Online Help

Segment audit credentials

This article describes how to set up credentials for accessing computers and devices within the segment.

Credentials can be configured for the following platforms: Windows, Linux and macOS, Hypervisor, or SNMP.

  • Windows

    Windows credentials are used for auditing Windows computers. The audit account you define must be a member of the local Administrators group on each Windows client computer, either directly or through membership in a Windows domain group.

    We recommend using a domain administrator's account. Note that in order to create such audit account, domain administrator permissions are required. Alternatively, you can specify a local account, provided that this account exists on every computer you intend to audit.

    NOTE: When providing Windows audit credentials, avoid referring to real user accounts. Instead, we recommend that you create a special domain user solely for the purpose of auditing your domain (the "audit account").

  • Linux and Mac

    Linux and Mac credentials are used to audit Linux and macOS computers . Credentials must allow logging on to these computers.

    We recommend that you provide credentials for an account with root rights, i.e., the root account or the account that can run the dmidecode command with administrative rights. Otherwise, Alloy Discovery will not be able to collect SMBIOS hardware information on Linux computers. Collecting the list of services (daemons) on macOS computers also requires root rights. If you need this information, you should also use the root account or configure the launchctl command to run with elevated (root) privileges under a non-root account.

    For connecting to Linux and Mac computers via SSH, Alloy Discovery uses Plink-a command-line network connection tool which is a part of the PuTTY product, distributed under the free MIT license. Plink is included in the Alloy Discovery installation package; the executable file name is plink.exe. For more information on PuTTY and Plink, see the following website: https://www.chiark.greenend.org.uk/~sgtatham/putty/.

  • ESXi/vSphere/Citrix

    ESXi/vSphere/Citrix credentials are used to audit ESXi/vSphere and Citrix hypervisors. Credentials must allow logging on to these computers. We recommend that you use an account with administrative privilege. For Citrix hypervisors, audit credentials must allow logging to the computers using the SSH protocol.

  • SNMP

    SNMP credentials are used to collect inventory data about networked printers, scanners, hubs, routers, and other devices. Alloy Discovery detects and identifies those network devices via SNMP.