Hello,
I do Windows monitoring via WMI. I have no problem as long as I log a user with admin (local or domain). For obvious security reasons, I would like to create a non-admin user could only read the attributes of WMI classes. So I created this user, and I assigned the necessary rights via 'wmimgmt' and 'dcomcfng' on the Windows server.
I use the tool wmic (Linux utility) that works very well. Here is the syntax I use:
No problems, everything works. The idea is to go like this:wmic-U domain / useradmin% password / / 192.168.1.1 "select * from Win32_Service"
Of course this does not work properlywmic-U domain / non-user-admin% password / / 192.168.1.1 "select * from Win32_Service"
I said that I can recover some instances of classes in non-admin, for example:
returns the values expected.wmic-U domain / non-user-admin% password / / 192.168.1.1 "select * from Win32_Process"
Leafing on msdn read I thought that for some classes, the user should have the privilege "SC_MANAGER_CONNECT to" enabled. I have a little hard to understand because it seems that any authenticated user have this privilege (or so I misunderstood ...).
In case I misunderstood, how to assign a user that right?
Thank you for your help..
Bookmarks