Can't install collectors on Windows core DC's

Question

&nbsp;As it says on the tin. Error installing watchdog service. On separate customers core DC's, different networks,&nbsp; different proxies, same error. Failed to install watchdog. Browser access to LM works and we're installing as system.Proxies do not require auth and we're installing with domain admin rights. We've had/have support tickets opened but we haven't been able to resolve this.Anybody got any ideas.&nbsp;

andy_c · Answer

The only issues i have are, core wont install and those who insist on running a 2019+ DC , with Veeam or CRM or some other stuff and giving it 4GB ofr ram. All 220 odd DC's I have are fine.

dave_lee · Answer

I don't have a solution to that issue, I've not tried deploying to Windows Server core before.But could you avoid installing the collector on the DC entirely?&nbsp; We treat domain controllers the same as any other Windows Server - we apply least privilege access using a PowerShell script that's very similar to what LM describe here: https://www.logicmonitor.com/support/getting-started/advanced-logicmonitor-setup/windows-server-monitoring-and-principle-of-least-privilegeAs long as we've got a domain user (not a domain admin), we have the relevant Win Firewall ports open and the user in the right domain groups (both done in GPO) and have run the NonAdmin script (which we push out using GPO) we can monitor DCs from an external collector.Might be worth a look and avoiding collectors on DCs entirely.Dave

andy_c · Answer

Unfortunately the clients want the AD visibility/management that installing provides , otherwise we'd need a service account with Dom Admin rights and that's not happening.

dave_lee · Answer

I'm pretty sure the AD modules work just fine when polled from a remote collector without domain admin rights.&nbsp; I think there was one permission we had to set to allow some custom stuff to run, but the built-in LM modules seem to work OK for us if the user account has been assigned permissions by the Non-Admin script.Dave

shack · Answer

We have a handful running server core but they are not DC's.&nbsp; I'm unable to recall if we encountered any issues during the install as it's been years.Are you using the full package or bootstrap?&nbsp; Are you logged in as an admin?