Monitoring a Domain Controller (DC)

When monitoring a Windows domain controller server, you must monitor the server with your Collector services running under your Domain Administrator account. If you run your LogicMonitor Collector under a domain user that only has local admin privileges, this will not allow your domain controllers to be monitored via WMI. This has been known to produce WMI error 80041003 in the Windows Event Viewer, and when attempting a manual WMI query from the Collector.

The two solutions to this are:

• Run the remote LogicMonitor Collector services (LogicMonitor Agent and LogicMonitor Watchdog) under a Domain Administrator user. We understand that this may not be acceptable in some situations due to the security implications involved with running a service as a domain admin.
• Install and run a dedicated Collector on each DC under the LocalSystem account, and have this Collector monitor itself as a host. Running the Collector as the LocalSystem provides sufficient privileges to allow the Collector on the DC to monitor itself but may not reliably be able to monitor remote hosts. (To monitor other hosts, you will need to define wmi.user and wmi.pass host properties, as discussed in Defining Authentication Credentials.)

For more methods on how to run without administrator privileges in Windows, see Running without Administrator Privileges in Windows.