AnsweredAssumed Answered

Integrating workgroup windows machines located in the DMZ to RSA SA (10.6.4.1)

Question asked by Visham Rawat on Jul 25, 2018
Latest reply on Jul 31, 2018 by Visham Rawat

We're trying to integrate windows servers located in the DMZ, and not part of the domain (belong to workgroup) to RSA SA.

 

 

On the windows machine, we've run the script using local admin account credentials (account was created specifically for RSA SA collection purposes).


On SA, we're adding the windows servers using Basic Authentication.

However, on testing connectivity, we're receiving a 'Error! 401 Unauthorized. Possible causes: invalid credentials.' On checking the status of Basic Authentication on the windows machine, it is currently set to false (hasn't been enabled).

 

The question is - do we have to enable Basic Authentication on the windows servers as well? If yes, can this be done without enabling the IIS role? Since the windows servers are on the DMZ, enabling IIS is problematic.

 

Also, what ports are needed to be opened to enable this integration?

Port 5985 - is it bi-directional between SA and the windows server?

Do we need to open port 80 for basic authentication between SA and windows server?

How can we leverage basic authentication over SSL?

Outcomes