Microsoft SharePoint record

/api/2.0/fo/auth/microsoft_sharepoint/

[POST]

List, create, update, and delete Microsoft SharePoint records for authenticated scans of Microsoft SharePoint instances running on Windows and Database. Microsoft SharePoint version 2010, 2013,2016, and 2019 are supported.

Input Parameters

Parameter

Description

action={action}

(Required) Specify create, update, delete (using POST) or list (using GET or POST).

echo_request={0|1}

(Optional) Specify 1 to view (echo) input parameters in the XML output. By default these are not included.

ids={value}

(Required to update or delete record) Record IDs to update/delete. Specify record IDs and/or ID ranges (for example, 1359-1407). Multiple entries are comma separated.

title={value}

(Required to create record) A title for the record. The title must be unique. Maximum 255 characters (ascii).

comments={value}

(Optional to create or update record) User defined comments. Maximum of 1999 characters.

Microsoft SharePoint

 

db_local={0|1}

(Optional to create or update record) Set to 1 when login credentials are for a MS SQL Server database account. Set to 0 when login credentials are for a Microsoft Windows operating system account that is associated with a MS SQL Server database account. When db_local is not specified during a create request, the flag is set to 1.

windows_domain={value}

(Required when db_local=0, otherwise invalid) The domain name where the login credentials are stored when the login credentials are for a Microsoft Windows operating system account that is associated with a MS SQL Server database account. The domain name may include 1-256 characters (ascii).

For an update request when the credentials for the record are for a Microsoft Windows account (db_local=0) and you want to change the record to use credentials for a MS SQL Server account (db_local=1), then you must set windows_domain=’’ (the empty string) to clear the current parameter setting.

kerberos={0|1}

(Optional to create or update record) When not specified, Kerberos is enabled allowing the scanning engine to try Kerberos when negotiating authentication to target hosts. Specify kerberos=0 if you do not want Kerberos attempted.

ntlmv2={0|1}

(Optional to create or update record) When not specified, NTLMv2 is enabled allowing the scanning engine to try NTLMv2 when negotiating authentication to target hosts. Specify ntlmv2=0 if you do not want NTLMv2 attempted.

ntlmv1={0|1}

(Optional to create or update record) When not specified, NTLMv1 will not be attempted. Specify ntlmv1=1 to try NTMLv1 when negotiating authentication to target hosts.

Login credentials  

username={value}

(Required for create request) The username of the account to be used for authentication. If password is specified this is the username of a Microsoft SharePoint account. If login_type=vault is specified, this is the username of a vault account. Maximum 255 characters (ascii).

password={value}

(For create request, password or login_type=vault is required) The password of the Microsoft SharePoint account to be used for authentication. Maximum 100 characters (ascii).

login_type={value}

(For create request, password or login_type=vault is required) Login type can be basic (default) or vault. Set to vault if a third party vault will be used to retrieve the password. Vault parameters need to be provided in the record. See “Vault Definition” in the API user guide.

vault_id={value}

(Required if login_type=vault) The ID of the vault to be used to retrieve the password for login.

vault_type={value}

(Required if login_type=vault) The third party vault to be used to retrieve the password for login. Certain vaults support this capability. See “Vault Support Matrix” in the API user guide.

secret_name={value}

Required if vault type is Thycotic Secret Server) Specify the secret name that contains the password to be used for authentication. The scanning engine will perform a search for the secret name and then get the password from the secret returned by the search. A single exact match of the secret name must be found in order for authentication to be successful. The secret name may contain a maximum of 256 characters, and must not contain multibyte characters.

system_name={value}

(Optional if vault type is BeyondTrust PBPS or Quest Vault) The managed system name (also known as asset name). When not specified, we’ll attempt to auto-discover the system name at scan time.

account_name={value}

(Optional if vault type is BeyondTrust PBPS) The account name. When not specified, we’ll try the username specified in the authentication record.

folder={value}

(Required if vault type is CyberArk AIM and Cyber-ARK PIM Suite) Specify the name of the folder in the secure digital safe where the password to be used for authentication should be stored. The folder name can contain a maximum of 169 characters. Entering a trailing /, as in folder/, is optional (when specified, the service removes the trailing / and does not save it in the folder name). The maximum length of a folder name with a file name is 170 characters (the leading and/or trailing space in the input value will be removed).

