Forum Discussion

nj32lmc's avatar
nj32lmc
Icon for Neophyte rankNeophyte
20 days ago

Issues with non-admin collector account

Hi all, 

I'm having issues implementing the new non-admin account. I set up the "Windows_NonAdmin_Config.ps1" script to run on our devices via GPO and waited just over a month. When I flipped over the collector account to the new non-admin account I'm getting errors on select app services and SQL services. The Status is reporting as 0. 

I ran a PowerShell query to troubleshoot.

  • From the collector the status is showing as Zero and certain properties of the service don't return values. 
  • On the VM with the service the same account running the same query returns all properties. 
  • The admin account returns all properties from both the local and remote machines. 

 

I've confirmed the user is in the DCOM users and even ran the non-admin script on the local machine. I cannot seem to get the remote query working. Does anyone have a suggestion as to what's going on? 

 

  • It appears I may need to look further in to this post: https://community.logicmonitor.com/discussions/welcome/sql-server-services-monitoring-for-non-admin-account/16793

  • For any of you who stumble on this. I used the "Windows_NonAdmin_Config.ps1" script on servers. 

    The script has:  $SDDLToAppend = "(A;;LCRPRC;;;$UserSID)".ToString()

    I had to change it to this: $SDDLToAppend = "(A;;LCRPRCLOCC;;;$UserSID)".ToString()