Hi Folks,
I wonder what are the minimum privilege or least amount of privilege for Solarwinds SAM monitoring service account?
I need some help to downgrade my service account that is now running as domain admin.
Thank you,
The minimum requirement that SolarWinds supports for WMI access to a server is a local administrator user on the target machine. If you would like to use a non-admin user, then you can find the configuration details in the link below but the setup of this account is not supported by SolarWinds:
https://support.solarwinds.com/SuccessCenter/s/article/How-to-create-a-non-administrator-user-for-SAM-polling?language=en_US
Thank you @ecmel, So the Local Administrator of the target server is enough and recommended?
Yes, you can have a domain account in the local Administrators group on the server and it should have full WMI access.
Note the agent is less permissions from an AD perspective but also maximum permissions both locally and for a SAM Admin.
Agreed, the agent runs as system and avoids the need for assigned users in most cases. Exceptions might be things that involve rights to query a database, etc.
Please note that domain controllers should be monitored with a separate account than the rest of your servers to minimize use of domain admin credentials throughout the environment.
