Server Management - Systems Insight Manager
cancel
Showing results for 
Search instead for 
Did you mean: 

Service account clarification for SIM 5.x

 
Koonan
Occasional Advisor

Service account clarification for SIM 5.x

It seems there is a lot of discussion on this issue, but I'm seeing different results. It seems most people are saying the SIM services only need to run as a Local Administor on the SIM server itself. I tried this, but when I try and run "Configure or Repair Agents" it fails. Unless the Service Account I use for SIM is a Local Administror of the server I'm trying to fix. This doesn't make much since, because the task to Repair Agents asks for a Username and Password.
2 REPLIES
Scott_278
Valued Contributor

Re: Service account clarification for SIM 5.x

I have an open case for this, as there is a problem with the Configure or Repair Agents tool. In my situation (SIM5, SP4), I have a domain account that is used to run the SIM service on the CMS - it is a member of the local Administrators group on the CMS. This account has no rights on any of the target machines.

The ONLY way I can get this to work is if I add this account to the local Adminstrators group on the target. The credentials I enter in the tool itself seem to be irrevalent - I can enter completely BOGUS credentials, and as long as the service account is a member of the local Administrators group on the target, it works every time.

So there is definitely something wrong with the security of this tool. I demo'd this for HP last Friday, and they are working on it now. Should have an update soon.
Koonan
Occasional Advisor

Re: Service account clarification for SIM 5.x

Thanks, keep me posted. At least it confirms how SIM should work.