SCCM Config Manager 2012 Step by Step Guide Boundaries and Discovery

SCCM Config Manager 2012   Step by Step Guide Boundaries and Discovery


Deploying SCCM 2012  – Configuring Discovery and Boundaries.

What are Discovery Methods in Configuration Manager 2012 – System Center 2012 Configuration Manager discovery identifies computer and user resources that you can manage by using Configuration Manager. It can also discover the network infrastructure in your environment. Discovery creates a discovery data record (DDR) for each discovered object and stores this information in the Configuration Manager database. When a resource is discovered the information about the resource is put in a file that is referred to as a discovery data record (DDR). DDRs are processed by site servers and entered into the Configuration Manager database where they are then replicated by database-replication with all sites.

Types of Discovery Methods:

Active Directory Forest Discovery – As the name suggests it discovers Active Directory sites and subnets, and then creates Configuration Manager boundaries for each site and subnet from the forests which have been configured for discovery. With this discovery method you are able to automatically create the Active Directory or IP subnet boundaries that are within the discovered Active Directory Forests.

Active Directory Group Discovery – The Active Directory Group Discovery discovers the groups from the defined location in the Active Directory. The Discovery Process discovers local, global, and universal security groups, the membership within these groups. When you configure the Group discovery you have the option to discover the membership of distribution groups. With the Active Directory Group Discovery you can also discover the computers that have logged in to the domain in a given period of time.

Active Directory System Discovery – If you want to discover the computers in your organization from specified locations in Active Directory Domain Services then we use Active Directory System Discovery. In order to push the sccm clients into the computers, the resources must be discovered first. There is an option to discover the computers that have logged on to a domain in given period of time, this way you won’t discover obsolete computer accounts from the Active Directory.

Active Directory User Discovery – This Discovery process discovers the user accounts from your Active Directory domain. You will have to specify the Active Directory container to search for the user accounts. There are some good options to discover the user accounts like the option to discover the user objects based on the attributes, recursively search AD child containers, discover objects within the AD groups.

HeartBeat Discovery – The HeartBeat Discovery runs on every Configuration Manager client and is used by Active Configuration Manager clients to update their discovery records in the database. The records (Discovery Data Records) are sent to the management point in specified duration of time. Heartbeat Discovery can force discovery of a computer as a new resource record, or can repopulate the database record of a computer that was deleted from the database. Note that the  HeartBeat Discovery is enabled by default and is scheduled to run every 7 days.
Network Discovery – The Network Discovery searches your network infrastructure for network devices that have an IP address. It can search the domains, SNMP devices and DHCP servers to find the resources. It also discovers devices that might not be found by other discovery methods. This includes printers, routers, and bridges.

To discover the resources we will now enable the following Discovery Methods:

  1. Active Directory Forest Discovery
  2. Active Directory Group Discovery
  3. Active Directory System Discovery
  4. Active Directory User Discovery

Active Directory Forest Discovery.

Launch the System Center 2012 Configuration Manager Console. On the left pane select the Administration, expand Hierarchy Configuration, Select Discovery Methods. On the right pane double click “Active Directory Forest Discovery”. Check all the boxes to enable the AD Forest Discovery. With this all the Active Directory site boundaries are created automatically along with IP address boundaries. Click on Apply.

SCCM 2012 -Discery and Boundaries:

Configuring Discovery and Boundaries In Part 1 of this series we got our AD and SCCM servers ready, and then we installed System Center 2012 Configuration Manager as a standalone Primary site. In Part 2 we configured the SCCM server further by adding some Windows Server roles necessary for the following Configuration Manager 2012 functionality, Software Update Point (SUP) and Operating System Deployment. Now we will configure the server further by Enabling some Discovery methods and creating Boundary’s and Boundary Groups. Configuring Discovery Methods:


Discover Computers
When you want to discover computers, you can use Active Directory System Discovery or Network Discovery.

As an example, if you want to discover resources that can install the Configuration Manager client before you use client push installation, you might run Active Directory System Discovery. Alternately you could run Network Discovery and use its options to discover the operating system of resources (required to later use client push installation). However, by using Active Directory System Discovery, you not only discover the resource, but discover basic information and can discover extended information about it from Active Directory Domain Services. This information might be useful in building complex queries and collections to use for the assignment of client settings or content deployment. Network Discovery, on the other hand, provides you with information about your network topology that you are not able to acquire with other discovery methods, but Network Discovery does not provide you any information about your Active Directory environment.

It is also possible to use only Heartbeat Discovery to force the discovery of clients that you installed by methods other than client push installation. However, unlike other discovery methods, Heartbeat Discovery cannot discover computers that do not have an active Configuration Manager client, and returns a limited set of information. It is intended to maintain an existing database record and not to be the basis of that record. Information submitted by Heartbeat Discovery might not be sufficient to build complex queries or collections.

If you use Active Directory Group Discovery to discover the membership of a specified group, you can discover limited system or computer information. This does not replace a full discovery of computers but can provide basic information. This basic information is insufficient for client push installation.

Discover Users
When you want to discover information about users, you can use Active Directory User Discovery. Similar to Active Directory System Discovery, this method discovers users from Active Directory and includes basic information in addition to extended Active Directory information. You can use this information to build complex queries and collections similar to those for computers.

Discover Group Information
When you want to discover information about groups and group memberships, use Active Directory Group Discovery. This discovery method creates resource records for security groups.

You can use this method to search a specific Active Directory group to identify the members of that group in addition to any nested groups within that group. You can also use this method to search an Active Directory location for groups, and recursively search each child container of that location in Active Directory Domain Services.

This discovery method can also search the membership of distribution groups. This can identify the group relationships of both users and computers.

When you discover a group, you can also discover limited information about its members. This does not replace Active Directory System or User Discovery and is usually insufficient to build complex queries and collections or serve as the bases of a client push installation.

Discover Infrastructure
There are two methods that you can use to discover network infrastructure, Active Directory Forest Discovery and Network Discovery.

You can use Active Directory Forest Discovery to search an Active Directory forest for information about subnets and Active Directory site configurations. These configurations can then be automatically entered into Configuration Manager as boundary locations.

When you want to discover your network topology, use Network Discovery. While other discovery methods return information related to Active Directory Domain Services and can identify the current network location of a client, they do not provide infrastructure information based on the subnets and router topology of your network.


SCCM Config Manager 2012   Step by Step Guide Boundaries and Discovery “”

Config Manager 2012 Discovery Methods is here


Leave a Reply

Your email address will not be published. Required fields are marked *