• Products
  • Get started
  • Documentation
  • Resources

Configure credential settings in Assets Discovery

Before you can scan your local system using Assets Discovery, you must configure your settings. The Credentials tab allows you to specify the credentials to be used in accessing devices on your network.

If your devices are protected with any credentials, you will have to add these for Assets Discovery to function.

  1. Navigate to your Assets Discovery directory and type discovery.exe -s in your terminal or command-line interpreter.

  2. Enter your password. If this is the first time you have used Assets Discovery you will be asked to enter and confirm a new password. This password must contain at least 8 characters including at least one uppercase, one lowercase, one numeric and one non-alphanumeric (symbol) character.

  3. Select the Credentials tab.

  4. Select the preferred set of credentials from the page. Each unique set of credentials is identified with a hash at top, such as 1b8da2ee-ec-15-4d99-8bdc-baadc2653df.

    1. Scan Setting - if desired, you can select a specific scan setting to run with this set of credentials. Select a specific scan setting, or select All to run these credentials against all scan settings. For more information about scan settings, see here.

    2. Type - select which type of system these credentials are to be used with. Depending on which type of system you select, you may have to enter further information about passwords and protocols. Possible selections include:

      1. Windows - use with (WMI*) systems.

      2. SSH - use with Linux systems.

      3. SSH_RSA - use with systems where an RSA key is required. The following information should be provided:

        1. Login - Enter the Login-Name of the User that is used for the authentication.

        2. sudo Password - Enter the Password that will be used for sudo commands

        3. Passphrase - Enter the passphrase of the RSA private key

        4. RSA File - Enter the local path to the RSA private key file of the User that is used for the authentication.

      4. SNMP_V1_V2 - use with SNMP version 1 and 2 systems. These do not include a user name, just a community string. The default read-only community string for many SNMP devices is public.

      5. SNMP_V3 - use with SNMP version 3 systems. A Security User, Authentication password and protocol, and Privacy password and protocol are needed.

        1. Security user - enter the user name that is used for the authentication.

        2. Authentication password and protocol - enter the authentication password and choose the protocol type that is used for the device(s):

          1. MD5

          2. SHA 1

        3. Privacy password and protocol - enter the privacy password and choose the protocol type that is used for the content encryption:

          1. DES (Data Encryption Standard)

          2. AES128 (Advanced Encryption Standard 128 bit encryption)

          3. AES192 (Advanced Encryption Standard 192 bit encryption)

          4. AES256 (Advanced Encryption Standard 256 bit encryption)

          5. TripleDES (Triple Data Encryption Standard)

      6. Application - Application credentials can be used to replace the Login and Password in an Application Pattern, such as that used for Databases like MySQL, PostgreSQL, etc. In a pattern you can use $$login$$ and $$password$$, these placeholders will be replaced at execution time. The <ApplicationName> need to be matched with the entered Application in the credentials.

        1. Login - Enter the value that will be replaced in the application pattern

        2. Password - enter the value that will be replaced in the application pattern

        3. Application - select the application for that credentials

    3. Login - Enter the login name of the user for this authentication.

    4. Password - Enter the password of the user for this authentication.

    5. Description - enter a description for these credentials.

    6. Usage - shows how many times these credentials have been tried and how many times they have succeeded.

    7. Lock - select the lock icon at the lower-right corner of the Credentials box to lock or unlock changes to these settings.

To add a set of credentials:

You can add multiple credentials for Assets Discovery to execute. This could be useful if you need different credentials for different devices, or if you want to use different credential sets with different scan settings.

If multiple credentials are available, Assets Discovery tries one after the other until a successful connection is established. This information will be saved for the machine and the next time this credential is the preferred one.

To add a set of credentials, select the '+' button at top.

To delete a set of credentials:

  1. To delete a scan setting, select the 'x' button at top.

  2. In the Delete Credential screen, select Yes.

To test a set of credentials:

Once you have configured a set of credentials, you can test the scan without running a full execution of Assets Discovery. You must input the IP address containing the device to test the credentials against.

  1. Select Test.

  2. Enter an IP address to test the credentials against and click Test.

  3. If the test is successful, Connection successfull is displayed. If the connection is refused, you will see the message Cannot connect with credentials.

Additional Help