Broadcast Discovery

Audit Server can use UDP broadcast to automatically discover machines during a scan. The specific configuration of your network and your Windows domains will control how much of the network is actually visible using this method.

If enabled, Audit Server sends discovery broadcasts to the local network segment by default. However, you can add additional IP subnets to your scans. See the Broadcast Addresses section of the Advanced tab page to do this.

If the Add DTII machines discovered by broadcast checkbox is checked, Audit Server will add any new machines running Domain Time Server, Client, Windows Time Agent, or the domtimed daemon found on the network to the list of audited machines.

If the Add NTP Servers discovered by broadcast checkbox is checked, Audit Server will add any NTP servers that respond to the broadcast to the list of audited machines.

Domain Time II Machine List

This method is a reliable method for populating the Audit List, and it has the added advantage of adding machines that are not currently online. However, it cannot discover any Domain Time II components that are not synchronizing with a Domain Time II Server. Those machines must be discovered using Broadcasts or entered manually.

Notes:


• Machine lists can only be retrieved from Domain Time II Servers version 3.1 and later.
  
• The Audit Server service must be set to run using an account that has administrator rights to each Domain Time II Server to be contacted, and has been granted the Log on as a service right. By default, the Audit Server runs in the System context, which does not have rights to remote machines. Use Control Panel-->Services-->Log On to change the Audit Server service to use a domain account.

If the Add machines discovered by Domain Time II Server checkbox is checked, Audit Server will contact each of the servers specified on the Server Machines dialog (click the Servers... button to bring up the dialog). Each machine that synchronized its time with the Domain Time II Server using Domain Time protocols will be auto-added to the Audit List.



Collection of the list of machines that synchronize with Domain Time II Server is enabled by default only on the Domain Time II Server on which Audit Server itself is installed. Other Domain Time II Servers will not keep a record of synchronizing machines until you enable data collection on them by entering them in the Server List. You will see a confirmation dialog when the server is successfully added to the list. Click Yes to turn on data collection.



Process discovery collection in a background thread. When this checkbox is checked, Audit Server will handle the process of collecting audit data from audited machines seperately from the process of importing newly-discovered machines into the Audit List. This will allow an audit run to complete, even if the import of new machines has not yet completed. When this checkbox is unchecked, an audit run will not complete until the discovery import is finished.

The discovery import process can take a long time if the Domain Time II Servers being used for automatic discovery have had a large number of synchronization events, since Audit Server must parse each event to determine whether or not it represents a new machine to be added. If this is the case, enabling background collection can dramatically speed up your audit runs.

The Trigger Now button allows you to manually start the background collection process without having to run an audit.

IP Range Restrictions
You can further control which machines are added to the Audit List by setting the range of IP addresses from which machines will be accepted. This is done either by permitting acceptable IP range(s), and/or by denying un-acceptable IP range(s). This is very useful if any of the Domain Time II Servers you are contacting are providing time to machines on subnets you do not want included in the Audit List.

 Proceed to the Alerts & Logs page

 Back to the Audit List page