Question on Monitoring Credentials
hbuckner
Posts: 69 Bronze 3
I am testing some Windows Server 2008 R2 boxes. I noticed that if I have the Monitoring Service Account in a AD group and then put that group in the local Administrators group the Monitoring fails to connect. If I place the Service Account straight in to the local Administrators group it works.
The service account is in the Root domin and my AD group is in the Child domain.
Any idea why this happens? I think it maybe related to Windows 2008 security model.
The service account is in the Root domin and my AD group is in the Child domain.
Any idea why this happens? I think it maybe related to Windows 2008 security model.
Comments
We've had quite a few reports that domain admins and groups don't seem to satisfy the access requirements for WMI and Remote Registry connections but we've not come up with a way of enabling this.
If anyone has any joy with this, please let us know.
hbuckner: what specific error were you seeing when using an AD Group?
--
Daniel
The server just showed the monitoring had stopped with Monitoring stopped (Incorrect credentials or insufficient permissions)
I viewed the log and it was showing the same information. I havd just removed the AD account from the local admin group because I know a AD group in the local administrators already had the account. But as soon as I removed it, the monotoring status stopped and I had to ad it back.
Thanks