LogicMonitor seeks to disrupt AI landscape with $800M strategic investment at $2.4B valuation to revolutionize data centers.

Learn More

    Platform

    Get real-time insights and automation for comprehensive, seamless monitoring with agentless architecture.

  • Infrastructure
    monitoring
  • Cloud monitoring
  • Digital experience
  • AIOPS

      • Solutions

      Whether you work in MSP, Enterprise IT or somewhere in between, the solution is clear.

    By Initiative
    By Industry

      About us

      Get to know LogicMonitor and our team.

    Get to know us
    Services

      Resources

      Explore our blogs, guides, case studies, eBooks, and more actionable insights to enhance your IT monitoring and observability.

    Learn

      Documentation

      Read through our documentation, check out our latest release notes, or submit a ticket to our world-class customer service team.

    Support

    Product Documentation

    Credentials for Accessing Remote Windows Computers

    Last updated on 24 September, 2024

    No further credential modification is needed, if the Collector is running as an account with the right to connect to the remote computers.

    If you are only monitoring a machine where the Collector is installed, Local System can be used; we recommend using a user with only the least privilege permissions by following the instructions in Migrating Windows Collector from Admin to Non-admin User.

    If the account credentials for the Collector service do not have access rights to the remote computers you want to monitor. In that case, you can explicitly provide the credentials belonging to a user with the least privilege permissions on the computers to be queried. To do this using WMI, specify the following properties at the appropriate level (i.e., global, group, or resource level):

    • wmi.user – Assign the username of an account with the least privilege permissions on the computers to be queried to this property.
    • wmi.pass – Assign the password of an account with the least privilege permissions on the computers to be queried to this property.
    • wmi.authType – Optionally, this property can indicate the NTLM protocol version that should be used to authenticate to a remote WMI host. If this property is not set, it defaults to a value of “NTLMv1”. Specify “NTLMv2” for authentication via NTLM version 2. A value of “Kerberos” is also supported; if “Kerberos” is assigned, you should use the ServerName or FQDN to add a device and start your Collector services using AD account credentials instead of Local System.

    To configure the least privilege permissions for WMI, see Windows Server Monitoring and Principle of Least Privilege.

    To configure WinRM monitoring instead of WMI, see Configuring WinRM for Windows Collector. 

    For more information on assigning properties, see Resource and Instance Properties.

    A local non-domain account on a remote computer that is a domain member is possible. This is not recommended, even if the account is in the Administrators group. Doing so will subject the WMI access to UAC filtering in Vista and later OSs, limiting the data that can be collected. You may also trigger account lockout alerts.

    Please note that the remote perfmon collection is not supported when using SYSTEM accounts, regardless of pdh.user/pdh.pass property usage.