Join fellow LogicMonitor users at the Elevate Community Conference and get hands-on with our latest product innovations.

Register Now

Platform

Get real-time insights and automation for comprehensive, seamless monitoring with agentless architecture.

Platform Overview
Infrastructure Monitoring
Cloud Monitoring
Digital Experience
AIOPS

Solutions

Whether you work in MSP, Enterprise IT or somewhere in between, the solution is clear.

Solutions Overview
By Initiative
By Industry

Resources

Explore our blogs, guides, case studies, eBooks, and more actionable insights to enhance your IT monitoring and observability.

View Resources
Learn

About us

Get to know LogicMonitor and our team.

About us
Get to know us
Services

Documentation

Read through our documentation, check out our latest release notes, or submit a ticket to our world-class customer service team.

View Resources
Support
TRY IT FREE
ON DEMAND DEMO

Product Documentation

Credentials for Accessing Remote Windows Computers

Last updated on 27 April, 2025

No further credential modification is needed, if the Collector is running as an account with the right to connect to the remote computers.

If you are only monitoring a machine where the Collector is installed, Local System can be used; we recommend using a user with only the least privilege permissions by following the instructions in Migrating Windows Collector from Admin to Non-admin User.

If the account credentials for the Collector service do not have access rights to the remote computers you want to monitor. In that case, you can explicitly provide the credentials belonging to a user with the least privilege permissions on the computers to be queried. To do this using WMI, specify the following properties at the appropriate level (i.e., global, group, or resource level):

  • wmi.user—Assign the username of an account with the least privilege permissions on the computers to be queried to this property.
  • wmi.pass—Assign the password of an account with the least privilege permissions on the computers to be queried to this property.
  • wmi.authType—Specifies the protocol to authenticate remote WMI hosts. The supported protocols are NTLMv1, NTLMv2, and Kerberos. Starting with EA Collector 37.300, the default authentication protocol is NTLMv2 (replacing the previous default protocol, NTLMv1). When using the Kerberos protocol, you must use the ServerName or FQDN to add a device and start your Collector services using AD account credentials instead of the Local System.

To configure the least privilege permissions for WMI, see Windows Server Monitoring and Principle of Least Privilege.

To configure WinRM monitoring instead of WMI, see Configuring WinRM for Windows Collector. 

For more information on assigning properties, see Resource and Instance Properties.

A local non-domain account on a remote computer that is a domain member is possible. This is not recommended, even if the account is in the Administrators group. Doing so will subject the WMI access to UAC filtering in Vista and later OSs, limiting the data that can be collected. You may also trigger account lockout alerts.

Please note that the remote perfmon collection is not supported when using SYSTEM accounts, regardless of pdh.user/pdh.pass property usage.

Start Your Trial

Full access to the LogicMonitor platform.
Comprehensive monitoring and alerting for unlimited devices.