Copyright

© 2021 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® in Sweden and other countries.



Introduction

To succeed with authenticated scanning using SMB for Core Installations of Windows, there are five steps that you need to follow.

Note

PSH-commands does not work if one of the following registry keys are set to 1.
HKLM\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy\Enabled.
HKLM\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy.
The difference is that the top registry key is available on newer targets, and the bottom on older, see https://support.microsoft.com/en-us/help/811833/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashi for more information.

Step 1 - Enable Remote Registry

Enable Remote Registry (optional, can also be configured within the scanner)

  1. Go to Start and enter cmd in the search field to open the Command Prompt.
  2. Start the Powershell by enter powershell in Command Prompt.



  3. In Powershell, enter Get-Service RemoteRegistry to verify the status of the service.



  4. If the service is not running, enter Run-Service RemoteRegistry.
  5. To set the service to run automatically, enter Set-Service RemoteRegistry –startuptype automatic.
  6. To view the information and status of all services, enter Get-WmiObject win32_service | Select Name, DisplayName, State, StartMode | Sort Name.



    The service should now be running

 

Step 2 - File and Printer Sharing

To turn on the File and Printer Sharing:

  1. Go to Start and enter cmd in the search field to open the Command Prompt.
  2. Start the Powershell by enter powershell in Command Prompt.
  3. In Powershell, enter netsh advfirewall firewall set rule group= ”File and Printer Sharing” new enable=Yes to turn on File and Printer Sharing.


Step 3 - Administrator Rights

For the authentication to succeed the account in use needs to either be the Built in Administrator or a part of the Administrator Group

Built in Administrator

To active the built-in administrator account:

  1. Go to Start and enter cmd in the search field to open the Command Prompt.
  2. In the Command Prompt, run the command: net user administrator /active: yes


     

Local User

Make sure the local account is included in the Administrators Group:

  1. Go to Start and enter cmd in the search field to open the Command Prompt.
  2. Start the Powershell by enter powershell in Command Prompt.
  3. In Powershell, run the command: 

    net localgroup administrator

    to list the uses within the administrator group.

  4. If the user is not included, run the command:

    net localgroup administrators “<username>” /add

    to add the user.


Step 4 - File and Printer Sharing

To allow Inbound File and Printer Sharing Exception

  1. Go to Start and enter cmd in the search field to open the Command Prompt.
  2. In Command Prompt run the command:

    REG add  "HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint” /v Enabled /t REG_DWORD /d 1 /f


Step 5 - Memory Leak in the Remote Registry

Resolving the Memory Leak in the Remote Registry Service

  1. Go to Start and enter cmd in the search field to open the Command Prompt.
  2. Start the Powershell by enter powershell in Command Prompt.
  3. In Powershell, enter regedit to access the Registry Editor.
  4. Locate the following registry sub key:  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\RemoteRegistry.
  5. In the details pane to the right, double-click DisableIdleStop.
  6. Change the value to 00000001.
  7. Click Ok.

Reference

Authenticated Scanning Using SMB