Credentials
To gain access to a computer or network device Discovery needs Credentials, such as user names and passwords.
If multiple credentials are available, Assets Discovery tries one after the other until a successful connection is established. This information will be saved for the machine and the next time this credential is the preferred one.
Scan Setting
Default is set to "All" which means, that this credential will be used for all configured scan settings.
If you want to use a specific credential(s) for one configured scan setting select the ID at the drop down list.
Be advised: if you configure a scan setting id just this credentials will be used for the scan setting, all others will be ignored!
Credential Configuration
There are different Credential-Types available:
"Basic"-Credentials are used to connect to:
- Windows (WMI*)
- Linux-Servers (SSH)
- vSphere ESXi-Server*
Field | Input Value |
---|---|
Login | Enter the login of the user that is used for the authentication. |
Password | Enter the password of the user that is used for the authentication. |
For Linux-Servers it is also possible to use RSA-Private-Key Authentication.
Field | Input Value |
---|---|
Login | Enter the login of the user that is used for the authentication. |
sudo Password | Enter the Password that will be used for sudo commands |
Passphrase | Enter the passphrase of the RSA private key |
RSA File | Enter the local path to the RSA private key file of the User that is used for the authentication. |
SNMP V1 & V2 Devices
Credentials for SNMP (V1 & V2) do not include a user name, just a community string.
The default read-only community string for many SNMP devices is public.
SNMP V3 Devices
Field | Input Value |
---|---|
Security User | Enter the User-Name that is used for the authentication. |
Auth. Password & Protocol | Enter the authentication password and choose the protocol-type that is used for the device(s):
|
Priv. Password & Protocol | Enter the privacy password and choose the protocol-type that is used for the content encryption:
|
Application
Application Credentials can be used to replace Login and Password in an Application Pattern i.e. used for Databases like MySQL, PostgreSQL etc.
In a pattern you can use $$login$$ and $$password$$ these placeholder will be replaced at execution time.
At the pattern the <ApplicationName> need to be matched with the entered Application in the credential.
Field | Input Value |
---|---|
Login | Enter the value that will be replaced in the application pattern |
Password | Enter the value that will be replaced in the application pattern |
Application | Select the application for that credentials |
- With the Test Button a dialog raised up to enter a IP, so you can check the credentials for a destination system.
- In best case you have a few Credentials for Windows and Linux systems or a specified user for the discovery job.
- All Credential Information will be stored in the file (credentialstore) and encrypted with AES256.
For the encryption, the Tool uses <YourPassword>+<PrivateSalt>+<LocalHostInformation>.
*Only available by using the Discovery Tool on a Windows Environment.