How does it work?

Network Inventory allows you to specify credentials both for groups of Machines and for individual Machines. Credentials can be provided with or without explicit specification of the domain. The domain may be specified by using the User Principle Name or Down-Level Logon Name.

User Principal Name

The User Principal Name (UPN) format is used to specify an Internet-style name, such as UserName@Example.Emco.local. The following table summarizes the UPN components.

A UPN can be defined implicitly or explicitly. An implicit UPN has the following form: UserName@FQDN. An implicit UPN is always associated with the user's account, even if an explicit UPN is not defined. An explicit UPN has the form Name@Suffix, where both the name and suffix strings are explicitly defined by the administrator.

Down-Level Logon Name

The down-level logon name format is used to specify a domain and a user account in that domain, for example, DOMAIN\UserName. The following table summarizes the components of a down-level logon name.

Beside an explicit domain specification, you can use an implicit one by providing the Down-Level Logon Name with the '.' character instead of the domain part (.\UserName). In such case, the '.' character is replaced by the NetBIOS name of the Machine to connect to.

If the user name is provided without an explicit or implicit domain specification, the application generates one of the user name formats described above using the following rules:

• If credentials are specified on the Machine node, the following Down-Level Logon Name is generated for connection: MACHINE\UserName, where 'MACHINE' is the NetBIOS name of the Machine the application is connecting to and 'UserName' is the specified user name.
• If credentials are specified on the Network or Group node, than the group the Machine is located in is used to form the user name used for connection. If the group is an Active Directory domain, then the following UPN name is formed: UserName@FQDN, where 'UserName' is the specified user name and 'FQDN' is a fully qualified name of the domain the Machine is located in. In case the group is not an Active Directory domain, the following Down-Level Logon Name is generated for connection: DOMAIN\UserName, where 'DOMAIN' is the NetBIOS name of the group the Machine is located in and 'UserName' is the specified user name.

Examples for Alternate Credentials specification

Specifying Alternate Credentials for complex network environments may not be a trivial task, and this chapter is written to show you some examples that can help you with this task. Let’s assume we have the following network structure:

Consider the following methods of setting the alternate credentials:

1. The Alternate Credentials are not set for any item. Retrieving data from the network will take place using the current user credentials.

Example

2. The Alternate Credentials are set for the Network item. Retrieving data from the network will take place using the credentials set for the Network.

Example

3. Two different Alternate Credentials are set for the EMCO and DEV groups. Retrieving data from the DEV group Machines will take place using the credentials set for the DEV group, data from the EMCO group Machines will be retrieved using the credentials set for the EMCO group.

Example

4. The Alternate Credentials are set for the Dev-PDC Machine. The current user credentials will be used for retrieving data for all the Machines in the network except for those from Dev-PDC, for which the respective preset credentials will be used.

Example

5. Three different Alternate Credentials are set for the Network, the DEV group and the Dev-PDC Machine. Retrieving data from the Emco group computers will take place using the credentials set for the Network, the DEV group will use the credentials specified for the DEV group and for Dev-PDC the credentials set for Dev-PDC will be used.

Example