Adding Windows proxies

Because the BMC Discovery appliance is installed on a UNIX machine, you need a Windows Proxy to be able to communicate with and discover Windows systems in your environment. BMC Discovery and the Windows Proxies communicate with each other using Transport Layer Security (TLS).

To avoid performance issues, you must create Windows Proxy pools on your appliance and then create Windows Proxies in the pool. You can add a Windows Proxy to an existing or a new pool. Unless firewalls or security policies prevent it, the easiest way to register a proxy is from the BMC Discovery Proxy Manager. For more information about how to register a Windows Proxy, see managing known appliances.

The following diagram illustrates the end-to-end flow for creating a Windows Proxy.

The following section includes topics of :

Before you begin

Before you create a Windows Proxy Pool and assign Windows Proxies to it, you must install the BMC Discovery Proxy Manager. For more information about installing the manager, see Installing BMC Discovery Proxy Manager.

To create a Windows Proxy Pool

  1. From the BMC Discovery menu bar, select Manage > Credentials.
    The Device Credentials tab is displayed by default.
  2. Click the Windows Proxies tab.
  3. From the top-right corner of the page, click Add.
    The Create Windows Proxy Pool page is displayed, as illustrated in the following screenshot.

  4. Specify the details for the new Windows Proxy Pool.
    For more information about these details, see Additional details for Windows proxy pool.
  5. Click Apply to save changes.

To add a Windows Proxy

  1. From the BMC Discovery menu bar, select Manage > Credentials.
    The Device Credentials tab is displayed by default.
  2. Click the Windows Proxies tab.
  3. In the Windows Proxy Pool for which you want to create a Windows Proxy, click Actions > Add Windows Proxy, as illustrated in the following screenshot.
    The Create Windows Proxy page is displayed for the type of proxy that you selected.

  4. Specify the details for the new Windows Proxy.
    For more information about these additional details, see Additional details for Windows proxy.
  5. Click Apply to save changes.

Additional details for creating Windows Proxy Pool

The following table lists the fields as displayed on the Windows Proxy Pool page in the UI.

ParameterDescription
NameThe name for the Windows Proxy Pool. Ensure that you specify a unique name in this field.
Matching Criteria

Select Match All to match all endpoints. Deselect it to enter values that will be used to determine if this credential is suitable for a particular endpoint. They can be one or more of the following, separated by commas:
• IPv4 address: for example 192.168.1.100.
• IPv4 range: for example 192.168.1.100-105, 192.168.1.100/24, or 192.168.1.*.
• IPv6 address: for example fda8:7554:2721:a8b3::3.
• IPv6 network prefix: for example fda8:7554:2721:a8b3::/64.

The following address types cannot be specified:

• IPv6 link local addresses (prefix fe80::/64)
• IPv6 multicast addresses (prefix ff00::/8)
• IPv4 multicast addresses (224.0.0.0 to 239.255.255.255)

 For information on Matching criteria, click here

As you enter text, the UI divides it into pills (discrete editable units), when you enter a space or a comma. According to the text entered, the pill is formatted to represent one of the previous types or presented as invalid.
 Invalid pills are labeled with a question mark. You can also paste a list of IP addresses or ranges into this field. If any pills are invalid, a message stating the number of invalid pills is displayed above the range field. Clicking the link applies a filter that shows only invalid pills, which you can then edit or delete. The filter can be removed by clicking clear in the Showing n of n label below the Range field. There is no paste option on the context-sensitive (right-click) menu.
Warning: Do not paste a comma-separated list of IP address information into the Range field in Firefox. Doing so can crash the browser. You can use a space-separated list with no problems.
• To edit a pill, click the pill body and edit the text.
• To delete a pill, click the X icon to the right of the pill, or click to edit and delete all of the text.
• To view the unformatted source text, click the source toggle switch. The source view is useful for copying to a text editor or spreadsheet. Click the source toggle switch again to see the formatted pill view.
Underneath the entry field is a filter box. Enter text in the filter box to only show matching pills. 

Pills are not supported in Opera.

Type

Proxy pools must contain either Credential or Active Directory proxies. You must select one of the following proxy types:

  • Windows Active Directory Proxies —Use for systems within your network domain.
  • Windows Credential Proxies (Credential Proxies) —Use for systems outside your network domain  
DomainsEnabled only for the Active Directory Proxy Pools. Specify the domain or a space-separated list of domains that the Windows Proxy Pool will discover.
DescriptionA free-text description of the Windows Proxy Pool.
 

Additional details for creating Windows Proxy

The following table lists the fields as displayed on the Windows Proxy page in the UI.

 

Field Name

Details

Proxy Pool

Select the Windows Proxy Pool from the list.

Proxy Name

Enter the name that the Windows Proxy will be referred to in the user interface. This name must be unique. The system validates this name to be unique.

Proxy Address

The address of the Windows Proxy, which can be specified as one of the following:

  • Hostname or FQDN
  • IPv4 or IPv6 address

Port

The port on which to communicate with the Windows Proxy. If you specified a port setting in the BMC Discovery Proxy Manager for the proxy that is other than the default option, make sure that you match that port setting in this field when adding a Windows Proxy.

  • For AD Windows Proxy, the default port number is 4321.
  • For Windows Credential Proxy, the default port number is 4323.

CA Certificate

The contents of the certificate that was generated automatically by the Windows Proxy Manager. To have the appliance automatically retrieve the certificate, leave this field as Not Set.

Enabled

To enable the Windows Proxy, select the check box.

Related topics

Was this page helpful? Yes No Submitting... Thank you

Comments