After the SCCM has been installed on the Site Server, we need to make some configurations through which all the devices and users which we need to manage, get populated automatically into the console. This is done through the use of AD Discovery Methods in SCCM. In order to make use of these features, we need to make sure that our Active Directory Schema has been extended beforehand.
Discovery Method Types
The Discovery Methods can be found by going to the Administration Node and then selecting the Hierarchy Configuration Section.
1. Active Directory Forest Discovery
This option searches the whole AD forest to find AD sites and Subnets which are configured in the forest and even convert them into boundaries if we want. We also have the option to configure a schedule for it to run. The schedule may differ from one environment to another, but the default values are generally considered to be ideal.
In my particular test environment, the AD sites and Subnets are configured as follows, and the same is going to be reflected in the SCCM Console.
If you compare both the snapshots, you’ll see that it has only captured and created the AD Site boundaries and not the Subnet boundaries. That’s because I did not check the checkbox for automatically creating the Subnet boundaries.
Logs – SCCM Installation Directory\Logs\ADForestDisc.log
2. Active Directory Group Discovery
Through AD group discovery, we’ll be able to collect information based on the AD Groups and their membership. An AD group is a collection of AD objects like user accounts, or computer accounts. Having a collection of similar objects helps in the management of those objects.
For example, these are some of the AD groups configured in the test environment.
We can limit our scope to one or more of these groups and only the resources which are the members of that group are going to get imported into the SCCM Console. Please note that this may be able to discover resources that haven’t been discovered using other discovery methods like User and System discovery which may lead to some unwanted consequences. So it’s best to have a specific, well-defined scope here.
In order to configure group discovery, open the properties section first. There you can either add an AD Group or Browse a Container using Groups and Location option respectively. If you use Location, you’ll get the option to search recursively within that container, which you won’t get if you’re using the Groups option directly.
If you use Location, you’ll get the option to search recursively within that container, which you won’t get if you’re using the Groups option directly.
Logs – SCCM Installation Directory\Logs\adsgdis.log
3. Active Directory System Discovery
We use AD System Discovery to populate all the machines present in our environment into the SCCM Console.
We can manually select the location from where we need the machine details to be extracted. For example, if we’re only looking to manage Workstations and not Servers, then we can directly point to the Workstation Container in AD and it will extract the details of only those machines.
Apart from that, we can even set the polling schedule along with Delta Discovery time, which just checks for any change since the last discovery and implements it in the Console.
Finally, under the options tab of ADSD window, we get few interesting options which allow us to perform some kind of an automatic cleanup of stale AD Records. These options are self explanatory.
Logs – SCCM Installation Directory\Logs\adsysdis.log
4. Active Directory User Discovery
Just like System Discovery, AD User Discovery allows us to populate the list of users present in our environment into the SCCM Console. We can select the OU from where we need to get our user data. It too allows us to use the concept of Delta Discovery.
Logs – SCCM Installation Directory\Logs\adusrdis.log
5. Heartbeat Discovery
This is the only AD Discovery method that is enabled by default and should not be disabled. It’s also the only Discovery Method that runs on the client instead of the Site Server. Heartbeat Discovery is like a record of the status of the health of the Configuration Manager Client running on the user’s machine. Heartbeat Discovery runs as per the schedule defined in the settings, which is one week, by default.
Logs(Client) – C:\Windows\CCM\Logs\InventoryAgent.log
6. Network Discovery
Network Discovery will require it’s own specific blog post. For now, let’s just say that Network Discovery, like other discovery methods, has the task of gathering data about the network and import any device with an IP address into the console. It’s generally not used in a production environment as the other discovery methods do a great job regarding gathering the resource data which we most regularly need to manage.
