WinRM (Windows Remote Management) is the preferred way to discover Windows machines because it yields more accurate results compared to WMI. We recommend using credentials with administrative privileges since that will give you most information like a detailed list of patches.
The process of configuring a Windows box for WinRM access is documented by Microsoft here: https://docs.microsoft.com/en-us/windows/win32/winrm/installation-and-configuration-for-windows-remote-management.
Enable WinRM on the respective endpoints
To enable WinRM, call following command in a Powershell running with administrator privileges:
Configuring for http:
winrm quickconfig
Configuring for https:
winrm quickconfig -transport:https
You wil need an appropriate certificate for the machine to use https.
Settings in Asset Discovery
Authentication
Negotiate: Used for domain users
Basic: Used for local users only
Encryption
Auto: Usage depends on transport settings
Always: Always run message encryption even over HTTPS
Never: Never use message encryption even over HTTP (needed for basic authentication via HTTP)
It is not recommended to use basic authentication via HTTP since credentials can be extracted from wire traffic.
Port
Enter "0" for the default port (5986 for HTTPS or 5985 for HTTP)
Use HTTPS
Checked: Connect using HTTPS
Unchecked: Connect using HTTP
Validate certificate (only availabe if Use HTTPS is checked)
Checked: Check certificate and fail if it is invalid
Unchecked: Do not check certificate (can be usefull for self signed certificates)
Comments
0 comments
Please sign in to leave a comment.