Discovery Steps

Been doing a lot of client discovery recently for Managed Services client on-boarding, and documentation of existing clients. This is a somewhat time consuming process as its balance between trusting what’s provided by the client (often from the out-going System admin or company) and finding out for yourself. I tend to use the provided documents to confirm what I have found, with a ton of help from teammates and coworkers.

I don’t pretend to be a Network layer expert I understand the process and can find my way around a bit but I really rely on a top notch Networking coworker. His task really is to look around and find everything from the firewall to the routing and switching. I need from him; the ranges that my tools should scan and the SNMP to be configured to let me discover and eventually monitor.

After I get that email or better yet spreadsheet, onto the infrastructure work and then to the preferred tools…

Well not quite… first its DNS. DNS must be clean and up to date. Best way to do this is Scavenge DNS.

Checking all DNS servers in a Domain and setting up the scavenging attempt frequency, and record aging.

Get a list of DCs in the Domain by…

nltest /dclist:domain.local replacing domain.local with the actual domain.

Under the Advanced Properties of the DNS Servers check the “Enable automatic scavenging of stale records” checkbox and Set the scavenging period. Default is 7 days I think, which is fine in most cases as long as its at least as long as the DHCP lease interval.

Next “Set Aging/Scavenging for All Zones…” check the Scavenge stale resource records, and I like to chose 3 days for No-Refresh intervals and 4 days for Refresh intervals. In the box that appears check the “Apply these settings to the existing Active Directory-integrated zones.



WMI! Without it almost every discovery and management tool is useless.


Microsoft Assessment and Planning toolkit (MAP Toolkit)

ADTD and Visio