This procedure describes the steps for creating the service accounts to be used by System Center Operations Manager 2007.
The following accounts and groups needs to be created in the domain.
Account | Used for | Reccomendations | Permissions |
SCOMReporting | Running the SQL Reporting Service | Domain User | |
SCOMAgentAction | Collecting informations and running tasks on the monitored servers | Local Systemor
Domain User |
Local UsersLocal Performance Users
Log on locally |
SCOMDataReader | Querying the Reporting Database | Domain User | |
SCOMDWWrite | Writing in the Data Warehouse | Domain UserSQL Login
Local Administrator |
|
SCOMDiscovery | Installing agents on servers | Domain Admin | |
SCOMServerAction | Collecting data and running responses on the SCOM server | Domain User | |
SCOMSDK | Running the SCOM servicesWriting in the operational database | Domain User | Local Administrator on SCOM server |
SCOMAdmins | This group will contain the SCOM Administrators which are able to use the Operations Manager console | Global Group |
Prerequisites
- Active Directory and DNS servers were installed and configured for the domain TECHREADY.RO
Installation and configuration steps
- Log on the Domain Controller using the domain Administrator account.
- Launch the Active Directory Users and Computers console. Select the container where you want to create the accounts, right click and select New, User.
- In the New Object – User window enter the user name (from table above) in the First Name and User Logon Name and click Next.
- In the New Object – User window enter a password and check User cannot change password and Password never expires options then click Next.
- In the New Object – User window review the information and click Finish.
- Repeat steps 3-5 to create all user accounts.
- In the Active Directory Users and Computers console select the container where you want to create the group, right click and select New, Group.
- Create a new group. In the New Object – Group window enter the group name (SCOMAdmins) and select Global and Security options then click OK.
- In the Active Directory Users and Computers console access the properties of the new group.
- In the Properties window select the Members tab and then click Add.
- In the Select Users, Contacts or Computers window enter the users that will be members of the group and click OK.
- In the Properties window click OK.