Hello,
we have the needed NVTs for this scan config now. I imported the conf. But all 479 results have the Severity 0.0 (Log).
Let’s take say this NVT: Microsoft Windows: Enforce password history, it says:
Detection Result
Compliant: NO
Actual Value: None
Set Point: 24
Type of Test: WMI_Query
Test: SELECT Setting FROM RSOP_SecuritySettingNumeric WHERE KeyName = ‘PasswordHistorySize’ AND precedence = ‘1’
Solution: Set following UI path accordingly: Computer Configuration/Windows Settings/Security Settings/Account Policies/Password Policy/Enforce password history
Notes: No setting found for this query.
The value is set to 23, but Greenbone says Actual Value: None.
WMI is running on the target system and I can access certain infos and restart the target system remotely through it (doesn’t work when I stop the service so WMI is certainly running).
I read several time now that to access RSOP settings the target system must be in a domain? Greenbone doc says something in this direction:
From a vulnerability assessment perspective, only a domain account allows for the detection of domain-related scan results. These results will be missing if using a local user account.
Is a domain account is required for the mentioned win10 scan conf to fully work?
but it doesn’t say which NVTs require DA authentication. The docs only say - let me quote it again -