locked
SCOM & SCVMM integration (with AD MP integration) - DCs as VMs generate Run As Account Cannot Log on Locally RRS feed

  • Question

  • We have a SCOM 2012SP1 and SCVMM 2012SP1 environment.

    I have configured the SCOM AD MP (to use a service account svc_scom2102admp).

    I then started preparing for SCVMM by integration by performing the following actions:

    * Install agents on all hyper-v hosts

    * Install agents on SCVMM server

    * allow agent proxying.

    * Importing required MPs into SCOM

    * Configuring SCVMM and SCOM integration via SCVMM (using an integration account svc_scvmm2012scom)

    * Adding the integration account to "SCOM administrators" and "SCVMM administrators"

    What happened next is some alerts from our virtual Domain Controllers and Exchange Servers (the exchange servers were configured for AD client monitoring).

    The alerts relate to "Run As Account Cannot Log on Locally" with the account in question being the SCVMM/SCOM integration account svc_scvmm2012scom. This account was never setup to be allowed to log on locally, as we are already using scv_scom2012admp for that purpose.

    My questions are as follows:

    1) What is the correct way to deal with this behaviour?

    2) Would it be best to create an override for this rule (this could cause problems if the svc_scom2012admp account really couldn't log on locally)?

    Monday, September 2, 2013 2:45 AM

Answers

All replies