Knowledge base
Knowledge base
Breadcrumbs

Windows 2008 R2 Server


/*<![CDATA[*/ div.rbtoc1769795219186 {padding: 0px;} div.rbtoc1769795219186 ul {list-style: none;margin-left: 0px;padding-left: 15px;} div.rbtoc1769795219186 li {margin-left: 0px;padding-left: 0px;} /*]]>*/ Purpose Introduction Requirement Set Up Related Articles


Purpose

This document describe the technical procedure to set up authenticated scanning for Windows 2008 R2 Server targets using OUTSCAN or HIAB.

Introduction

This guide provides you with the technical procedure to succeed with authenticated scanning for Windows 2008 R2 Server targets when using OUTSCAN or HIAB.

Requirement

The Authenticated Scanning Using SMB requires that .NET framework version 3.5 or higher is installed.


When performing authenticated scanning against windows hosts, the scanner creates and starts a service called O24 Auth on the target machine.
This service is used to execute commands on the target and send the results back to the scanner.
Do not remove the service during scanning, it will stop and remove itself after it is done.

Set Up

To succeed with authenticated scanning using SMB for Windows 2008 R2 Server targets, follow the steps given below. 

Step 1 - Enable Remote Registry

To enable Remote Registry (Optional, can also be configured within the scanner)

  1. Go to Start and enter Run in the search field to open the Run Prompt.

  2. Open Services by enter services.msc in the Run Prompt and click OK.

  3. Under Services (Local), right click Remote Registry and select Properties.

    If Remote Registry is already enabled on your device, skip to Step 2


  4. In Remote Registry Properties (Local Computer), change the Startup Type to Automatic and start the service.

    Remote Registry Properties (Local Computer)


Step 2 - File and Printer Sharing

To turn on File and Printer Sharing:

  1. Go to Start and enter Network and Sharing Center into the search field to open Network and Sharing Center.

  2. In Network and Sharing Center, go to Change advanced sharing settings, located on the left-hand side.

  3. In your current profile, Private/Guest or Public, select Turn on file and printer sharing.

  4. Click Save Changes.

    Turn on file and printer sharing


Step 3 - Administrator Rights

  1. Go to Start and enter mmc in the search field to access Microsoft Management Console.

  2. Select Local Users and Groups, located in the left pane of the Microsoft Management Console window.

    If Local Users and Groups is not listed:

    1. Click the File menu

    2. Select Add/Remove Snap-in

    3. Select Local Users and Groups

    4. Click Add

    5. Select Local Computer

    6. Click Finish

    7. Click Ok


  3. Enter the Groups folder and double click the Administrators group.

    If the account is not listed under Members

    1. Click Add 

    2. Enter the name of the already created account that you wish to add

    3. Click Check Names

    4. Click Ok

    5. Click Ok



Administrators group

  Add Group

General


The following step are not recommended, if possible use the domain user account.

  

Make sure that the Windows User Account Control (UAC) is disabled.

  1. Go to Start and enter Run in the search field to open the Run Prompt.

  2. In the Run Prompt, enter regedit and click OK to open the Registry Editor.

  3. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system.

  4. Right click the System Folder.

  5. Select New >> DWORD (32-bit) Value and name the DWORD LocalAccountTokenFilterPolicy.

  6. Right click the newly created DWORD and select Modify.

  7. In the Edit Window set Value Data to 1.

  8. If User Account Control is disabled, EnableLUA must be set to 0 in 
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System.

Step 4 - Inbound File and Printer Sharing Exception

To allow Inbound File and Printer Sharing Exception

  1. Go to Start and enter Run in the search field to open the Run Prompt.

  2. To open the Group Policy Object Editor, enter gpedit.msc in the Run Prompt and click OK. 

  3. Navigate to Local Computer Policy > Computer Configuration > Administrative Templates > Network > Network Connections > Windows Firewall > Standard Profile.

  4. Under Standard Profile, right click Windows Firewall: Allow inbound file and printer sharing exception and select Edit.

  5. Select Enabled.

  6. Click Ok.

AuthScanSMB25.png

Page: Authenticated Scanning Using WinRM Page: Supported Platforms for Authenticated SSH Scanning Page: O24AUTH Page: Windows 2016 Server Page: Authenticated Scanning Using SSH Page: SMB Authentication from OUTSCAN/HIAB Page: Windows 2012 R2 Server Page: Windows 7 Page: Windows 2008 R2 Server Page: How to Test SMB Authentication Page: Authenticated Scanning Using SMB Page: Core Installation Page: Windows 8.1 Page: Authenticated Scanning Using WinRM Page: Windows 10/Windows 2019 Server