Microsoft Endpoint Configuration Manager (MECM)
  • 25 Mar 2024
  • 6 Minutes to read
  • Dark
    Light
  • PDF

Microsoft Endpoint Configuration Manager (MECM)

  • Dark
    Light
  • PDF

Article Summary

Microsoft Endpoint Configuration Manager (MECM) (formerly SCCM), is a systems management software product for managing large groups of computers running Windows NT, Windows Embedded, macOS (OS X), Linux or UNIX, as well as Windows Phone, Symbian, iOS and Android mobile operating systems.

Use cases the adapter solves

MECM is a powerful endpoint management solution that provides a robust inventory of our managed devices in Axonius. Even more importantly, by combining MECM with network/infrastructure data coming from additional adapters, we can identify unmanaged or even rogue devices on the network.

Data retrieved by MECM

Axonius collects common device information such as the hostname, IPs, MAC address, and serial number. The adapter connects directly to the MECM MSSQL database to pull additional device information such as installed software, patches, and collection data.

Enforcements
Axonius can add assets to MECM collections directly in the Enforcement Center.
Related enforcement actions: Microsoft System Center Configuration Manager (SCCM) - Add or Remove Assets to Collection.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices

Parameters

  1. MECM/MSSQL Server (required) - The DNS / IP Address of the Microsoft SQL Server your MECM instance is using.
    • To use a specific named instance, the value supplied should be in the following format: {server_host}\{instance_name}.
    • If no instance is supplied, the default instance will be used.
  2. Port (optional, default: 1433) - The port used for the connection.
  3. Database (required) - The name of the database inside the SQL Server (Usually starts with "CM_").
  4. User Name (required) - A user name with read-only permissions .
    Important Notes:
  5. Password (required) - The user's password. The password must not include ";".
  6. Use SSL - Select whether to use SSL.
  7. Do not fetch devices without 'Last Seen' - Select whether to fetch devices without a Last Seen date.
    • If enabled, this adapter connection will not fetch devices if they do not have a Last Seen indication.
    • If disabled, this adapter conenction will fetch devices even if they do not have a Last Seen indication.
  8. Only include Devices where Client Installed is True - Select whether to only include devices when the ClientInstalled option in MECM is 'True'.
    • If enabled, this adapter connection will only fetch devices if they have a ClientInstalled indication.
    • If disabled, this adapter connection will fetch devices even if they do not have a ClientInstalled indication.
  9. Read Only Connection - Select this option to pass down the parameter “APPLICATIONINTENT=READONLY" to the underlying driver, preventing the connection from modifying any data on the database.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

MECM


Advanced Settings

Note:

Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.


  1. Exclude IPv6 addresses - Select whether to fetch IPv6 addresses. If cleared, the connections for this adapter will fetch both IPv4 and IPv6 addresses.

  2. Device id chunk size - Set the device batch size (Number of devices) that is processed.

  3. SQL page size (required, default: 1000) - Set the SQL page size that sent as part of the SQL connection.

  4. Machine domain Include list (optional) - Specify a comma-separated list of SCCM domains. If empty, the connections for this adapter will collect devices from any domain.

  5. Fetch v_GS_ADD_REMOVE_PROGRAMS software legacy table - Select whether to fetch installed software information from v_GS_ADD_REMOVE_PROGRAMS software legacy table.

  6. Fetch files path table (required, default: true) - Select whether to fetch installed software path from the files path table. If cleared, the fetch process for this adapter will be faster.

  7. Find software independent files in the system (matching Regex) - Enter a regex expression to search for and fetch files in the device’s software table that usually would not be retrieved because they are ‘independent’ (i.e. executables or other script files not related to any specific software). The data fetched here is displayed in the ‘Software Independent Files’ field. You can only use this option if you enabled ‘Fetch files path table’.

  8. Fetch v_GS_INSTALLED_SOFTWARE table (required, default: true) - Select whether to fetch installed software from the v_GS_INSTALLED_SOFTWARE table. If cleared, the fetch process for this adapter will be faster.

