HPE Community
Server Management - Systems Insight Manager
1753442 Members
4577 Online
108794 Solutions
New Discussion

Best Practice or advice for AD Service Accounts and Domain Groups?

 
Dana Swanson
Regular Advisor

‎03-21-2007 03:38 AM

‎03-21-2007 03:38 AM

Best Practice or advice for AD Service Accounts and Domain Groups?

Hiya,

I'm in the process of setting up a new install of HP SIM 5.1. I plan on using service accounts and groups from our AD Domain to setup the Windows Central Management Server, to communicate with the Server Management Agents, VCA and the System Management Homepage.

We are using supporting the Windows 2000/Windows Server 2003 side of the house and the VMWare ESX servers. The only linux involved would be the ESX servers.

The Windows Central Management Server server will be going on a Windows Server 2003 machine with SQL Server 2000 SP4.

Can anyone provide some examples where say service account 1 in AD with Admin privs was used to install the Windows Central Management Server. Service account 2 with these privs in AD is used with VCA. These groups from AD were set when setting up the Windows Central Management Server and used on the System Management Homepage.

If anyone could give me an example I would love to hear you setup and if you have limited the service accounts to only the rights they need to do the job that would be nice. If you use a admin service account with full rights to the servers thats fine as well. I'm looking for ideas.

I can't seem to find a document that shows this type of example. I find useful text here and there in the various docs but nothing in one document. If anyone could point me to a good example of using AD accounts and groups whenever possible I would appreciate it.

Thanks!

Dana
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.