Issues with Switching Non-Admin Domain Account on a Windows Collector

Question

I have configured a non-admin domain user that I would like to use as my collector account and am receiving an error once running the command ".\Windows_NonAdmin_Config -add -UserName domain\domainUser".&nbsp;The response: GetSecurityDescriptor failed:At C:\Program Files\LogicMonitor\Agent\bin\Windows_NonAdmin_Config.ps1:571 char:13+ &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; throw "GetSecurityDescriptor failed: $($output.ReturnValu ...+ &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~&nbsp; &nbsp; + CategoryInfo &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;: OperationStopped: (GetSecurityDescriptor failed: :String) [], RuntimeException&nbsp; &nbsp; + FullyQualifiedErrorId : GetSecurityDescriptor failed:The log files are below: Set-WmiNamespaceSecurity call with add operationERROR - GetSecurityDescriptor failed:&nbsp;I have previously ran the Non-admin file Windows_NonAdmin_Config.ps1 from C:\Program Files\Logicmonitor\agent\bin\ from the DC and it only ran through the first 3 phases before completing w/o errors. I added WMI permissioned from WMI Control (Windows Server Monitoring and Principle of Least Privilege | LogicMonitor) on the DC and the Windows device running the collector. I would appreciate guidance on the necessary settings for a domain user to replace the current system account on the collector, enabling it to serve as a WMI data collection account for the domain.

virgil_soulie · Answer

I stumbled upon this issue recently.The script had already run successfully on Windows Server and was monitored with a non-admin domain account.After an update, one service couldn't be queried and the non-admin script would fail with the following message:Error occurred: Unexpected error
Error occurred in GetSecurityDescriptor step. Kindly retry or do the setup manually.In our case, a simple WMI repository reset did the trick:&nbsp;Stop-Service Winmgmt -Force
winmgmt /resetrepository
Start-Service WinmgmtUpon rebuilding the repository, the script ran without issues