The requirements that allow the authentication of a Windows machine are:
- The Remote Registry service must be enabled on the target.
- File & Printer Sharing must be enabled in the target's network configuration.
- An SMB account must be used that has local administrator rights on the target.
- Note: A domain account can be used if that account is a local administrator on the devices being scanned.
- TCP ports 139 and 445 must be open between the scanner and the target.
- Ensure that there are no security policies are in place that blocks access to these services. This includes:
- Windows Security Policies
- Antivirus or Endpoint Security rules
- IPS/IDS
- The default administrative shares must be enabled. The setting that controls this is AutoShareServer (Windows Server) or AutoShareWks (Windows Workstation) which must be set to 1. These shares include:
- IPC$
- ADMIN$ (Windows 10 has the ADMIN$ disabled by default, make sure it's enabled. For other versions of Windows, these shares are enabled by default and can cause other issues if disabled. For more information, see Overview of problems that may occur when administrative shares are missing)
- C$