These special characters cannot be included in a folder name:

/ : * ? " < > | <tab>

file={value}

(Required if vault type is CyberArk AIM and Cyber-ARK PIM Suite) Specify the name of the file in the secure digital safe where the password to be used for authentication should be stored. The file name can contain a maximum of 165 characters. The maximum length of a folder name plus a file name is 170 characters (the leading and/or trailing space in the input value will be removed).

These special characters cannot be included in a file name:

\ / : * ? " < > | <tab>

Target Hosts

 

ips={value}

(Required to create record) The IP address(es) for the Microsoft SharePoint targets you want to authenticate to. Multiple entries are comma separated.

(Optional to update record) IPs specified will overwrite existing IPs in the record, and existing IPs will be removed.

This parameter and the add_ips parameter or the remove_ips parameter cannot be specified in the same request.

add_ips={value}

Optional to update record) Add IPs and/or ranges to the IPs list for this record. Multiple IPs/ranges are comma separated.

This parameter and the ips parameter cannot be specified in the same request.

remove_ips={value}

(Optional to update record) IPs to be removed from your record. You may enter a combination of IPs and ranges. Multiple entries are comma separated.

This parameter and the ips parameter cannot be specified in the same request.

network_id={value}

(Optional to create or update record, and valid only when the networks feature is enabled) The network ID for the record.

 

Sample: List all Records

API request

curl -u "USERNAME:PASSWORD" -H "X-Requested-With: Curl" -d

"action=list" "https://qualysapi.qualys.com/api/2.0/fo/auth/"

XML output

<?xml version="1.0" encoding="UTF-8" ?>

<!DOCTYPE AUTH_RECORDS_OUTPUT SYSTEM "https://qualysapi.qualys.com/api/2.0/fo/auth/auth_records.dtd">

<AUTH_RECORDS_OUTPUT>

    <RESPONSE>

        <DATETIME>2020-02-14T06:40:29Z</DATETIME>

        <AUTH_RECORDS>

            <AUTH_UNIX_IDS>

                <ID_SET>

                    <ID>63215</ID>

                    <ID>63239</ID>

                    <ID>65170</ID>

                    <ID>65172</ID>

                    <ID>66185</ID>

                </ID_SET>

            </AUTH_UNIX_IDS>

            <AUTH_VMWARE_IDS>

                <ID_SET>

                    <ID>63213</ID>

                    <ID>63235</ID>

                    <ID>63237</ID>

                    <ID>63241</ID>

                </ID_SET>

            </AUTH_VMWARE_IDS>

            <AUTH_POSTGRESQL_IDS>

                <ID_SET>

                    <ID>66387</ID>

                    <ID>66389</ID>

                    <ID>69602</ID>

                    <ID>72224</ID>

                </ID_SET>

            </AUTH_POSTGRESQL_IDS>

            <AUTH_ORACLE_HTTP_SERVER_IDS>

                <ID_SET>

                    <ID>66388</ID>

                </ID_SET>

            </AUTH_ORACLE_HTTP_SERVER_IDS>

            <AUTH_MICROSOFT_SHAREPOINT_IDS>

                <ID_SET>

                    <ID>72222</ID>

                </ID_SET>

            </AUTH_MICROSOFT_SHAREPOINT_IDS>

            <AUTH_GREENPLUM_IDS>

                <ID_SET>

                    <ID_RANGE>66183-66184</ID_RANGE>

                    <ID>66186</ID>

                    <ID>69598</ID>

                    <ID>69601</ID>

                    <ID>72225</ID>

                </ID_SET>

            </AUTH_GREENPLUM_IDS>

        </AUTH_RECORDS>

    </RESPONSE>

</AUTH_RECORDS_OUTPUT>

Sample - List Microsoft SharePoint Records with Basic Details

API request

curl -u "USERNAME:PASSWORD" -H 'X-Requested-With: Curl' -d

"action=list&details=Basic"

