Configuring Client Discovery

Updated: January 1, 2011

Applies To: Forefront Endpoint Protection

In order to monitor and manage clients, they must first be identified. The discovery process in Operations Manager is the process by which clients are identified. When a discovery is performed, an LDAP query is generated and sent to the nearest Active Directory Directory Services domain controller. Once the query is processed, a list of systems that match the specified parameters is returned.

By default, the FEP Security Management Pack is configured to discover endpoints that are running server operating systems. If you want to monitor endpoints that are running client operating systems, you must perform the following procedure.

To configure Discovery for endpoints running client operating systems

  1. In Operations Manager console, navigate to the Authoring view. In the Authoring tree, expand Management Pack Objects, and then click Object Discoveries.

  2. On the Operations Manager toolbar, click Scope. In the Look for: search box, enter the following parameter, and then click Find Now:
    Protected Candidate Recovery

  3. In the results pane, right-click Protected Client Candidate Discovery, and then click Overrides, Override the Object Discovery, For all objects of class: Windows Client.

  4. In the Override Properties dialog box, in the Override-controlled parameters table, set the following values:

    • In the Enabled parameter row, in the Override column, select the check box.

    • In the Enabled parameter row, in the Override Value column, select True from the drop-down list box.

  5. Click OK to close the dialog box.

For more information about object discovery, see Object Discoveries in Operation Manager 2007 (
For more information about FEP Security Management Pack discovery, see About Discovery.