non privleged PowerShell discovery

Idea ID 2698114

non privleged PowerShell discovery

Hello,

We are currently discovering windows servers with PowerCMD, but want to discover with the PowerShell discovery, but there are some things we noticed.

1. The PowerShell discovery needs .Net3.5 and the Powershell2.0 engine installed in order to run
Our company security does not allow us to use these old and deprecated versions.

2. You need to be local administrator in order to do the discovery right.
Our company does not allow the discovery user to be local admin

3. The PowerShell discovery uses a powershellconnector.exe on the probe
this connector is limited in it's use and does not support all the powershell commands

Our Windows administrators asked us if it is possible to edit the powershell discovery so we can connect to another powershell configuration that supports JEA (Just Enough Admin) which allows the discovery user to be a virtual local admin during the discovery and deletes it's privileges after the discovery is finished. This way it's more secure. We've tested it with the PowerCMD discovery and it works.

Kind regards,
Gidarno

Tags (3)
3 Comments
Micro Focus Expert
Micro Focus Expert
Status changed to: Waiting for Votes

Thank you for sharing your idea! It’s open for comments and kudos, and we’re looking forward to input from the community. Once there is enough community traction, it will be further reviewed by the product team

Captain Captain
Captain

This is a great idea, Admin rights have always been a sticking point with Windows discovery. Leveraging any of the improvements Windows are making to use lower rights in the OS should be a no brainer!

Commander Commander
Commander

@Bill_Dyck do you know if there are any considerations or actions planned for chaning the Windows Discovery, because security is being a great bottleneck now a days. Because we still need an privledged account for the powershell / powerCmd discovery. We are almost at a point to disable the windows discovery because its a great security risk. 

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.