Multiple Windows Authentication Records

In the case where you have multiple Windows authentication records in your account, the scanning engine matches each target host to one record.

The scanning engine uses authentication records in the order shown below:

1.    NetBIOS, Service-Selected IPs. The scanning engine looks at authentication records with service-selected IPs (records that enable "Domain: NetBIOS, Service-Setected IPs") to see if the host is registered with a domain in one of those records. If a match is found, the credentials in the record are used for authentication.

2.    NetBIOS, User-Selected IPs. The scanning engine looks at authentication records with user-selected IPs (records that enable "Domain: NetBIOS, User-Selected IPs" and "Local") to see if the host is included in one of those records for domain or local authentication. In the case where the credentials in a service-selected IPs record were used for authentication to the host and authentication failed, the scanning engine looks to see if the host is included in a record with a user-selected IPs record for local authentication only. If a match is found, the credentials in the user-selected IPs record are used for authentication.

3.    Active Directory. The scanning engine looks at Active Directory authentication records and attempts to authenticate to hosts found in the Fully Qualified Domain Name (FQDN) defined for each.

See Creating Windows Records to learn how to add a new Windows authentication record to your account.