  9. Fetch DEVICE_INSTALLEDAPPLICATIONS_DATA table - Select whether to fetch installed software from the DEVICE_INSTALLEDAPPLICATIONS_DATA table.

  10. Fetch INSTALLED_EXECUTABLE_DATA table - Select whether to fetch installed software from the INSTALLED_EXECUTABLE_DATA table.

  11. Fetch vSMS_SUMDeploymentStatusPerAsset table (default: false) - Select this option to fetch data from the 'vSMS_SUMDeploymentStatusPerAsset' table for each asset.

  12. Parse all compliance status history per device (required, default: true) - Select whether to parse historical compliance status information to the Current Compliance Status field.

  13. Parse the latest compliance status per device (required, default: true) - Select whether to parse the latest compliance status information to the Current Compliance field.

  14. Fetch "Not Applicable" software update compliance status - Select whether to fetch "Not Applicable" software update compliance statuses, in addition to "Already Installed/Compliant" and "Required/Missing" statuses.

  15. Fetch services information (required, default: true) - Select whether to fetch services information for each device. If cleared, the fetch process for this adapter will be faster.

  16. Fetch v_GS_SOFTWAREPRODUCT software table (required, default: true) - Select whether to fetch executable files from the v_GS_SOFTWAREPRODUCT table. If cleared, the fetch process for this adapter will be faster.

  17. Fetch EP_AntimalwareHealthStatus Windows Defender AV definition table (optional) - Select whether to fetch Windows Defender Health Status from the EP_AntimalwareHealthStatus.

  18. Fetch devices from the following additional tables (optional) - Enter a comma- separated list of SQL tables from which additional device information is fetched. If parameter is empty, no additional device information will be fetched for this connection.

    • To be considered a valid table, it should have:
      • a column called "ResourceID" or "MachineID" as the device identifier
      • less than 40 columns
      • be in the default database (same that has v_GS_COMPUTER_SYSTEM, v_GS_INSTALLED_SOFTWARE, table as e.g.)
    • This feature will fetch all the lines in the table that are associated with devices and add them as a field with the name “Table: {table_name}” on device-specific information.
  19. Fetch online data table (required, default: true) - Select whether to fetch fields from the v_CollectionMemberClientBaselineStatus SCCM table. When you select this parameter, Axonius fetches online data from the following fields: CNIsOnline, CNLastOnlineTime, CNLastOfflineTime, CNIsOnInternet, CNAccessMP

  20. MSSQL Connection Timeout (required, default: 30) - Specify the number of minutes that elapse before the MSSQL connection times out.

  21. Populate Installed Software: Last Used On for software used within the past number of days, greater than 0. (optional, default: 90) -

    • When the number entered is greater than 0, the SCCM adapter will fetch results from the Installed Software: Last Used On field in SCCM if the installed software was used within the specified number of days.
    • If the field value is zero or empty, Installed Software: Last Used On information won’t be retrieved and the SCCM adapter will have a faster fetch.
  22. Custom Admin Data Table Name (optional) - Enter a table name with the following columns: ResourceID, User0, Domain0, SID0, Category0, Type0, Enabled0, name0, Timestamp

    • The table must be in the same database as defined in the adapter connection.
    • This configuration should only be set if the customer is missing Local Admin Data in their SCCM device records.
  23. Fetch licenses (default false)- Select this option to fetch SCCM licenses.

Note:

For details on general advanced settings under the Adapter Configuration tab, see Adapter Advanced Settings.

Required Ports

Axonius must be able to communicate with the MSSQL Server via one of the following ports:

  • Microsoft SQL Server discovery port - 1433 (default for non SA users) 1434 (default for SA - SuperAdmin - users).
  • The specific port for the supplied named instance, if relevant.
  • Note that the port appended into the adapter configuration needs to match the global listening port of the SCCM database.
Note:

The ports listed above are the standard default SCCM ports. However, these ports might be different if SCCM is deployed and configured with custom ports specified by the customer.


Troubleshooting

  • "Login failed" - If you are using a domain user, in the User Name field, specify the domain and the user name in the following format: domain\username.



Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.