"https://qualysapi.qualys.com/api/2.0/fo/auth/microsoft_sharepoint/"

 

XML output

<?xml version="1.0" encoding="UTF-8" ?>

<!DOCTYPE AUTH_MICROSOFT_SHAREPOINT_LIST_OUTPUT SYSTEM "https://qualysapi.qualys.com/api/2.0/fo/auth/microsoft_sharepoint/auth_microsoft_sharepoint_list_output.dtd">

    <AUTH_MICROSOFT_SHAREPOINT_LIST>

      <AUTH_MICROSOFT_SHAREPOINT>

        <ID>2372474</ID>

        <TITLE><![CDATA[SharePoint_WindowsAuth]]></TITLE>

        <USERNAME><![CDATA[username]]></USERNAME>

        <IP_SET>

          <IP>10.10.10.13</IP>

        </IP_SET>

        <MSSQL>

          <DB_LOCAL><![CDATA[0]]></DB_LOCAL>

          <WINDOWS_DOMAIN><![CDATA[sample.qualys.com]]></WINDOWS_DOMAIN>

          <KERBEROS><![CDATA[1]]></KERBEROS>

          <NTLMV2><![CDATA[1]]></NTLMV2>

        </MSSQL>

        <LOGIN_TYPE><![CDATA[basic]]></LOGIN_TYPE>

        <CREATED>

          <DATETIME>2020-03-10T18:47:26Z</DATETIME>

          <BY>joe_user</BY>

        </CREATED>

        <LAST_MODIFIED>

          <DATETIME>2020-03-10T18:47:26Z</DATETIME>

        </LAST_MODIFIED>

      </AUTH_MICROSOFT_SHAREPOINT>

      <AUTH_MICROSOFT_SHAREPOINT>

        <ID>2372483</ID>

        <TITLE><![CDATA[SharePoint_DatabaseAuth]]></TITLE>

        <USERNAME><![CDATA[username]]></USERNAME>

        <IP_SET>

          <IP_RANGE>10.10.10.19-10.10.10.20</IP_RANGE>

        </IP_SET>

        <MSSQL>

          <DB_LOCAL><![CDATA[1]]></DB_LOCAL>

          <KERBEROS><![CDATA[1]]></KERBEROS>

          <NTLMV2><![CDATA[1]]></NTLMV2>

          <NTLMV1><![CDATA[1]]></NTLMV1>

        </MSSQL>

        <LOGIN_TYPE><![CDATA[basic]]></LOGIN_TYPE>

        <CREATED>

          <DATETIME>2020-03-10T20:53:37Z</DATETIME>

          <BY>joe_user</BY>

        </CREATED>

        <LAST_MODIFIED>

          <DATETIME>2020-03-10T20:53:37Z</DATETIME>

        </LAST_MODIFIED>

      </AUTH_MICROSOFT_SHAREPOINT>

Sample - List Microsoft SharePoint Records with All Details

API request

curl -u "USERNAME:PASSWORD" -H 'X-Requested-With: Curl' -d

"action=list&details=All"

"https://qualysapi.qualys.com/api/2.0/fo/auth/microsoft_sharepoint/"

 

XML output

<?xml version="1.0" encoding="UTF-8" ?>

<!DOCTYPE AUTH_MICROSOFT_SHAREPOINT_LIST_OUTPUT SYSTEM "https://qualysapi.qualys.com/api/2.0/fo/auth/microsoft_sharepoint/auth_microsoft_sharepoint_list_output.dtd">

