This topic provides information about Operations Manager actions accounts and using low-privilege accounts with the Citrix EdgeSight Management Pack and the SCOM alert action.
The EdgeSight Management Pack uses the default agent action account that is created when Operations Manager is first installed to perform discovery and run rules, tasks, and monitors. By default, Operations Manager assigns the Local System account as the agent action account. When running as Local System, the agent action account has all the privileges necessary to perform discovery and run rules, tasks, and monitors.
You can use a low-privilege account for the agent action account; however the service recovery tasks require elevated rights. The low-privilege account must meet the following requirements:
With the low-privilege action account the following features are supported:
With the low-privilege action account the following features are not supported:
The Alert Action includes credentials used for authentication. This account must be a member of the Operations Manager Administrators role to access the SDK Service. This account must also be a member of the administrator’s Local Group on the EdgeSight Server so that the alert action can spawn a local process. The low-privilege section describes the minimum permissions required by this account.
The minimum privileges required by the SCOM administrator account are: