When Microsoft identified critical vulnerabilities with WMI, it released a Windows DCOM Server security feature bypass (CVE-2021-26414) to address the security vulnerabilities. \USERNAME or MACHINENAME\USERNAME.ĭata Collection Failure due to WMI Vulnerabilities ![]() To specify a local user rather than a domain user, replace DOMAIN with the #HOSTNAME# token, ‘.’ or the machine’s name so that the wmi.user value is #HOSTNAME#\USERNAME. ![]() The “wmi.user” custom property should be formatted as DOMAIN\USERNAME.If you cannot run the Collector under an administrator user, or if you are monitoring hosts between multiple domains and need to make a host-specific credential adjustment, follow these instructions to add the “wmi.user” and “wmi.pass” custom properties to your host. To change the user the services run as, change the credentials in the “Log On” tab for both services, and then start the services again. In these situations, the credentials for both of your Collector services, including “LogicMonitor Collector” and “LogicMonitor Watchdog”, should reference either a Domain user that is an Administrative account on the hosts to be monitored, or a local administrator that will be available on each Windows host to be monitored by this Collector. ![]() Most issues with the Windows task collection result from permission restrictions when the Collector machine attempts to query your hosts for data. The LogicMonitor Collector primarily uses Windows Management Instrumentation (WMI) to monitor Windows servers. Note: A Windows Collector must be used in order to monitor Windows hosts.
0 Comments
Leave a Reply. |