<AUTH_MICROSOFT_SHAREPOINT_LIST_OUTPUT>

  <RESPONSE>

    <DATETIME>2020-03-11T22:56:20Z</DATETIME>

    <AUTH_MICROSOFT_SHAREPOINT_LIST>

      <AUTH_MICROSOFT_SHAREPOINT>

        <ID>2372474</ID>

        <TITLE><![CDATA[SharePoint_WindowsAuth]]></TITLE>

        <USERNAME><![CDATA[username]]></USERNAME>

        <IP_SET>

          <IP>10.10.10.13</IP>

        </IP_SET>

        <MSSQL>

          <DB_LOCAL><![CDATA[0]]></DB_LOCAL>

          <WINDOWS_DOMAIN><![CDATA[sample.qualys.com]]></WINDOWS_DOMAIN>

          <KERBEROS><![CDATA[1]]></KERBEROS>

          <NTLMV2><![CDATA[1]]></NTLMV2>

        </MSSQL>

        <LOGIN_TYPE><![CDATA[basic]]></LOGIN_TYPE>

        <CREATED>

          <DATETIME>2020-03-10T18:47:26Z</DATETIME>

          <BY>joe_user</BY>

        </CREATED>

        <LAST_MODIFIED>

          <DATETIME>2020-03-10T18:47:26Z</DATETIME>

        </LAST_MODIFIED>

      </AUTH_MICROSOFT_SHAREPOINT>

      <AUTH_MICROSOFT_SHAREPOINT>

        <ID>2372483</ID>

        <TITLE><![CDATA[SharePoint_DatabaseAuth]]></TITLE>

        <USERNAME><![CDATA[username]]></USERNAME>

        <IP_SET>

          <IP_RANGE>10.10.10.19-10.10.10.20</IP_RANGE>

        </IP_SET>

        <MSSQL>

          <DB_LOCAL><![CDATA[1]]></DB_LOCAL>

          <KERBEROS><![CDATA[1]]></KERBEROS>

          <NTLMV2><![CDATA[1]]></NTLMV2>

          <NTLMV1><![CDATA[1]]></NTLMV1>

        </MSSQL>

        <LOGIN_TYPE><![CDATA[basic]]></LOGIN_TYPE>

        <CREATED>

          <DATETIME>2020-03-10T20:53:37Z</DATETIME>

          <BY>joe_user</BY>

        </CREATED>

        <LAST_MODIFIED>

          <DATETIME>2020-03-10T20:53:37Z</DATETIME>

        </LAST_MODIFIED>

      </AUTH_MICROSOFT_SHAREPOINT>

      <AUTH_MICROSOFT_SHAREPOINT>

        <ID>2372484</ID>

        <TITLE><![CDATA[SharePoint123]]></TITLE>

        <USERNAME><![CDATA[userupdate]]></USERNAME>

        <IP_SET>

          <IP_RANGE>10.10.10.25-10.10.10.26</IP_RANGE>

        </IP_SET>

        <MSSQL>

          <DB_LOCAL><![CDATA[0]]></DB_LOCAL>

          <WINDOWS_DOMAIN><![CDATA[sample2.qualys.com]]></WINDOWS_DOMAIN>

          <KERBEROS><![CDATA[1]]></KERBEROS>

          <NTLMV1><![CDATA[1]]></NTLMV1>

        </MSSQL>

        <LOGIN_TYPE><![CDATA[basic]]></LOGIN_TYPE>

        <CREATED>

          <DATETIME>2020-03-10T20:55:50Z</DATETIME>

          <BY>joe_user</BY>

        </CREATED>

        <LAST_MODIFIED>

          <DATETIME>2020-03-11T16:19:19Z</DATETIME>

        </LAST_MODIFIED>

      </AUTH_MICROSOFT_SHAREPOINT>

    </AUTH_MICROSOFT_SHAREPOINT_LIST>

    <GLOSSARY>

      <USER_LIST>

        <USER>

          <USER_LOGIN>joe_user</USER_LOGIN>

          <FIRST_NAME>Joe</FIRST_NAME>

          <LAST_NAME>User</LAST_NAME>

        </USER>

      </USER_LIST>

    </GLOSSARY>

  </RESPONSE>

</AUTH_MICROSOFT_SHAREPOINT_LIST_OUTPUT>

Sample - Create Microsoft SharePoint Record

API request with Microsoft Windows login (db_local=0)

curl -u "USERNAME:PASSWORD" -H 'X-Requested-With: Curl' -d

"action=create&title=SharePoint&ips=10.10.10.13&username=username&password=password&db_local=0&windows_domain=sample.qualys.com"

