Installing UIM Using Windows Domain Account
search cancel

Installing UIM Using Windows Domain Account

book

Article ID: 35068

calendar_today

Updated On:

Products

DX Unified Infrastructure Management (Nimsoft / UIM)

Issue/Introduction

When a customer needs to use Windows domain account as per their company policy, there are specific rights that are required for the install to continue.



If customer decides to use Active Directory account (service account) to connect to SQL Server database in database setup section of the UIM install, then the installer sets up Nimsoft Robot Watcher service with AD account user as seen below
 

Environment

Release: CNMSPP99000-7.6-Unified Infrastructure Mgmt-Server Pack-- On Prem
Component:

Resolution

<Please see attached file for image>

User-added image

This service account needs to be setup on the Windows server with following rights and group membership for NMS:

1- Logon as Service
2- Allow Logon locally
3- Member of local Administrators group
4- SQL Server login account for domain user used in NMS install


1.  Logon as Service

Under Start->Administrative Tools->Local Security Policy open Local Policies/User Rights Assignment  and verify that your user is defined here.

<Please see attached file for image>

User-added image

Note that as of v5.6.1 of UIM, your domain user WILL BE ADDED during installation.

2.Now open Allow Logon Locally and verify that your domain user is defined.

<Please see attached file for image>

User-added image




 

3.  Member of local Administrators group
Make sure that on your UIM server, your user is a member of the local administrators group.

<Please see attached file for image>

User-added image



 

4- Create account for domain account/service account in SQL Server 


<Please see attached file for image>

User-added image


 

You can assign items 1& 2 using Local Security Policy, For item 3 above, by default the Domain Admins group is member of local Administrators group.  For item 4, you need to open SQL Server Management Studio to create an SQL Server login for domain account with appropriate permissions.

Once, the above is configured, you can now run the UIM installer specifying an Active Directory account in the database section.

Make sure that you specify AD user with Domain\User syntax as shown below:

<Please see attached file for image>

User-added image


 

Additional Information

Note 1: If installing UMP on a separate host than UIM host, change the service login to match the Nimsoft Robot Watcher service login defined on UIM host.

Note 2: If  Logon as is changed in the Control Panel's Service section for Nimsoft Watcher Service, the added account will be granted Logon as Service rights by operating system.

Note 3: It has been found that the connection test to the SQL database will fail if the domain account does not have the "Log on as a batch job" user right. This is enabled by default for the administrators group. If this right is removed the database connection test with fail with a credential error.

Attachments

1558695023477000035068_sktwi1f5rjvs16mur.jpeg get_app
1558695021657000035068_sktwi1f5rjvs16muq.jpeg get_app
1558695019958000035068_sktwi1f5rjvs16mup.jpeg get_app
1558695018032000035068_sktwi1f5rjvs16muo.jpeg get_app
1558695016144000035068_sktwi1f5rjvs16mun.jpeg get_app
1558695014367000035068_sktwi1f5rjvs16mum.jpeg get_app
1558695012549000035068_sktwi1f5rjvs16mul.jpeg get_app
1558695010659000035068_sktwi1f5rjvs16muk.jpeg get_app
1558695008811000035068_sktwi1f5rjvs16muj.jpeg get_app
1558695006876000035068_sktwi1f5rjvs16mui.jpeg get_app
1558695005050000035068_sktwi1f5rjvs16muh.jpeg get_app
1558695003086000035068_sktwi1f5rjvs16mug.jpeg get_app
Powered by Wolken Software