LA rule execute program as different user?

Question

Hello,
Has anyone figured out how to execute a program from a LA rule as any user other than the "Local System"? I assume it's executing as that user because the SolarWinds services all run as the "local system" but I need to have something execute with network access and "Local System" is not tied to the network account so it cannot be granted access to network resources.

It might be possible to changing the SolarWinds windows service that is executing the LA rule to run as the "Network Service". It does not seem like there is any way to specify the user in the rule itself.

I guess my other option is embed a username and password into my Powershell but that's not ideal.

Anyone else dealt with this? Thanks!

abakus · Answer

This should be addressed in LA 2020.2.5 since RC1 has the option to use any Windows credential defined in Orion. In addition, the default user has changed to Network Service:

mesverrum · Answer

I've used both of the solutions you describe in the past, these days I don't mess with the service accounts and just write my powershell to use the secret store

https://github.com/PowerShell/SecretStore

https://github.com/PowerShell/SecretManagement/tree/master/ExtensionModules/CredManStore