Figuring out what server does what

[triplebless]

So am new to an environment and was told to figure out what each server does, There is a lot. Over 250 between the 7 locations. 99 percent are Windows platform. I can find DCs, DHCP, and DNS.

Trying to use nmap to find ports on intense scans but it keeps crapping out. Regular scans are not showing ports I know are open on a server. Also looking at naming convention to help.

Does anyone have any other suggestions/tools on how to figure out what each server does?

 

[Slaters Kustum Machines]

Virtual or physical? I like this tool for network scanning https://www.komodolabs.com/ip-scanner/ It doesn't tell you what service are running, but it gives you a list of nodes and OS. Short of logging into each machine and taking a look, I'm not sure how to go about this.

 

[triplebless]

The majority are virtual. I would begin with those. Thanks for the suggestion.

 

[HCHTech]

So am new to an environment and was told to figure out what each server does, There is a lot. Over 250 between the 7 locations.

Wow, is this a test of some sort? If not, in what possible universe would an environment that large not have documentation or someone (or an entire team) with historical knowledge? This sounds more like a hazing ritual than a job request.

 

[SAFCasper]

Just have to start by asking what on earth happened for a company to reach 7 locations and 250+ servers without a single scrap of documentation?

For a quick and dirty solution you could probably leverage PowerShell and the Get-WindowsFeature command. Something like below would pull all the installed roles/features and dump them into a csv file for each server.

Major drawback - you need an account with admin credentials on every server. You also need powershell remoting enable on the servers, which isn't configured as standard for 2008R2.

It also won't list any third-party software. Only Windows roles/features. It really is just a quick & dirty overview.

import-module servermanager

# path to csv file containing server names.
$inputFile = "FILEPATH"

# path to output folder. Include trailing \
$outputFolder = "FOLDERPATH"

$ServerNames = Import-Csv $inputFile

foreach ($name in $ServerNames.hostname) {
Get-WindowsFeature -ComputerName $name | Where-Object {$_. installstate -eq "installed"} | Format-List DisplayName,InstallState | Export-Csv -Path $outputFile -append
}

The long-term solution = Stock up on coffee then manually log into each server and get documenting.

It might be boring and it might take several days or even weeks, but it's necessary if you every wish to support this setup successfully.

 

[GreyWolf]

@HCHTech Must of been one of my setups . Documents what documents no papers = job security. But ya places with no documentation are a nightmare.

 

[nerd2u]

Have you tried asking around / looking around for documentation?

If it's only 7 sites with 250 plus servers someone somewhere must have a slight clue as to what they all do.

They can't all be domain controllers email servers and the such.

Sent from my SM-G870W using Tapatalk

 

[HCHTech]

They can't all be domain controllers email servers and the such.

That was my second question - 'what on earth are they doing that they need 250 servers?'

 

[Slaters Kustum Machines]

That was my second question - 'what on earth are they doing that they need 250 servers?'

Sounds like a case of VM sprawl. It's so easy to spin up a new VM for every little thing then some get left behind and forgotten about and more are created for testing, etc.

 

[SAFCasper]

That was my second question - 'what on earth are they doing that they need 250 servers?'

My guess is some ungodly attempt at VDI.

 

[HCHTech]

Sounds like a case of VM sprawl. It's so easy to spin up a new VM for every little thing then some get left behind and forgotten about and more are created for testing, etc.

Yeah, but who has 250 licenses for a server OS just lying around......or somehow purchases that many without somebody in accounting wondering why IT is so far over-budget?

 

[Slaters Kustum Machines]

Yeah, but who has 250 licenses for a server OS just lying around......or somehow purchases that many without somebody in accounting wondering why IT is so far over-budget?

Maybe they have a datacenter license, there are a lot of unknowns here so it's hard to say. Maybe they aren't all licensed if they were used for testing.

 

[nerd2u]

I've seen departments in large firms purchase tons of crap accounting to hundreds of thousands of dollars without anyone from accounting ever asking a question.

Why not just power them down and see who complains lol

Sent from my SM-G870W using Tapatalk

 

[HCHTech]

Why not just power them down and see who complains lol

Actually not a half-bad idea. Turn it off and wait for the phone to ring. "Oh - great - thanks for reporting it - hang on a minute while I look [restart VM].....try it now, does it work?" You're the hero for the quick fix, and you find out what that machine was doing! Win Win.

 

[GreyWolf]

@HCHTech .... Poweroff Technologies.. well I'm stealing that domain...damn already taken

 

[fencepost]

Why not just power them down and see who complains lol

I believe that's known as scream testing.

"I'm going to run a scream test on the network to help me identify things."
"OK, how's that work?"
"I turn things off and see who screams"

 

[SAFCasper]

I believe that's known as scream testing.

"I'm going to run a scream test on the network to help me identify things."
"OK, how's that work?"
"I turn things off and see who screams"

I shamefully have to admit using this tactic several times in the past few weeks. It's quite effective to be honest.

Quick tip - Don't shut things down. Just remove their network access for the same effect (disable NIC or remove cable). It's a lot faster to bring back online if people do infact start screaming at you.

 

[ITechnify]

the tools mentioned above are great, i personally didn't know about then, ill check them out. thank you

 

[Yosebas84]

I use Xia Configuration, definetly a must have tool if you do a couple of audits per year