This document provides information about the Domain discovery screen, which allows the configuration of domain-based devices and credentials.
Path to access
- On Segura®, in the navigation bar, hover over the Products menu, and select Discovery.
- In the side menu, select Management > Discovery.
- On the Discovery report screen, click the Add button.
- On the Choose the type of your discovery screen, click the Domain button.
Settings tab
This tab provides information about general configuration options.
| Item |
Type |
Required |
Description |
| Name* |
Text field |
Yes |
Defines the name that will identify this configuration. |
| Domain* |
Dropdown menu |
Yes |
Select the IP address or domain to be used. |
| DN Base* |
Text field |
Yes |
Defines the distinguished name that serves as the base for the search in the directory. |
| Enable* |
Radio button |
Yes |
Enables or disables the execution. |
Connection tab
This tab provides information about connection settings.
Access using credential from vault section
| Item |
Type |
Required |
Description |
| Access credential |
Dropdown menu |
No |
Select the credential for the process. |
| Network Connector |
Dropdown menu |
No |
Select the network connector to be used. |
| Configuration password (ex: enable) |
Text field |
No |
Defines the password used before performing authentication. |
| Force sudo use |
Toggle button |
No |
Enables or disables the use of sudo for elevated permissions. |
Access using pool of credentials section
| Item |
Type |
Required |
Description |
| Pool of credentials |
Text field |
No |
Search for the credentials in the list of included credentials. |
| Add/Remove selected |
Button |
No |
Add or remove the selected credentials. |
| Pool of credentials table |
Table |
No |
Displays the credential pools. The fields are: ID, Name, and Priority. |
Searches tab
This tab provides information about configuring which entities should be included in the process.
| Item |
Type |
Required |
Description |
| Search for credentials |
Checkbox |
No |
Defines credentials in the process. |
| Search for devices groups |
Checkbox |
No |
Defines device groups in the process. |
| Search for certificates |
Checkbox |
No |
Defines certificates in the process. |
| Find DevOps artifacts |
Checkbox |
No |
Defines DevOps artifacts in the process. |
| Monitor unauthorized access (1 hour intervals) |
Checkbox |
No |
Defines whether unauthorized access to credentials is monitored at 1-hour intervals. |
| Identify accounts in application pools (IIS) |
Checkbox |
No |
Defines credentials in IIS application pools. |
| Search FQDN in Windows devices |
Checkbox |
No |
Defines the Fully Qualified Domain Name (FQDN) of Windows devices. |
Search parameters tab
This tab provides information about the search parameters configuration.
| Item |
Type |
Required |
Description |
| Account form |
Dropdown menu |
No |
Select the account form used during the process. |
| DN of the credential filter (leave blank to use DN Base) |
Text field |
No |
Defines the distinguished name for credential filtering. |
| DN of the device filter (leave blank to use DN Base) |
Text field |
No |
Defines the distinguished name (DN) for device filtering. |
| Account name attribute* |
Text field |
Yes |
Defines the attribute used to identify the account name. |
| Hostname attribute |
Text field |
No |
Defines the attribute used to identify the hostname. |
| Account domain* |
Text field |
Yes |
Defines the domain name linked to the account. |
| Account domain (Short name) |
Text field |
No |
Defines the short version of the domain name linked to the account. |
| Use SSL? |
Toggle button |
No |
Enables or disables the use of SSL during the process. |
| Bind requires DN? |
Toggle button |
No |
Enables or disables the requirement of a distinguished name for binding. |
| Member is DN? |
Toggle button |
No |
Enables or disables the use of a distinguished name as the member reference. |
| DN Bind (leave blank to use DN Base) |
Text field |
No |
Defines the distinguished name used for bind authentication. |
Filters for search tab
This tab provides information about configuring filters to refine the process.
