Audit Credentials window

Name: The name (title) for the credential record. It will appear in the list of available Windows audit credentials, which you can choose in the Select Audit Credentials window.

User Name: The login name for the audit account.

Password: The password for the specified audit account.

Domain: For domain accounts, enter the domain name.

If you intend to use a local account, keep the default <Local Computer> value. Note that any local account you specify must exist on every computer you wish to audit.

Test Login: Click to verify that the account can log in to the specified domain.

NOTE: To promote responsible credential management and best practices in security, this feature is applicable only when the computer where Network Inventory is installed resides within the same domain as the one being tested or in a trusted domain. This ensures that sensitive domain credentials are not accidentally exposed or tested in environments where they shouldn't be.

Name: The name (title) for the credential record. It will appear in the list of available Linux and Mac credentials, which you can choose in the Select Audit Credentials window.

Protocol: This field is read-only. Connection to Linux and macOS computers is always established through the Secure Shell protocol (SSH).

Port: By default, Network Inventory accesses client Linux and macOS computers over the standard TCP port 22. If you want to specify a non-standard TCP port that the SSH server running on client computers listens on, enter its number.

Username: The login name.

Password: The account password.

Private Key: This field is read-only. It displays information about the uploaded private key file.

Browse: Click this button to choose your private key file.

Clear: Clears the Private Key field.

Use custom command line parameters: Select this check box if you want to manually specify Plink command line parameters.

Parameters: This field becomes available when you select the check box above. It contains parameters of the Plink command line. The default command line parameters may look like this:

-P "$PORT" -l "$USER_NAME" -pw "$PASSWORD" "$HOST"

In this example, "$PORT", "$USER_NAME", "$PASSWORD", and "$HOST" are placeholders for command line parameter values, corresponding to the dialog box fields. For more information on placeholders, see below.

The default parameters may include port (-p), user name (-l), password (-pw) or private key (-i). You can edit the command line as needed. For a complete list of Plink parameters, please refer to http://the.earth.li/~sgtatham/putty/0.58/htmldoc/Chapter7.html#plink.

You can configure a custom command line in two ways:

• You can specify parameter values directly in the command line (e.g. -p "22"). In this case, you are not required to fill out the dialog box fields. However some parameters, such as private key and host, cannot be specified in this way.

• You can use placeholders instead of specific values (e.g. -p "$PORT"). The actual values for placeholders are taken from the corresponding dialog box fields, which you must fill out. Note that the values for the private key and host must always be passed as placeholders. The value for the $HOST placeholder is determined automatically for each audited computer, hence there is no corresponding dialog box field.

NOTE: Currently, Network Inventory does not support SSH authentication via the Pageant authentication agent. As a possible solution, you can specify your private key file directly in the audit credentials.

Insert Placeholder: Inserts a placeholder into the Parameters field.

Name: The name (title) for the credential record. It will appear in the list of available ESXi/vSphere/Citrix credentials, which you can choose in the Select Audit Credentials window.

Protocol: This field is read-only. Connection to hypervisors is always established through the Secure Shell protocol (SSH).

Port: By default, Network Inventory accesses client hypervisors over the standard TCP port 22. If you want to specify a non-standard TCP port that the SSH server running on client computers listens on, enter its number.

Username: The login name.

Password: The account password.

Private Key: This field is read-only. It displays information about the uploaded private key file.

Browse: Click this button to choose your private key file.

Clear: Clears the Private Key field.

Use custom command line parameters: Select this check box if you want to manually specify Plink command line parameters.

Parameters: This field becomes available when you select the check box above. It contains parameters of the Plink command line.

Insert Placeholder: Inserts a placeholder into the Parameters field.

Protocol: This field is read-only. Connection is always established through the Secure Shell protocol (SSH).

NOTE: Network Inventory establishes connection to Linux and Mac computers using the Secure Shell protocol (SSH) over a TCP port. Therefore, it is required that the SSH server is running on each client computer and listening on a dedicated TCP port.

Name: The name (title) for the credential record. It will appear in the list of available SNMP credentials, which you can choose in the Select Audit Credentials window.

Under Version v1/v2c, specify the following information for community-based SNMPv1 or SNMPv2c:

• Community: The SNMP community.

  NOTE: Most SNMP v1 and v2c devices are shipped with the community string set to "public". It is standard practice for system administrators to change the community strings so that unauthorized users cannot access information about the internal network.

Under Version v3, specify the following information for user-based SNMPv3:

• User Name: The SNMP user name.

• Security Level: The SNMP security level:

  • No Authentication, No Privacy: Uses a user name for authentication and transmits credentials in clear text.

  • Authentication, No Privacy: Provides packet authentication and message integrity, but no encryption. Select the authentication algorithm (MD5 or SHA) in the Protocol list and type in the pass phrase.

  • Authentication, Privacy: Provides the maximal security by combining authentication, message integrity, and encryption. Under Authentication, select the authentication algorithm (MD5 or SHA) and type in the pass phrase. Under Privacy, select the encryption algorithm (DES or AES) and type in the pass phrase.

Name: The name for the credential record. The name appears in the grid of available audit credentials that you choose in the Select Audit Credentials window.

Client ID: The Google developer API Client ID.

Client Secret: The Google developer API Client Secret.

TIP: You can load both the Client ID and the Client Secret parameters using the Load button. For details, see Google Directory Audit and Directory API: Getting Started.

Domain: The name of domain, if you want to specify a domain user name.

Authorize: Click this button to start the authorization process. In a browser window, sign in with the Google Account to your domain and configure client permissions by clicking the Allow button. When the authorization is approved, the credentials will be saved automatically.