Hypervisor Direct Network Scan

Incorrectly Recognized Hypervisor Type

Before starting the Direct Network Scan, Alloy Discovery performs the discovery operation to identify computers within the specified audit scope. Alloy Discovery supports multiple types of hypervisors and in most cases automatically identifies them during the discovery operation. However, there can be rare cases when the hypervisor type is defined incorrectly or remains undefined, which prevents a successful audit of the hypervisor and its association with hosted virtual machines. In such cases, you can check whether Alloy Discovery has identified the hypervisor type correctly as follows:

  1. Alloy Discovery locates the problematic hypervisor in its respective audit group and double-click this record. The Node Properties [Node Name] dialog box opens.
  2. Review the value displayed in the Hypervisor field. If you need to correct it, select the correct value from the drop-down list. The OS Type field would be corrected automatically to match the hypervisor type you have selected.

  3. If you have selected VMware ESX or VMware ESXi as hypervisor type, you can also modify the connection settings for these hypervisors in the ESX/ESXi Options tab.

    INFO: For details, see Specifying Connection Parameters for VMware ESX / ESXi Hypervisors.

  4. Click OK.
  5. After correcting the hypervisor type, audit the computer again.

Incorrect SSH Protocol Configuration for Linux-based Hypervisors

In order to perform the On-Demand Audit Direct Network Scan of hypervisors based on Linux (VMware ESX, Xen, Citrix XenServer), Alloy Discovery attempts to establish the connection with the server using the Secure Shell Protocol (SSH).

By default, Alloy Discovery accesses Linux-based hypervisors over the standard port (22). However, if the SSH server on your hypervisors listens on a non-standard TCP port, you can specify a different port number when configuring audit credentials.

INFO: For details, see Linux and Mac Audit Credentials and Auditing Individual Network Nodes.

Before performing an On-Demand Audit Direct Network Scan of a Linux-based hypervisor (other than VMware ESX or VMware ESXi), make sure that the hypervisor runs the SSH server. Otherwise, the On-Demand Audit Direct Network Scan will fail.

NOTE: When On-Demand Audit Direct Network Scan via SSH fails for a VMware ESX hypervisor, Alloy Discovery audits it using the WS-Management protocol. VMware ESXi hypervisors can be audited via WS-Management protocol only. For details, see Specifying Connection Parameters for VMware ESX / ESXi Hypervisors.

Windows Remote Management 2.0 Is Missing

The On-Demand Audit Direct Network Scan of computers running VMware ESXi hypervisors requires that the computer hosting the Inventory Server instance has Windows Remote Management (WinRM) 2.0 or later installed. This component is also required when hypervisors running VMware ESX have their SSH service turned off.

WinRM 2.0 component is included in Windows 7 and Windows Server 2008 R2. Starting with version 8, Windows includes WinRM 3.0. If the Inventory Server instance is installed on a computer running Windows XP Professional, Windows Vista, Windows Server 2003, Windows Server 2003 R2, or Windows Server 2008, install the Windows Management Framework Core package, which includes WinRM 2.0 and Windows PowerShell 2.0.

NOTE: If the Inventory Server instance is installed on a computer running Windows XP, the audit of a VMware ESXi 5.0 hypervisor may fail. For details, see VMware ESXi 5.0: No support for WinRM clients running on Windows XP or Windows Server 2003 (R2). To download an appropriate update from the Microsoft Download Center, see Microsoft Knowledge Base article KB968930 “Windows Management Framework Core package (Windows PowerShell 2.0 and WinRM2.0)” at http://support.microsoft.com/kb/KB968930.

VMware ESXi 5.0: No support for WinRM clients running on Windows XP or Windows Server 2003 (R2)

By default, a VMware ESXi 5.0 hypervisor does not support communications over WS-Management protocol with the Windows Remote Management (winrm) client running on Windows XP any longer, which may prevent auditing VMware ESXi 5.0 hypervisors. However, this issue can be solved by making a configuration change on the hypervisor.

INFO: For details on this issue and the officially offered workaround, see VMware CIM SMASH API 5.0 Release Notes: Known Issues and Workarounds - winrm on Windows XP not compatible with vSphere 5.0 WS-Man support http://www.vmware.com/support/developer/cim-sdk/5.0/cim_500_releasenotes.html.

INFO: Similar issues were found with WinRM clients running on Windows Server 2003 (R2).

Incorrect Connection Parameters for VMware ESX/ESXi Hypervisors

When SSH protocol is disabled on a VMware ESX hypervisor, Alloy Discovery attempts to establish connection using the WS-Management protocol over HTTP or HTTPS. The audit of VMware ESXi hypervisors cannot be performed via SSH and is always performed via WS-Management protocol.

Therefore, if the On-Demand Audit Direct Network Scan fails for a VMware ESXi hypervisor or a VMware ESX hypervisor with disabled SSH, check the WS-Management parameters.

INFO: For details, see Specifying Connection Parameters for VMware ESX / ESXi Hypervisors.

After correcting the connection parameters, audit the hypervisor again.

VMware ESXi 6.5: The WS-Management service is turned off

The Direct Network Scan of VMware ESXi 6.5 requires the WS-Management service running on an ESXi host. On a newly installed ESXi 6.5, this service is turned off by default.

Therefore, if the On-Demand Audit Direct Network Scan fails for a VMware ESXi 6.5 hypervisor, turn on the WS-Management service by entering esxcli system wbem set -e 1 on the command line and pressing Enter. After running the command, audit the hypervisor again.