/build/static/layout/Breadcrumb_cap_w.png

What context does the agent run under on Domain Controllers

I am testing scripts on my Domain Controllers and they are not running.  So I built a custom inventory rule that just returns "whoami".  This obviously returns "nt authority\system" as expected for all non-Domain Controllers.  It does not run on the domain controllers, so I do not know what context the agent runs under.  A couple other custom inventory rules do run on the DC, so the agent can run some commands. 

Thanks for any help.


0 Comments   [ + ] Show comments

Answers (2)

Answer Summary:
Posted by: dimitris 10 years ago
Purple Belt
1

The problem was just with powershell scripts.  And the cause was that there is not a 32-bit version of powershell installed by default on Server Core 2008 R2.  Changing the script to utilize the sysnative path to access the 64-bit version of powershell resolved this problem. 

Posted by: SMal.tmcc 10 years ago
Red Belt
0

Active Directory has introduced new levels to server security management. If you would like to grant a remote administrator the rights to install software or services on a domain controller, that person would have to be a domain administrator.


Comments:
  • That makes sense. But the agent does run on Domain Controllers and does have some level of access as all the hardware/software fields are populated on the appliance. I imagine it is with the System account. I was just wanting to confirm that this context is what it is running under and if that context should have rights to run scripts. If not, is there a non domain admin user setup that will allow running scripts via the appliance through the agent. Thanks. - dimitris 10 years ago
    • You most likely installed the agent as a DA. Once installed it runs a service as system to do tasks. Due to security we do not even put the agent on any of our DC's so I can not help you with a work around, maybe someone else will give you the work around. - SMal.tmcc 10 years ago

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