Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".


SSO agent with Domain Admin privs

StintovStintov Newbie ✭
edited October 2021 in Mid Range Firewalls

Does anyone know if there is a way to install and configure SSO agent on DCs without giving the service login user Domain Admins privs please?

Category: Mid Range Firewalls


  • Options
    TKWITSTKWITS Community Legend ✭✭✭✭✭

    Make a dedicated account a member of Distributed COM Users, Performance Monitor Users, and Event Log Readers groups.

    Give the account logon as a service privileges on the servers.

    Give the account 'Execute Methods', 'Enable Account', 'Remote Enabled' and 'Read Security' privileges in WMI for the Root namespace and subnamespaces on the servers.

  • Options
    StintovStintov Newbie ✭

    Thanks for responding so quickly.

    I have since found this:

    Is this what your instructions where pertaining to please?

  • Options
    TKWITSTKWITS Community Legend ✭✭✭✭✭

    Yes that is correct. I just couldn't find the KB.

  • Options
    StintovStintov Newbie ✭

    Some feed back for everyone, the Domain Controllers are connected but the connection to Exchange server is disconnected now. Making the Server Account users a Domain Admin makes this work. I have given the SA the correct DCOM and WMI permissions the same as the DCs so not sure what going on.

  • Options
    ZbebusZbebus Newbie ✭


    I'm still getting problem with non-administrative account for SSO agent.

    I created the user with the instruction from "SonicWall® Directory Connector with SSO 4.1 Administration Guide " - page 49, and still don't work.

    Any ideas?

    Error in the attachment.

Sign In or Register to comment.