Skip to main content
Skip table of contents

SMB Authentication from OUTSCAN/HIAB

Purpose

This document provides the steps needed for setting up SMB Authentication from HIAB and OUTSCAN.

Introduction

SMB Authentication can be set up from OUTSCAN and HIAB in three different ways, per target, per target group, and per scan policy. 

Setting up SMB Autentication

It is possible to set up SMB Authentication from OUTSCAN and HIAB in three ways. 

  • Per target

  • Per target group

  • Per scan policy

Per Target

SMB authentication per target can be set in Main Menu > Netsec > Manage Targets.

To access the settings:

  1. Right click on the desired target and select Edit, it opens a Maintaining Target window.

    AuthScanSMB47.png


    AuthScanSMB48.png


  2. Go to the Authentication tab.

  3. Select SMB in the Authentication drop-down menu.

  4. Enter the Credentials that will be in use.

  5. Select the Enable remote registry checkbox to allow the scanner to access the Windows registry.

  6. To test if the credentials are valid, click the Test button to the right in the Test Credentials area.

Per Target Group

SMB authentication for a Target Group can be set in Main Menu > Netsec > Manage Targets.

To access the settings:

  1. Right click on the desired target group and select Set Target Authentication.

    AuthScanSMB49.png



    This action displays a new window where the authentication can be set.

    AuthScanSMB50.png

  2. Select SMB in the drop-down menu.

  3. Enter the credentials that will be in use for all targets in this group.

  4. Select the Enable remote registry checkbox to allow the scanner to access the Windows registry.

  5. To test if the credentials are valid, click the Test button to the right in the Test Credentials area. 

Per Scan Policy

SMB authentication can also be set when creating a Scan Policy in Scan Scheduling.

To access the settings:

  1. Go to Main Menu > Netsec > Scan Scheduling and select the Scan Policy Tab.

  2. To view the Maintaining Scanning Policy window:

    1. Click on + New policy, or

    2. Right-click on existing system policy and select Edit.

A system policy cannot be edited. By clicking on Edit, a copy of the template is created.

c. In the Maintaining Scanning Policy window, select the SMB tab.

Maintaining Scanning Policy
SMB
  1. Enter the credentials to be used and click Save.

Option

Description

SMB domain

The SMB domain to use when scanning the remote host. 

SMB username

The username to use when attempting to log on to the remote host via SMB. 

When performing Authenticated scanning over SMB and Backwards compatibility for NT is enabled, the username length is limited to 20 characters, if disabled it is a lot longer.
A SMB username with a greater number of characters, results in an error indicating level '5' invalid credentials.

See https://learn.microsoft.com/en-us/windows/win32/ad/naming-properties#samaccountname for more information.

SMB password

The password to use when attempting to log on to the remote host via SMB. 

SMB allow NTLMv1

Whether to allow authentication using NTLMv1. 

SMB allow plain-text password transmission

Whether to allow scanning using plain-text password transmission. 

Enable remote registry

If this option is checked, the scanner starts the Remote Registry Service using the provided user details and once finished, disable the service again. 

Target Credentials

Target

Enter a Target to test the credentials and click Test Credentials.

There could be multiple targets with same IP/hostname which must be linked to different scanners.

For example:

192.168.0.1 on Scanner01
192.168.0.1 on Scanner02

To test the credentials on one of these targets, the scanner name should be provided along with the target to run a successful test using the format given below:

CODE
192.168.0.1<Scanner01

Multiple attempts to login with the same account or on the same domain can cause account lockout and should be avoided

Reference

Authenticated Scanning using SMB

Manage Targets




Copyright

© 2025 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.