Skip to main content

Hello, we typically have multiple new SDA switches created on regular basis. They have IP address and a hostname when provisioned but will not be added to a DNS server yet. Admins need access to these devices for configuration before they are available in DNS.  What is the best way to add these devices.

For existing switches which are in DNS , we add the hostname to Address Group and run IP Scan. The same address group is referenced in Managed Account smart rule. 

Q1. Add IP address to Address Group via API and trigger a scan . I think this will only add the system = IP address.
Q2. when the Address Group is scanned next , PS will know the hostname of it but will it update the same managed system with system = hostname (and IP = IP) ? or it will create two separate managed systems/assets.
Even if the system name gets updated with hostname , the managed account smart rule will not apply as it references the Address Group which does not have hostname of the system but only IP address. 
Q3. So should the API call add both hostname and IP  to Address Group , trigger scan that will find only IP as hostname is not resolved. Later when the scan runs again and DNS entry is added, it will either update existing system or create new system . Based on answer to Q2 I might end up with duplicate systems but the smart rule will work?  We need to scan these assets are we plan to scan these for further discovery at later stage. If we create managed system directly via API call we may not be able to scan it without creating duplicates
 

Hey ​@bt101, there are always some gotchas so no matter what - test on a few devices to validate the behaviour before implementing smart rules/full-scale automation. 

  1. If it logs into the device successfully, it’ll grab the device name so it’ll come up with the configurations at that time. As long as they have set the device settings at that point then it should show up with the hostname on the system. 
  2. if you already have the known hostname expected, you can API add the asset with attribute “to-onboard” (or something useful) and, providing both IP and hostname are allowed for scanning then it could do that. Have a rule to remove the attribute once it’s onboarded. 

 

Since Address Groups can only add, and not remove items, and you’re looking at API options; one option would be to sort assets via attribute tags and work with smart rules + groups that way. 

Badge Earners

  • BCIE: Remote Support
    Pichayethas earned the badge BCIE: Remote Support
  • BCSE: Password Safe
    Kaenniehas earned the badge BCSE: Password Safe
  • 25 Courses Completed
    Daron Garrisonhas earned the badge 25 Courses Completed
  • BCSE: Privileged Remote Access
    AliBhas earned the badge BCSE: Privileged Remote Access
  • BCSE: Privileged Remote Access
    Krista Neunerhas earned the badge BCSE: Privileged Remote Access
Show all badges
Terms & ConditionsCookie settingsAccessibility statement