In our environment we have a single AD forest and use Config Mgr 2012 R2.

We have the following folder structure:    Domain\Servers\Exchange
                                                                                          \File
                                                                                          \Print

When I run system discovery I discover all computer objects in Exchange and Print but only SOME in File.

Discovery uses a dedicated service account which has read access to the servers container and the permissions are inherited (I even tested it with full access on the File container). If I run a powershell script using the service account querying AD then all objects are discovered.

Any suggestions?
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Answers

0

Are there any common factors in the file computer objects that are missed ? Is it the same machines each time or a random subset?

Any commonality in network topology or is a particular switch involved?

Anything in event logs on the affected machines?

Do all servers have static IP addresses?

Do all the servers connect via a single NIC?


Answered 10/05/2014 by: EdT
Red Belt

  • Hi, thanks for getting back to me.

    I went through the object attributes in ADSI and they all appear to be the same. Yes its the same machines each time.

    Unfortunately not, not all connected to the same switch.

    I haven't checked the event logs (I will now) however I did check the ADSYSDIS.log and there is no error, it performs like the location isn't being interrogated (although if I add a new object in it gets discovered so the location must be).

    They have two NICs and both are on static addresses.


    Thanks.
    • I know this Thread is old but did you ever discover what was causing this anomaly Busby? I Just had an almost identical problem occur and check most of the same things you did. Ironically for me it was 5 machines on identical hardware, pushed an identical image via Ghost (don't have our SCCM set up for deployment yet), all correctly appeared in computers CN in AD, and all relocated to the same OU in the same move action in ADUC. What is really weird is 1 was discovered in CM the rest were not :(
Please log in to comment
0
If the same machines are failing each time then it has to be something common to those machines that is to blame. Are they the only machines with two NICs?  As they have static addresses, are these within the correct IP range for discovery?
Is there anything about the version of operating system that is unique to these machines?  Anything different about firewall settings or A/V settings? Anything different about the subnet mask settings?  Are they the same hardware platform?  Any commonality in BIOS versions if the hardware is the same?  Anything different about BIOS settings?
Answered 10/06/2014 by: EdT
Red Belt

  • No, they're not the only two machines with multiple NICs, we have SQL boxes with multiple NICs.

    Config Manager discovery runs through AD structure - not IP range. The only pre-req is read only access to the AD structure. That rules out any platform\environment variables. That's why I started with the object attributes in AD. Unless I have this wrong?
    • OK, I may be applying some incorrect logic here, but to me, discovery means identifying a machine on the network that is new/different to other machines. At the end of the day, any directory system must be able to translate its directory content into unique hardware information, in the same way that DNS maps IP addresses to domain names. What I don't know is what parameters AD uses to uniquely identify a piece of hardware. Equally, if AD cannot find a piece of hardware then it won't be able to add it to the directory - hence my focus on the basics of network connection. Are you able to ping the machines that are failing from the config manager machine?
      What is the maintenance state of your DNS/WINS environment? I have seen all sorts of problems caused by old machinery not being purged from these servers. Unless the underlying technology is sound, you will not get AD to work perfectly.
      • The boxes are in AD and are functioning correctly. What is failing is the CM discovery which scans the AD structure and looks at the ADsPath attribute of the object (Incidently if I do this through a PS script the objects are discovered). I'm at a complete loss as to why these aren't in Config Manager. Thanks for the reply anyway.
Please log in to comment
Answer this question or Comment on this question for clarity