Why does CCS require local administrator rights?

search cancel

Why does CCS require local administrator rights?

book

Article ID: 279411

calendar_today

Updated On: 02-16-2024

Products

Control Compliance Suite Standards Server Control Compliance Suite Control Compliance Suite Standards Module

Issue/Introduction

Why does CCS require the data collection account to be a local administrator on target CCS Windows servers?

Resolution

Windows 2016 v2.0.0 Level 1 and Level 2 standards with user having local admin rights and user not having local admin rights. Local Admin rights are required for few windows data sources which are getting used in these standards.

WNT.Machine
WNT.User
WNT.Group
WNT.Service

We need to enumerate windows users and groups from the machine, fetch the data related Machines security policy attributes, Audit related data etc.

Internally we use some Microsoft APIs for collecting the data for these data sources. There might be other data sources as well which will require Local Admin Privilege.

Feedback

Was this article helpful?

thumb_up Yes

thumb_down No