Setting Up Polling of User Data Across Domains
Enabling UDT to poll user data, essentially by retrieving event log data, on an AD domain controller
outside the local domain of the UDT server requires setup both in UDT and the AD domain controller. UDT
supports the following methods for getting event log data from another domain:
Eventing6
n This is the preferred method and depends on the AD domain controller running Windows 2008 R2.
WMI
n This method is supported across Windows platforms.
UDT collects user information through a scheduled job (REL).
See also: Defining Credentials for Polling Across Domains
Defining Credentials for Polling Across Domains
Keep in mind these requirements when you set up your credentials for accessing an AD domain controller
outside the local UDT server domain:
n The UDT user account must be a member of the target domain.
n The UDT user account must either be a member of the Administrators group on the target domain
controller or a limited account with privileges to access the remote security event log and directory
service on the remote domain controller. If UDT is using a limited account the account must be a
member of these groups:
o
Domain Users
o
Distributed COM Users
o
Event Log Readers
o
Remote Desktop Users
n The domain credentials should also have access to the WMI namespaces listed below:
o
CIMV2
o
directory
o
RSOP
Note: You can use these instructions to give the account the relevant privileges.
See also: Setting Up Polling of User Data Across Domains
Setting WMI Namespace Security
You configure access to WMI namespaces through these steps on the target AD domain controller.
1.
Open Administrative Tools (Control Panel > Administrative Tools)
2. Double-click Computer Management.
3.
Expand the Services and Applications and double-click WMI Control.
4. Right-click WMI Control, and then select Properties.
50
To Next Page
Loading...