Introduction
When you want to add managed system from a workgroup or domain you cannot locate anything when you click on browse button.
Solutions
On your windows computer (win7 or winxp) which join workgroup or domain, on their windows firewall allow file and printer sharing for winxp and allow inbound connection for smb on windows 7, for my case my windows 7 enterprise allow inbound connection to domain.
On your ePO server open services.msc and enable Computer browser service on Windows 7 and Windows XP.
Risk
The discovery of the computers in domain and workgroup uses smb ports which are TCP 135,139, 445 these have known vulnerabilities which can be exploited especially on Windows XP (regardless of which service pack the famous exploit is netapi exploit), it is recommended application whitelisting such as Bit9 or McAfee Application Control or even Windows App locker to whitelist the existing programs so that exploits even if downloaded inadvertently cannot be executed.
cyruslab 