Hanzo
PlatformHanzo KMSIntegrationsApp Connections

SMB

Learn how to configure an SMB Connection for Hanzo KMS.

The SMB Connection allows Hanzo KMS to connect to Windows servers using the SMB (Server Message Block) protocol for remote management operations such as password rotation.

Prerequisites

You will need the following information to establish an SMB connection:

  • Host - The hostname or IP address of the Windows server where the local accounts to be managed reside. This must be a member server or standalone machine, not a Domain Controller.
  • Port - The SMB port (default is 445)
  • Username - A Windows administrator account with permissions to manage local accounts on the target machine
  • Password - The password for the administrator account
  • Domain (optional) - The Windows domain name if using domain credentials to authenticate. When provided, Hanzo KMS authenticates as a domain user (e.g., MYDOMAIN\Administrator) to manage local accounts on the target machine. This allows domain administrators to rotate local account passwords on domain-joined member servers.

Windows Server Requirements

  • SMB3 Support - This connection uses SMB3 with encryption enabled for secure communication with Windows servers.
  • Firewall Configuration - The server must be accessible from Hanzo KMS or from the KMS Gateway if using it.

Run the following PowerShell command as Administrator on the Windows server to allow inbound SMB connections:

New-NetFirewallRule -DisplayName "Allow SMB Inbound" -Direction Inbound -Protocol TCP -LocalPort 445 -Action Allow

To verify the rule was created:

Get-NetFirewallRule -DisplayName "Allow SMB Inbound"

Setup SMB Connection in Hanzo KMS

Navigate to the App Connections tab in your Organization Settings. App Connections Tab

Click the + Add Connection button and select SMB from the available options.

Select SMB Connection

Complete the SMB Connection form by entering:

  • A descriptive name for the connection
  • An optional description for future reference
  • The Windows server host (hostname or IP address)
  • The SMB port (default is 445)
  • The domain name (optional, for domain-joined servers)
  • The administrator username
  • The administrator password

SMB Connection Modal

After clicking Create, your SMB Connection is established and ready to use with your Hanzo KMS project.

SMB Connection Created

To create an SMB Connection, make an API request to the Create SMB Connection API endpoint.

Sample request

curl --request POST \
    --url https://app.kms.hanzo.ai/api/v1/app-connections/smb \
    --header 'Content-Type: application/json' \
    --data '{
        "name": "my-windows-connection",
        "method": "credentials",
        "credentials": {
            "host": "192.168.1.100",
            "port": 445,
            "username": "Administrator",
            "password": "your-admin-password",
            "domain": "MYDOMAIN"
        }
    }'

Sample response

{
    "appConnection": {
        "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
        "name": "my-windows-connection",
        "version": 1,
        "orgId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
        "createdAt": "2023-11-07T05:31:56Z",
        "updatedAt": "2023-11-07T05:31:56Z",
        "app": "smb",
        "method": "credentials",
        "credentials": {
            "host": "192.168.1.100",
            "port": 445,
            "username": "Administrator",
            "domain": "MYDOMAIN"
        }
    }
}

How is this guide?

Last updated on

Render Connection

Learn how to configure a Render Connection for Hanzo KMS.

SSH

Learn how to configure an SSH Connection for Hanzo KMS.

On this page

Prerequisites
Windows Server Requirements
Setup SMB Connection in Hanzo KMS
Sample request
Sample response