Question: I try to launch Enhanced System Discovery but nothing runs and none of the registry configuration is created.

Answer: Check a couple of things. 1.) Disable UAC if you are running on Vista, Windows 7 or Server 2008. 2.) Make sure you are running as an administrator. 3.) Make sure the smsrsgenctl.dll has successfully registered. To register it manually just run regsvr32.exe "c:\program files\enhanced system discovery\smsrsgenctl.dll"

Question: Playing with the Enhanced System Discovery tool. Awesome stuff in there and learning more about accessing LDAP. I'm having a problem though.
It looks like DDR's are being created but the following errors are showing up in the status page of Discovery Data Manager: The data file "C:\SMS\inboxes\ddm.box\ESD3610.DDR" that was submitted by the client whose SMS unique ID is "GUID:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", was rejected because the file was not signed and an authentication key was required.
It looks like there's a different GUID for each of the many entries and the field for the 'DaysSinceADActivity' in the properties window is blank in all the machines.
Could someone point me in the direction to resolving this?

Answer: Yeah... if you enable some additional security in your site it can break the DDR path in ESD.
Just change it to c:\sms\inboxes\auth\ddm.box and it works around that problem.

Question: Our trial copy has expired. What should we do?

Answer: I periodically update the expiration date, but you have a couple options. 1.) You may download a VHD containing ConfigMgrR2 on Server 2003 from http://www.microsoft.com/downloads/details.aspx?familyid=e0fadab7-0620-481d-a8b6-070001727c56&displaylang=en&tm. You may install Enhanced System Discovery 2007 and use this +#+9;78;29;5 as the license key in the registry. This license key makes ESD fully functional for the Microsoft provided VHD. 2.) If you have a lab domain you would like to test against, simply send me the netbiosdomain name and I will provide you with one license key for you to test against your lab domain.

Question: I receive an error "Table does not exist" in the Enhanced System Discovery log. What does this mean?

Answer: The "Table does not exist" ldap error simply means that the DC you are querying for computer objects does not contain computer objects for that domain. To correct this you must specify the server name of a DC that is for the domain. Here's an example:


Question: What are the ForcedADSiteName and SubnetMasks registry settings used for?

Answer: Forced AD Site Name should really only be used if you have a single AD site and haven’t populated IP subnets. Since ESD uses IP subnets to determine the correct AD Site to discover for the client in environments where this are not defined no site name would be discovered unless you used the Forced AD Site Name.

Subnet Masks – These should only be modified if you are using ‘SLP’ as the Subnet Resolution Method. For the most customers AD should be used as the Subnet Resolution Method, and AD is the same way the native AD System Discovery works. However some customers have super netted their AD Subnet information so it does not match what the actual client’s subnet information is. Sometimes AD administrators do this when they have a large location or campus with loads of subnets and they just want all the subnets to talk to AD Site, so they encompass them all in one class b for example. The end result is that with AD System Discovery or ESD using AD resolution the subnet discovered is the class b instead of the correct class c that the client is actually using. The best way to resolve this is to correct it in AD, but as a work-a-round you could use the SLP resolution method and define your client masks in the list. Then ESD will query the SLP instead of AD to determine the clients subnet. This is dependent on the clients subnet being correctly listed as a boundary in SMS/ConfigMgr.


Question: Do I need to remove “Active Directory System Discovery” method for discovering the computers?

Answer: You do not need to remove the AD System Discovery, but I would think that you would want to disable it. One of the benefits of ESD is that old computer records are no longer discovered because of ESD's filtering capability. If you kept AD System Discovery enabled, then it would on its schedule discover systems that were old as long as they resolved. If you don’t have a problem with old computer records and are using ESD primarily for faster group membership and collection updating then it does not hurt to run AD System Discovery periodically as well. AD System Discovery does have more load on your site server because it discovers ALL systems it deems active each time it runs. It does not have a delta discovery capability like ESD does.