I am wondering how any other Financial Institutions Poll SNMP or WMI.
In our continued battle with our security, they are wanting us to monitor our servers without SNMP and with WMI credentials without admin rights.
You will probably also find the following KB article helpful.
SolarWinds Knowledge Base :: How to create a non-administrator user for APM polling.
Short story is "you can't". I can shoot you my testing for the minimum permissions needed for WMI monitoring (and RPC, which has more to do with ports than rights) but at the end of this conversation you are left with needing SOME KIND of permissions. You can't crap out faerie dust and unicorns to make this happen any other way.
The other option (aside from "don't monitor", which we'll presume is not an acceptable option) is to go with an agent-based solution. That doesn't get rid of the need of permissions, but the agent on the box has the permissions (which can be local) not a remote account. In every environment I've been part of (including both financial and medical institutions), that local account is just given admin/root off the bat. I'm not sure how THAT happens when a remote account can't, but there you go.
The downside of agent-based is cost. Serious, significant, major (as in "order of magnitude) cost differences.
Please send me your testing
It is just so dang frustrating. It is an everyday battle with people who have no clue.
