Secret Server can automatically find local accounts on your network and map these to saved Secrets OR it can allow you to import local accounts from your network directly into Secret Server. This is done by querying your network to find machines and local accounts.
** DISCOVERY is READ-ONLY - nothing is ever changed in your Active Directory **
Here are the steps:
- Secret Server queries the AD domain to get a list of all OUs.
- Secret Server queries the AD domain to get a list of all machines that are joined to that domain.
- Secret Server then checks each computer using WMI to find all local accounts on that machine.
- All of this data is stored at each step in Secret Server's database. This data is then used in the "Discovery Network View" to show the machines on the domain and the accounts on each machine.
Related article:
http://support.thycotic.com/KB/a163/ports-required-for-discovery.aspx
Article ID: 212, Created On: 12/12/2011, Modified: 12/12/2011