how can i perform a discovery on a target not joined to the domain?

Looking to increase our utilization of the product, but, i'm unable to figure out how to perform a discovery on a non domain joined machine. 

  • 1) Import the machine explicitly by FQDN  (you can "pretend" that it's part of a domain for this purpose)
    2) Setup an account that has the same username and password as a local admin account on that host

  • You can also add a machine using IP address block or subnet. When you select a scope you will see near the bottom of that page an option called Add to scope: which has a drop down box. Select the box then picked Add Subnet then click on the Add button. Add the subnet info and then click OK. Again you must make sure that the credentials are correct to access the machines. There is a option where you can add the credentials that are needed.

  • well, i'm required to perform some network impact tests prior to being allowed to fire of large-scale NTFS discoveries in the environment.  One of my test targets is a NAS device, and i'm not authorized to discover the entire contents.  Is there any way i can perform a NTFS discovery against a single folder discover on a device?

  • You can perform a NTFS discovery against a single folder on a NAS device the same as a Windows server. Your service account requires the same permissions as an Windows server. This would be read access via the share and read access to the folder same as a Windows server. You can see if you have this access when you select the server as you can browse to any shares and then to a folder on that share. When you select that folder, ER will only scan the folder you choose.

  • Here is an example from a NTFS discovery using ER 3.2.1 H1 to a specific folder on a NetApp server (thru a share) and specific file types. As you can see the discovery can be as be quite granular. Remember the purpose is to give specific information on a share or folder in a share. Note that you can gather too much information if a discovery gathers a large amount of data across a large number of servers. This will take a long time to complete and contain a lot of data that you may not find useful. For example, collecting all of the files in the Windows folder (operating system files) on a large number of servers really serves no purpose. Gathering data on shares is much more useful as to who (groups and users) have access and what permission they have on those share, folders and files.


  • Thanks, i'll give this a go for testing over the weekend.

  • i'm confused now, how did you get that full path into the discovery, i've tried to import with fqdn, and it gives me errors about illegal chars.

    can you share how you handle the scope in this fashion?

    it seems i can choose shares from windows servers that are domain joined.  But in my case, the isilon is not domain joined.

  • If your service account does not have permission to access the shares on a non-domain server then you will no the able to access the server. Try this test. On the machine that has ER which you are working from, open windows explorer and try to connect to the Isilon shares. (\\Isilon\share01). If you have access then you should be able to connect via the shares. You may want to also put the Isilon FQDN into the host file as it may also be a resolution issue and ER cannot see the server. ER primarily relies on the windows environment. Last but not least have you been working with Quest Support on your issues? Quest Support is the primary contact for working with the product and solving issues.

  • definately can access the location.

    as the isilon is not domain joined i can't use the scope wizard, import will accept the fqdn of the isilon intself as a computer discovery, but if i add the \sharename to the fqdn of the computer i recieve illegal character warnings.

    the server can see the location itself.

    i haven't contacted support as of yet, seemed like this should be a really really simple thing to achieve, i have a fqdn path, reporter just doesn't seem to allow it in any fashion.  so extremely frustrating.  I'll open a support case.