Credential search filters section
| Item |
Type |
Required |
Description |
| Add/Remove selected |
Button |
No |
Adds rows to the table. |
| Credential search filters table |
Table |
No |
Allows manual entry of the credential search filters. The field is Credential filter. |
Device search filters section
| Item |
Type |
Required |
Description |
| Add/Remove selected |
Button |
No |
Adds rows to the table. |
| Device search filters table |
Table |
No |
Allows manual entry of the device search filters. The field is Filter for device. |
Plugins for discovery section
| Item |
Type |
Required |
Description |
| Add/Remove selected |
Button |
No |
Adds rows to the table. |
| Plugins for discovery table |
Table |
No |
Allows manual entry of the plugins and ports to be used. The fields are Plugin and Port (separated by commas). |
Windows assets tab
This tab provides information about identifying assets related to Windows environments.
| Item |
Type |
Required |
Description |
| Managed service accounts |
Checkbox |
No |
Defines whether managed service accounts are included. |
| Accounts linked to Windows service accounts |
Checkbox |
No |
Defines whether accounts linked to Windows service accounts are included. |
| Scheduled tasks |
Checkbox |
No |
Defines whether scheduled tasks are included. |
| IIS application pools |
Checkbox |
No |
Defines whether IIS application pools are included. |
| SCOM Run As account |
Checkbox |
No |
Defines whether SCOM Run As accounts are included. |
| COM+ applications |
Checkbox |
No |
Defines whether COM+ applications are included. |
Active Directory tab
This tab provides information about configuring the search for Active Directory entities during the process.
| Item |
Type |
Required |
Description |
| Search user accounts |
Checkbox |
No |
Defines whether user accounts are included. |
| Search managed service accounts |
Checkbox |
No |
Defines whether managed service accounts are included. |
| Search credentials used as service account |
Checkbox |
No |
Defines whether credentials assigned as service accounts are included. |
| Search security groups |
Checkbox |
No |
Defines whether security groups are included. |
| Search domain controllers |
Checkbox |
No |
Defines whether domain controllers are included. |
| Search computers (devices) |
Checkbox |
No |
Defines whether devices are included. |
Execution tab
This tab provides information about scheduling the certificate execution.
| Item |
Type |
Required |
Description |
| Credential scan execution* |
Toggle button |
Yes |
Defines whether the scan should remain active after importing the certificates. |
| Days allowed for executions |
Toggle button |
No |
Define specific days for automation to run. The options are All days, Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, and Saturday. |
| Period allowed for execution |
Toggle button |
No |
Define specific periods for automation to run. The options are All periods, 08:00 AM - 12:00 PM, 12:00 PM - 4:00 PM, 4:00 PM - 8:00 PM, 8:00 PM - 12:00 AM, 12:00 AM - 04:00 AM, 04:00 AM - 08:00 AM. |
| Minimum interval between runs* |
Quantity input |
Yes |
Defines the minimum number of hours between each automation execution. It is recommended to set at least 8 hours between runs. |
Import tab
This tab provides information about configuring the import of devices and credentials.
Import section
| Item |
Type |
Required |
Description |
| Create unique glossary for this discovery |
Toggle button |
No |
Defines whether a unique glossary is created for the imported items. |
Device configuration section
| Item |
Type |
Required |
Description |
| Site |
Dropdown menu |
No |
Select the site associated with the imported devices. |
| Vendor |
Dropdown menu |
No |
Select the vendor associated with the imported devices. |
| Type |
Dropdown menu |
No |
Select the device type. |
| Product |
Dropdown menu |
No |
Select the product associated with the devices. |
| Tags |
Text field |
No |
Defines tags to categorize the imported devices. |
Credential configuration section
| Item |
Type |
Required |
Description |
| Type of privileged credential |
Dropdown menu |
No |
Select the type of privileged credential to associate. |
| Type of default credential |
Dropdown menu |
No |
Select the type of default credential to associate. |
Device import section
| Item |
Type |
Required |
Description |
| Enable automatic importation of devices and credentials? |
Toggle button |
Yes |
Enables or disables the automatic import of devices and credentials. |
Credential import section
| Item |
Type |
Required |
Description |
| Add/Remove selected |
Button |
No |
Adds rows to the table. |
| Username table |
Table |
No |
Allows manual entry of usernames. The field is Username. |
Review tab
Use the Review tab to check all the information entered in the previous tabs.