Configuring for discovery of Windows systems

For discovery of Windows computer systems, TADDM supports both gateway-based discovery and SSH-based discovery, as well as asynchronous and script-based discovery.

For details about asynchronous discovery, see Configuring for asynchronous discovery. For details about script-based discovery, see Configuring for script-based discovery.

Gateway-based discovery requires a dedicated Windows computer system, which is accessible through SSH, to serve as the gateway. All discovery requests go through the gateway. The gateway uses Windows Management Instrumentation (WMI) to discover the target Windows computer systems.

Fix Pack 2 If you use TADDM 7.3.0.2, or later, instead of WMI, you can also use PowerShell session to discover the target Windows computer systems. You can configure TADDM to allow communication via the PowerShell session only. For details, see Configuring for discovery through a firewall without an anchor.

SSH-based discovery does not require a dedicated gateway computer system. Instead, discovery uses a direct SSH connection to the target Windows computer system.

Typically, gateway-based discovery is preferred over SSH-based discovery because configuring the gateway and WMI, or PowerShell, are easier than configuring SSH. WMI is available by default on all Windows target systems that are supported by TADDM. PowerShell is supported only for targets that run Windows Server 2008, and later. You must have PowerShell version 2, or later, installed on the gateway and the target systems. Other than the gateway computer, which requires an SSH server, no special software requirements exist for the Windows targets. However, discovery using SSH can be faster because a gateway is not involved in the discovery flow, and no WMI Provider is deployed.

Doing a direct discovery requires an SSH server on each Windows target system. In addition, for direct discovery using SSH, you must install the Microsoft .NET Framework version 2, or 3 on each Windows target system. .NET Framework is not installed by default on Windows Server 2000.
Fix Pack 2Note: If you use TADDM 7.3.0.2, or later, you can also install .NET Framework versions 4, or 4.5.

For both types of discovery, the TADDM Windows discovery program, TaddmTool.exe file, is used to perform the discovery. For discovery using a gateway, the TaddmTool program is deployed to the gateway during discovery initialization. For discovery using SSH, the TaddmTool program is deployed to each Windows target computer system. The TaddmTool program is a .NET application.

By default, TADDM is configured to use only gateway-based discovery. This configuration is controlled by the following two TADDM server properties, which are described in the TADDM Sensor Reference for the Windows computer system sensor:
  • com.collation.AllowPrivateGateways=true
  • com.collation.PreferWindowsSshOverGateway=false

By default, TADDM is configured to use the WMI session. To learn when to use the PowerShell session and how to enable it, see PowerShell session.

Whether you use a Windows gateway with WMI or directly connect with SSH, the information that is retrieved is identical. The following list identifies the prerequisites for gateway-based and SSH-based discovery:
Prerequisites for gateway-based discovery with WMI
  1. A dedicated Windows Server computer system is required to serve as the gateway. Operating system requirements for gateway servers are the same as Windows operating system requirements for TADDM servers. For details about supported Windows operating systems, see TADDM server software requirements.
  2. The gateway must be in the same firewall zone as the Windows computers to be discovered.
  3. You must install a supported version of an SSH server on the gateway computer system.
  4. The gateway uses remote WMI to discover each Windows target. In addition, a WMI Provider is automatically deployed to each Windows target computer system during the discovery initialization. The WMI Provider is used to discover data not included in the core WMI. Enable WMI on the Windows target computer system to be discovered. By default, on most Windows 2000 and later systems, WMI is enabled.
Fix Pack 2 Prerequisites for gateway-based discovery with PowerShell
  1. A dedicated Windows Server computer system is required to serve as the gateway. Operating system requirements for gateway servers are the same as Windows operating system requirements for TADDM servers. For details about supported Windows operating systems, see TADDM server software requirements.
  2. You must install PowerShell version 2, or later, on the gateway and the target systems. Only targets that run Windows Server 2008, or later, are supported.
  3. You must configure the gateway by running the following command:
    Set-Item WSMan:\localhost\Client\TrustedHosts * -Force
    This command sets the trustedHosts list. By default, the list exists but it is empty, so it must be set before the remote session is opened. With the -Force parameter, PowerShell executes the command without prompting you for each step.
  4. You must configure the target systems by running the following command:
    Enable-PSRemoting -Force
    This command starts the WinRM service, sets it to start automatically with your system, and creates a firewall rule to allow the incoming connections. With the -Force parameter, PowerShell executes these actions without prompting you for each step.
Prerequisites for SSH-based discovery
  1. You must install a supported version of an SSH server on each Windows target system.
  2. You must install the Microsoft .NET Framework version 2, or 3 on each Windows Server target system.
    Fix Pack 2Note: If you use TADDM 7.3.0.2, or later, you can also install .NET Framework versions 4, or 4.5.