Loading
search-img

Active Directory

Skip Feed

  1. MeierAndre asked a question.

    August 9, 2023 at 8:35 AM
    Do you use multiple AD within your organization?

    Hi SNOW community,

     

    we have an on-prem installation with multiple domains (which have a trust). We did a migration to the latest infrastructure and therefor updated all SNOW components. Within this migration we moved from the integrated AD discovery in SNOW inventory and setup the SNOW Inventory AD discovery. Now we were facing some issues as only one domain will be covered and we would like to identify if the issues we were facing already known from other companies. Do you have multiple domains in place and use an integration to SNOW? How have you setup the connection and which challenges have you identified?

     

    Best regards

     

    André

    Expand Post
    • 3 answers
    • 154 views
    1 of 3

    • Nathan Green (Flexera Software)

      Hey Andre,

       

      No worries; always happy to help. I have configured multiple domains for many customers in the past (I'm a snr. tech consultant at Snow based in Australia). I often use LDAPS tools to verify that the Snow Inventory server can 'see' the domain & query successfully. (You can test both LDAPS & LDAP) - if the service account you are using can't query it using the utility it will be network/configuration at the AD layer. Maybe worth trying & validating you can fetch the information using Microsoft LDP tool. (https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/cc771022(v=ws.11) - It works on newer servers too. If you are able to query computer objects then I assume it may be permissions to the User CN.

       

      You can also see the AD logging in the C:\ProgramData\SnowSoftware\Inventory\Server which may also give you some insights; such as authentication issues to the CN for example. Remember if the Inventory Server is a member of the domain to be scanned it should be entered such as LDAP://DC=MyDomain,DC=com but if the Inventory Server is not a member of the domain to scanned: LDAP://DC001.MyDomain.com.

       

      Hope this helps you out; if not our Snow Support Team in your timezone may be able to jump on a call & help out further.

      Expand Post

  2. JoannaJankowska asked a question.

    April 5, 2023 at 9:13 PM
    Are there any restrictions on scanning devices with Active Directory module?

    Hi everyone,

     

    Does anyone know if there are any restrictions on Active Directory scanning? We have machines that are in the domain, but are powered off and are not detected as devices discovered but not inventoried. 

    I wonder if turning off the machine can cause the system not to detect it. Or is there something wrong after all.

    Expand Post
    Question with a best answer.

    Best Answer

    Hi Joanna,

     

    the active directory connector will only bring in computer from AD that have been active (authenticated on the domain) in the last 60 days (default). so if a computer is switched off then there is a good chance it will not be in the AD list.

    Jelle Wijndelts by Jelle Wijndelts (Flexera Software)
    • 1 answer
    • 129 views

    • Jelle Wijndelts (Flexera Software)

      Hi Joanna,

       

      the active directory connector will only bring in computer from AD that have been active (authenticated on the domain) in the last 60 days (default). so if a computer is switched off then there is a good chance it will not be in the AD list.

      Selected as Best

  3. 1 of 2

    • Portal User

      Hi Axel, thanks for quick answer! Could be a entry for the "ideas board": the "possibilty to assign the user to a SNOW Org level based on AD OUs. ;-) kr mathias

  4. Joe665 asked a question.

    September 19, 2020 at 8:01 PM
    Why the AD User Discovery do not pull the email adresses to snow ?

    Anyone have the same problem ? i have a working LDAP string in my config but he gets no email adress from the AD .

    Question with a best answer.

    Best Answer

    You can manually update the email field on the users tab but this is not dynamic.

     

    If you AD discovery feed is working you shouldn’t need too update it.

    Is your inventory server service running as local system or an AD account?

    as normally if you only have a master server you don’t need to alter LDAP strings it’ll assume to look in the AD that your server resides in.

    Expand Post
    Joe Powell - ITSX by Joe Powell - ITSX
    • 5 answers
    • 144 views
    1 of 5

    • Joe665

      i look in the Information Tab directly in the properties of the user. If i insert the email manually it works with the linking to the o365 tenant.

       

    • Geoffrey Macquet (Flexera Software)

      Hi ‌, I fear that we are not able to do so out of the box. However, i'm pretty sure that we might get a solution through professional services. Please contact your partner manager to discuss such a custom solution which fits to your environment. Best Regards Geoffrey Macquet   Customer Success Manager EMEA

  6. Shahbaz Khan asked a question.

    July 11, 2019 at 7:00 AM
    Active Directory Discovery

    Hi All ,

    We have Active Directory Discovery in our environment and all the Assets are getting discovered from all the OU.

    But we have servers and clusters  in the OU named *servers* (cluster being logical entity only i.e just the name of clusters  eg : CLUxxyyzz).

    So ,we are getting these Clusters in the list of devices not getting inventoried. (Since we cannot install agent on the cluster name ).

    Is their any way to  remove or restrict snow to recognize cluster names as a asset  ?

    or can Snow tag the cluster name to their respective nodes ?

    Regards // Shahbaz

    Expand Post
    • 6 answers
    • 124 views
    1 of 6

    • Marcin

      Hi all,

      Did anyone got it sorted by any chance? I'm quite new and looking at the same issue where cluster names apearing in the discovered assets not inventoried.

      Thanks.

  7. q155344 asked a question.

    May 31, 2019 at 7:00 AM
    Exclusion Groups

    Does snow have the capability to included Exclusion clauses or groups? For example lets say I have a group of devices that I know will be offline for 100 days because they are on a leave of absence. Can I have snow ignore these devices so that they will not be moved to inactive and the licenses wont be harvested? I am unsure of the SNOW API capabilities but maybe I could write some scripts that will link snow with our active directory. 

    • 3 answers
    • 134 views
    1 of 3

    • Community Manager (Flexera Software)

      Hi,  Another option is to edit a computer and check the disable automatic quarantine management.  Hope this helps

  8. SamuelBaughan asked a question.

    November 16, 2018 at 8:00 AM
    Active Directory Discovery: Missing computers
    Dear Snow Experts, I'm looking for some basic AD information in Snow. I see there is a table called: [SnowInventory].[inv].DiscoveryActiveDirectory But it does not contain everything we have in our AD. Some Computer accounts that have been recently changed are still not in this table (the WhenChanged property is more recent than the AD period configured in the SMACC), as a result, some 400 computers are missing The AD Discovery seems to be running properly, the table receives updates and th elog is clean. Am I looking at the wrong table?
    • 2 answers
    • 126 views

    • Detlev Eufinger (Flexera Software)

      Hi Samuel   The AD dis for computer is intended to determine if you have inventoried all computer objects in the AD. Only a few attributes are read out for this. All computer objects that have been authenticated in the last 60 days are read out. This value can be configured in the SMACC. In the SLM Web, you can see the result through the not inventoried computers report.

End of Feed
8 Chatter Feed Items
ALL CONVERSATIONS
UNSOLVED
ARTICLES
13 Posts
+1.800.374.4353
CONTACT SALES SUPPORT HUB FLEXERA REVENERA
© 2026 Flexera. All rights reserved.
Privacy policy Terms and conditions Revenera Community Help
Loading
Active Directory | Flexera