Does MID Server Service Account require interactive login privileges?

ppparmar · ‎01-23-2015

We have very secure environment in our organization. I wanted to check if MID Server Service Account can work without having interactive login on the windows machines.

I referred to installation guide and other MID Server configuration manual but it is not mentioned anywhere that Service Account requires interactive privileges.

Valor1 · ‎01-23-2015

It cannot work without an interactive login, sorry. (I just tried this with another customer of mine)

Depending on what you need the MID Server to do (file import? LDAP import?), you can get it to use a local, limited-user account. However, you need to manually upgrade the MID Server with every ServiceNow upgrade you do.

ppparmar · ‎01-28-2015

Hi Valor,

I'm trying to run Discovery and following is the setup:

1. We have Domain User (Service Account) with local admin privileges on all systems

2. In our environment all Service Accounts have no interactive login privilege

When we try to run the Discovery for Windows Machines, it generates following error:

"Connection failed to WMI service. Error: The remote server machine does not exist or is unavailable"

My question is does WMI service requires an account with interactive privileges? This was not a requirement before Calgary or Aspen.

Thanks

Pranav

Valor1 · ‎02-16-2015

Yes, you must have interactive login. We tested this at another customer. You can try disabling PowerShell discovery, but accounts without interactive login perms are not officially supported.

ppparmar · ‎04-24-2015

Hi valor,

We found solution. We do not need interactive login to any servers with the service account. Service Account can fetch data using non-interactive privileges.

Thanks.