do we have any documentation or step by step to do account discovery with windows target server. we are using windows remote application. since yesterday, there is no result or account found.
Hello, when you say "since yesterday”, does that mean that it used to work but is no longer working, or that you have been trying to get it to work since yesterday, but it's still not working? The documentation we have is on page https://docops.ca.com/ca-privileged-access-manager/3-2/EN/implementing/configure-credential-manager-targets/account-discovery . If you followed all instructions there but no accounts are discovered, please open a support case so that we can investigate in detail.
Windows remote is using wmi to discover accounts remotely. The problem may be there. You can do a very simple test connecting from a windows machine to the remote system using wmi and getting the list of users. So assume you want to use local accountA in machineA to manage the local users there. To see if it is able to discover them you can try, from a Windows machine
wmic --> it will start the wmi client interface, wmic
wmic>/node:"machineA" /user:accountA useraccount get name
This should return the list of users that may be retrieved by using wmi. You can try it first with a working system to see if it returns the correct information, then with the problematic system. If it does not work, then there is something with the permissions of accountA that does not work right
i still got error Description = User credentials cannot be used for local connections
any idea ?
I believe that message means you tried this remote command on the localhost itself. Try entering the IP or FQDN of the host you want but from a remote machine... Windows understands you are trying to connect remotely to itself.