"https://qualysapi.qualys.com/api/2.0/fo/auth/microsoft_sharepoint/"

API request with MS SQL Server database login (db_local=1)

curl -u "USERNAME:PASSWORD" -H 'X-Requested-With: Curl' -d

"action=create&title=SharePoint_withDatabase&ips=10.10.10.14&username=username&password=password&db_local=1"

"https://qualysapi.qualys.com/api/2.0/fo/auth/microsoft_sharepoint/"

XML output

<?xml version="1.0" encoding="UTF-8" ?>

<!DOCTYPE BATCH_RETURN SYSTEM "https://qualysapi.qualys.com/api/2.0/batch_return.dtd">

<BATCH_RETURN>

    <RESPONSE>

        <DATETIME>2020-02-13T07:31:33Z</DATETIME>

        <BATCH_LIST>

            <BATCH>

                <TEXT>Successfully Created</TEXT>

                <ID_SET>

                    <ID>72223</ID>

                </ID_SET>

            </BATCH>

        </BATCH_LIST>

    </RESPONSE>

</BATCH_RETURN>

Sample - Update Microsoft SharePoint Record

API request to update basic information

curl -u "USERNAME:PASSWORD" -H 'X-Requested-With: Curl' -d

"action=update&ids=10002&title=SharePoint2&username=newuser&password=newpassword&comments=auth-updated"

"https://qualysapi.qualys.com/api/2.0/fo/auth/microsoft_sharepoint/"

API request to update vault login and change to different vault

curl -u "USERNAME:PASSWORD" -H 'X-Requested-With: Curl' -d

"action=update&ids=10003&login_type=vault&vault_type=Thycotic+Secret+Server&vault_id=123&secret_name=secret-name"

"https://qualysapi.qualys.com/api/2.0/fo/auth/microsoft_sharepoint/"

XML output

<?xml version="1.0" encoding="UTF-8" ?>

<!DOCTYPE BATCH_RETURN SYSTEM "https://qualysapi.qualys.com/api/2.0/batch_return.dtd">

<BATCH_RETURN>

    <RESPONSE>

        <DATETIME>2020-02-13T07:39:09Z</DATETIME>

        <BATCH_LIST>

            <BATCH>

                <TEXT>Successfully Updated</TEXT>

                <ID_SET>

                    <ID>72223</ID>

                </ID_SET>

            </BATCH>

        </BATCH_LIST>

    </RESPONSE>

</BATCH_RETURN>

Sample - Delete Microsoft SharePoint Records

API request for deleting single record

curl -u "USERNAME:PASSWORD" -H 'X-Requested-With: Curl' -d

"action=delete&ids=10000"

"https://qualysapi.qualys.com/api/2.0/fo/auth/microsoft_sharepoint/"

API request for deleting single record

curl -u "USERNAME:PASSWORD" -H 'X-Requested-With: Curl' -d

"action=list&ids=10000,10001"

"https://qualysapi.qualys.com/api/2.0/fo/auth/microsoft_sharepoint/"

XML output

<?xml version="1.0" encoding="UTF-8" ?>

<!DOCTYPE BATCH_RETURN SYSTEM "https://qualysapi.qualys.com/api/2.0/batch_return.dtd">

<BATCH_RETURN>

    <RESPONSE>

        <DATETIME>2020-02-13T07:40:06Z</DATETIME>

        <BATCH_LIST>

            <BATCH>

                <TEXT>Successfully Deleted</TEXT>

                <ID_SET>

                    <ID>72223</ID>

                </ID_SET>

            </BATCH>

        </BATCH_LIST>

    </RESPONSE>

</BATCH_RETURN>

DTDs for auth type "microsoft_sharepoint"

<platform API server>/api/2.0/auth_records.dtd

<platform API server>/api/2.0/fo/auth/microsoft_sharepoint/auth_microsoft_sharepoint_list_output.dtd