Navigate to: Setup > Discovery > Scan Jobs > Manage. This data view displays all of the currently existing scan jobs.

1. Click New at bottom of page to launch the Scan Job Setup Wizard.
2. In the Selection dialog, select the Applications and LIcenses job category.
3. In the job type: drop-down, select Users from Active Directory (LDAP).
4. Click OK.

In the LDAP/AD Settings section, enter:

1. LDAP Server Address: Address of LDAP server in form:
   - ldap://servername
   - ldaps://servername (secure LDAP scan option)
   This field is case sensitive and must be lowercase. Leave empty for default ldap://localhost:389. This can be the address for Active Directory as well since it can communicate via LDAP protocol.
2. Search Base: The point in the AD/LDAP tree where the search begins. This can allow the search to be narrowed so that it does not include an entire LDAP DB. For example, if the user was only interested in scanning a specific OU, they could add the following to the search base, in the following format:
   OU=Sub-Ed,OU=Ed209,DC=qa,DC=ssi
   where “Sub-Ed” and all users in that OU and sub-OUs, would be scanned.
3. LDAP Groups: All of the groups that contain users that should be scanned. The syntax of the entry should just be the name of the group. i.e.: Finance Users
4. Accept Self-Signed Certificate: only for LDAPS.
5. Click Next.

Select a PAD from a list of existing PADs from the drop down list. Click Next to continue.

Add Credentials to be used for rights to successfully scan using the desired probes:

1. Mark the Select credentials to be used for current scan: check box to use only the specified credentials for the current Scan Job.
   To use any available, pre-defined credentials, leave this box unchecked. The Scan Job will go through each available credential until the scan is successful.
2. For any given credential type, click the Add (plus sign) button.
3. In the Credential User Name dialog, select the credential or credentials required for the Scan Job. These credentials shall have sufficient rights to the endpoints to be successfully scanned.
   At this point, you may also create a new Credential by clicking New. This will begin the Create a New Credential process.
   Note: It's most beneficial for the SQL scan that both the Windows Credentials and SQL Credentials be specified, as the scan incorporates two different probes returning two different sets of information.
4. Click the Remove (minus sign) button to remove any unwanted Credentials.
5. Click Next to continue.

1. Select the desired Scan Window, or leave as Default if you would like for the scans to run at any time. For more information see Setting up a Scan Window.
2. Pick the desired Schedule Type for the scan job.
3. Check Enabled if you want to enable the scan job to run as scheduled once you save and finish the wizard.
4. Select the Time Zone and Time. Note that the time zone will be saved in GMT/UTC time.
5. Configure remaining options (Day of week:, Run on:, Repeat every:, etc.)
6. Click Next.

1. Provide a Name for the Scan Job.
2. Review the Scan Job configuration summary. Click Back to modify any of the specified configurations.
3. Click Save and Run to save the scan job and initiated it immediately, or Save and Finish to save the scan job and let it run at the scheduled time.