMI-enabled devices: Looks for servers enabled with Intelligent Platform Management Interface, which allows you to access many features regardless of whether the server is turned on or not, or what state the OS may be in.
- Discover virtual hosts: Looks for servers running the VMware ESX Server.
- Starting IP: Enter the starting IP address for the range of addresses you want to scan.
- Ending IP: Enter the ending IP address for the range of addresses you want to scan. UDD automatically updates this field as you type the Starting IP, but you can change the ending IP address manually. Ending IP is calculated using the value of Subnet mask + what is typed in Starting IP.
- Subnet mask: Enter the subnet mask for the IP address range you're scanning.
- Add and Remove: Adds or removes your IP address ranges from the work queue at the bottom of the dialog box.
- Schedule task: Schedules the scan based on your settings. You can customize the start time in the Scheduled tasks window. Scheduled scans originate from the core server.
- Scan now: Starts the scan immediately based on your settings. Scans started here originate from the console you're at. Once you start the scan, a Scan status dialog box appears showing the total number of devices found, how many existing devices were updated, and how many new unmanaged devices were added.
Use this dialog box to configure how you connect to the domain you want to scan.
- Domain: Enter the domain you want to scan.
- Log in as current user: Select this if you're logged in as a user with access to the domain you're scanning.
- Log in as: Select this if you aren't logged in as a user with access to the domain you're scanning. Also enter a User name and a Password.
- Use domain info: Uses information from the domain about the detected device OS.
- Add and Remove: Add each domain you configure and want to scan to the work queue by clicking Add. Click Remove to delete the selected domain from the work queue.
Use this dialog box to configure how you connect to the LDAP directory you want to scan.
- LDAP://: Enter the LDAP directory you want to scan.
- Log in as current user: Select this if you're logged in as a user with access to the directory you're scanning.
- Log in as: Select this if you aren't logged on as a user with access to the directory you're scanning. Also enter a User name and a Password.
- Select individual OUs: Select the OUs that you want to scan. Click Add to add them to the work queue. Click Remove to delete the selected OU from the queue.
- Active directory path: Shows the active directory path, if applicable.
Network scan discoveries can use SNMP. Depending on your network's SNMP configuration, you may need to enter additional SNMP information in UDD. Click Configure next to the SNMP option to show the SNMP configuration dialog box, which has these options:
- Retries: How many times UDD retries the SNMP connection.
- Wait for response in seconds: How long UDD should wait for an SNMP response.
- Port: What port UDD should send SNMP queries to.
- Community name: The SNMP community name UDD should use.
- Configure SNMP V3: UDD also supports SNMP V3. Click this button to configure SNMP V3 options in the SNMP V3 configuration dialog box.
The SNMP V3 configuration dialog box has these options:
- User name: The username UDD should use to authenticate with the remote SNMP service.
- Password: The password for the remote SNMP service.
- Authentication type: The authentication type SNMP is using. Can be MD5, SHA, or None.
- Privacy Type: The encryption method the SNMP service is using. Can be DES, AES128, or None.
- Privacy Password: The password to use with the specified privacy type. Not available if you selected a privacy type of None.
Use this dialog box (Configure ARP discovery history toolbar button) to configure how the core server maintains the ARP discovery history. This history data is used for generating extended device discovery reports. The options in this dialog box don't affect the discovered devices you see in the main unmanaged device discovery window. This history only applies to devices that were discovered through ARP discovery and that don't have Ivanti agents on them.
- Maintain history for this period of days: Clicking this option allows you to specify how many days of ARP discovery history data you want to save in the database. ARP discovery history data older than the number of days you specify will be deleted from the database during maintenance.
- Clear entries manually: This is the default. The ARP discovery history won't be deleted during maintenance.
- Clear all entries now: Click this button to immediately delete the ARP discovery history from the database.
Was this article useful?
The topic was:
Not what I expected
Copyright © 2019, Ivanti. All rights reserved.