Because I could not find an authoritative source for configuration of security for report scheduler on Windows Server 2008, I am going to write what I have done to allow this to work:
1. I created an Active Directory user that is only a member of domain users in the domain.
2. I added that user to NPM with very limited rights and defaulting to blank pages with no links or tabs on it and access to only the reports folder that I wanted
3. On the Orion server, I made the account a member of remote desktop users, logged on one time to create a profile, logged off and remove the account from remote desktop users.
4. On the Orion server, I granted the account the "log on as batch job" right.
5. On the Orion server, I gave the account change permissions on the c:\windows\tasks folder.
6. logging ontp the Orion server with the local administrator account (Ugh - still need to figure out how to avoid this) I set up a scheduled report to run as the account that I created and to pas the credentials for the account in the URL for the report.
That seems to have worked. If anyone has any comments or improvements to this process, I would be appreciative. Especially about how to not have to log on with the local Administrator to configure the report scheduler.
SolarWinds uses cookies on its websites to make your online experience easier and better. By using our website, you consent to our use of cookies. For more information on cookies, see our cookie policy.