Uh, for the record, the AD account I use to query WMI on my Windows boxen is NOT a domain admin--never was, and NEVER will be. I've written many a post on this forum regarding utility accounts and domain admin credentials, and how the two should never mix (just like alcohol and analysis, apparently ;-) ).
I've said it before...don't EVER give a utility account domain admin rights. I've even posted links to Microsoft guides on how to properly set up WMI so you don't need admin rights. I'm just sayin', is all. By the way, thank you for bringing up winexe in your other post. It was...como se dice....*very unpleasant* the day I implemented Enterprise and got a call from one of our security engineers asking why 120 of our Windows servers had a new "winexesvc" service all of a sudden. I was furious at the time that winexe (and more importantly, how it worked) was not mentioned anywhere in any documentation from Zenoss. (And God help you if you do a Google search for it--that made me all the more wary about it, since it's pretty sparsely documented--at least it was a few months ago.) My coworkers almost had to unscrew me from the ceiling...unfortunately I never got around to posting about it, which was probably good for my blood pressure. ;-) -- seth wright ([EMAIL PROTECTED]) windows engineer 540.568.2912 (office) james madison university On Tue, Jun 17, 2008 at 12:27 AM, SEJeff <[EMAIL PROTECTED]> wrote: > > Hey matt, please see my followup to Nathaniel right here: > http://community.zenoss.com/forums/viewtopic.php?t=6379 > > Nathaniel called and let me know someone else found the exact same problem I > was ranting about this morning. Kind of ironic. > > FYI: The geniuses working for ZenOSS have figured out how to get wmi clients > to run as non-Domain Administrative users. That will be forthcoming soon I'm > sure. > > @cardinal, it might have been more responsible to engage zenoss privately > about security problems. They are quick to respond and seem to do a great job > (note I do not work for them). > > --- > Jeff Schroeder > Don't drink and derive, alcohol and analysis don't mix > http://www.digitalprognosis.com > _______________________________________________ zenoss-users mailing list [email protected] http://lists.zenoss.org/mailman/listinfo/zenoss-users
