SCOM 2007 R2 Agent Deployment Service Account
Hi Could you clarify the security policy - on the one hand you are saying that you are not allowed to create an account with local admin rights and then you seem to implying that they will allow a service account to have local administrator rights ?? Deploying Management Packs - this doesn't require any Windows administrator rights. You just need to be a SCOM Administrator: http://technet.microsoft.com/en-us/library/bb735424.aspx Deploying agents - this requires local administrator rights on the server you want to deploy an agent on to. If you don't have access to an account that has local administrator rights then can you use System Center Configuration Manager (or another deployment tool) to deploy the agents? http://technet.microsoft.com/en-us/library/cc950516.aspx Cheers Graham New SCOM 2012 Blog! - http://www.systemcentersolutions.com/blog/ View OpsMgr tips and tricks at http://systemcentersolutions.wordpress.com/
November 16th, 2011 11:32am

Hi, When pushing agents via the console, you can choose an account which has local administrator rights on the target computers. For details, please see the section “Agent Installation Account” in the following document: Account Information for Operations Manager 2007 http://technet.microsoft.com/en-us/library/bb735419.aspx Meanwhile, regarding the accounts settings, please also refer to the following post: OpsMgr security account rights mapping - what accounts need what privileges? http://blogs.technet.com/b/kevinholman/archive/2008/04/15/opsmgr-security-account-rights-mapping-what-accounts-need-what-privileges.aspx Hope this helps. Thanks. Nicholas Li - MSFT Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
November 16th, 2011 11:58am

when pushing agents you can also enter another account (like a service account with local admin rights on the machines you want to push to). As long as it is local admin. Otherwise you will need to use sccm or something like that, but there you will also at some point need to do the first install with admin rights :-)Bob Cornelissen - BICTT (My BICTT Blog) - Microsoft Community Contributor 2011 Recipient
November 16th, 2011 5:02pm

when pushing agents you can also enter another account (like a service account with local admin rights on the machines you want to push to). As long as it is local admin. Otherwise you will need to use sccm or something like that, but there you will also at some point need to do the first install with admin rights :-)Bob Cornelissen - BICTT (My BICTT Blog) - Microsoft Community Contributor 2011 Recipient
Free Windows Admin Tool Kit Click here and download it now
November 16th, 2011 5:02pm

Hi, Can I just use one service account and give that account local admin rights for deploying agents and deploying MPs ? Due to company 's securtiy policy they are not allowing to create an account which has local admin rights, so I just want to know can I do it with service account and I don't have any issue in future deployment too. Please help.
November 19th, 2011 11:07am

Hi Could you clarify the security policy - on the one hand you are saying that you are not allowed to create an account with local admin rights and then you seem to implying that they will allow a service account to have local administrator rights ?? Deploying Management Packs - this doesn't require any Windows administrator rights. You just need to be a SCOM Administrator: http://technet.microsoft.com/en-us/library/bb735424.aspx Deploying agents - this requires local administrator rights on the server you want to deploy an agent on to. If you don't have access to an account that has local administrator rights then can you use System Center Configuration Manager (or another deployment tool) to deploy the agents? http://technet.microsoft.com/en-us/library/cc950516.aspx Cheers Graham New SCOM 2012 Blog! - http://www.systemcentersolutions.com/blog/ View OpsMgr tips and tricks at http://systemcentersolutions.wordpress.com/
Free Windows Admin Tool Kit Click here and download it now
November 20th, 2011 3:09am

Hi, When pushing agents via the console, you can choose an account which has local administrator rights on the target computers. For details, please see the section “Agent Installation Account” in the following document: Account Information for Operations Manager 2007 http://technet.microsoft.com/en-us/library/bb735419.aspx Meanwhile, regarding the accounts settings, please also refer to the following post: OpsMgr security account rights mapping - what accounts need what privileges? http://blogs.technet.com/b/kevinholman/archive/2008/04/15/opsmgr-security-account-rights-mapping-what-accounts-need-what-privileges.aspx Hope this helps. Thanks. Nicholas Li - MSFT Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
November 20th, 2011 3:34am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics