AppInsight IIS Non Domain Joined

hpstech

I am working with a customer with a highly secure environment trying to get them to adopt SAM.

I have spent many hours setting up a lab environment trying to get non-domain joined servers to be discovered by SAM.

Provided local admin rights to a local account, added WMI permissions and DCOM permissions.

No matter what I do, its only when I add the server to a domain and use a Domain Admin account can I get this to work.

I've read all the docs and feel like I've hit a wall.

Who here has non-domain joined IIS servers discovered by SAM successfully?

What is your magic bullet to make this work?

Find more posts tagged with

sam

Accepted answers

All comments

joe432008

We have a few computers in our DMZ that is not joined to the domain. The way I am able to collect data on these systems is to utilize the SNMP polling method. If that doesn't work, you could probably try Agent version polling. I have not set any systems up with agents other than a few linux systems, but it still should work.

hpstech

SNMP doesn't collect AppInsight data.

Lofstrand

In my experience, if a Windows server is not domain joined WMI doesn't work unless you do as below:

To enable remote WMI access on a workgroup server, you'll need to modify the registry to disable User Account Control (UAC) filtering for remote access. This is done by creating a LocalAccountTokenFilterPolicy registry value.

1. Open the Registry Editor:
Press Win + R, type regedit, and press Enter.
2. Navigate to the System Key:
Navigate to the following registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system.
3. Create the Registry Value:

If the LocalAccountTokenFilterPolicy DWORD value does not exist, create it.
Right-click within the system key, select "New" -> "DWORD (32-bit) Value".
Name the new value LocalAccountTokenFilterPolicy.

4. Set the Value:
Double-click the newly created LocalAccountTokenFilterPolicy value and set its value data to 1. This disables UAC filtering for remote connections.