Authenticated Scan without Admin privilige

Hello dear fellas,

i want to use OpenVAS for authenticated scans in my windows client area.

Do i have to use a User with Admin privilige for it to work?
I think that is a major security flaw, if one system has Admin access to all clients.

I tried the SMB Auth without Admin permissions, but it failed.
A test with Admin permissions was successful.

Can you help me there please?
Thanks in advance!

According to the Greenbone Enterprise Appliance documentation section on Scanning a system, you can search for the SMB Credential section and it does not mention that these credentials must be Admin credentials. So, I think the credentials for a regular user should be OK. :slight_smile:

Have you found any clues in the logs about the failed login attempt?

Thank you for your fast reply!
I found out why it didnt work. Im just dumb :smiley:
I forgot to put the domain in front of the username…

Not at all dumb, I think we all do things like that at some point or another. :grinning: We’re glad it was something easy to fix. :slightly_smiling_face:

3 Likes