Discovery and Sites—Where Does Secret Server Run Discovery Scans?

Like many operations in Secret Server, you can configure discovery to run locally on IIS machines running Secret Server using website processing or by running through a distributed engine. Distributed engines are agents that you can deploy to remotely process work. They are useful for scenarios where performance is an issue or the work must take place in a remote network where the ports required by discovery are not available. You can configure discovery to use a single site location per discovery source or on a per-OU basis for AD.

• A site refers to a collection of Distributed Engines. Secret Server interacts with the site, allowing any available Distributed Engine within the pool to execute tasks as needed.

• A site also denotes the network of queues utilized by a pool of Distributed Engines to facilitate communication with Secret Server. This setup ensures efficient task distribution and management across the engines.