Hi,
I have gone through all the steps to set up a non-admin user for monitoring (DCOM, WMI, enable ntlm2 etc). All LOOKS good, except the zenoss user does not see all the services. I have not found any solutions out there:
Non Admin User:
wmic -U <domain>/zenoss --password='<PW>' //<server> "Select caption From Win32_Service" -d 1Caption|Name
Application Management|AppMgmt
DCOM Server Process Launcher|DcomLaunch
DHCP Client|Dhcp
DNS Client|Dnscache
Windows Event Log|EventLog
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Windows CardSpace|idsvc
KtmRm for Distributed Transaction Coordinator|KtmRm
Distributed Transaction Coordinator|MSDTC
Network Access Protection Agent|napagent
Net.Msmq Listener Adapter|NetMsmqActivator
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Net.Pipe Listener Adapter|NetPipeActivator
Net.Tcp Listener Adapter|NetTcpActivator
Net.Tcp Port Sharing Service|NetTcpPortSharing
Office Source Engine|ose
BranchCache|PeerDistSvc
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Performance Logs & Alerts|pla
Remote Access Auto Connection Manager|RasAuto
Remote Access Connection Manager|RasMan
Routing and Remote Access|RemoteAccess
Remote Procedure Call (RPC)|RpcSs
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Resultant Set of Policy Provider|RSoPProv
Security Accounts Manager|SamSs
Task Scheduler|Schedule
System Event Notification Service|SENS
Print Spooler|Spooler
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Secure Socket Tunneling Protocol Service|SstpSvc
Virtual Disk|vds
Windows Color System|WcsPlugInService
WinHTTP Web Proxy Auto-Discovery Service|WinHttpAutoProxySvc
Windows Update|wuauserv
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Admin User:
wmic -U <domain>/administrator --password='<PW>' //<server> "Select caption From Win32_Service" -d 1Caption|Name
Caption|Name
Application Experience|AeLookupSvc
Application Layer Gateway Service|ALG
Application Information|Appinfo
Application Management|AppMgmt
ASP.NET State Service|aspnet_state
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Windows Audio Endpoint Builder|AudioEndpointBuilder
Windows Audio|Audiosrv
Backup Exec Remote Agent for Windows Systems|BackupExecAgentAccelerator
Base Filtering Engine|BFE
Background Intelligent Transfer Service|BITS
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Computer Browser|Browser
Symantec Event Manager|ccEvtMgr
Symantec Settings Manager|ccSetMgr
Certificate Propagation|CertPropSvc
Microsoft .NET Framework NGEN v2.0.50727_X86|clr_optimization_v2.0.50727_32
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Microsoft .NET Framework NGEN v4.0.30319_X86|clr_optimization_v4.0.30319_32
COM+ System Application|COMSysApp
Cryptographic Services|CryptSvc
Offline Files|CscService
DCOM Server Process Launcher|DcomLaunch
[wmi/wmic.c:212:main()] OK : Retrieve result data.
DHCP Client|Dhcp
DNS Client|Dnscache
Wired AutoConfig|dot3svc
Diagnostic Policy Service|DPS
Extensible Authentication Protocol|EapHost
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Windows Event Log|EventLog
COM+ Event System|EventSystem
Microsoft Fibre Channel Platform Registration Service|FCRegSvc
Function Discovery Provider Host|fdPHost
Function Discovery Resource Publication|FDResPub
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Windows Font Cache Service|FontCache
Windows Presentation Foundation Font Cache 3.0.0.0|FontCache3.0.0.0
Group Policy Client|gpsvc
Human Interface Device Access|hidserv
Health Key and Certificate Management|hkmsvc
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Windows CardSpace|idsvc
IKE and AuthIP IPsec Keying Modules|IKEEXT
PnP-X IP Bus Enumerator|IPBusEnum
IP Helper|iphlpsvc
CNG Key Isolation|KeyIso
[wmi/wmic.c:212:main()] OK : Retrieve result data.
KtmRm for Distributed Transaction Coordinator|KtmRm
Server|LanmanServer
Workstation|LanmanWorkstation
LiveUpdate|LiveUpdate
Link-Layer Topology Discovery Mapper|lltdsvc
[wmi/wmic.c:212:main()] OK : Retrieve result data.
TCP/IP NetBIOS Helper|lmhosts
Multimedia Class Scheduler|MMCSS
Windows Firewall|MpsSvc
Distributed Transaction Coordinator|MSDTC
SQL Server FullText Search (MSSQLSERVER)|msftesql
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Microsoft iSCSI Initiator Service|MSiSCSI
Windows Installer|msiserver
SQL Server (MSSQLSERVER)|MSSQLSERVER
SQL Server Active Directory Helper|MSSQLServerADHelper
SQL Server Analysis Services (MSSQLSERVER)|MSSQLServerOLAPService
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Network Access Protection Agent|napagent
Netlogon|Netlogon
Network Connections|Netman
Net.Msmq Listener Adapter|NetMsmqActivator
Net.Pipe Listener Adapter|NetPipeActivator
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Network List Service|netprofm
Net.Tcp Listener Adapter|NetTcpActivator
Net.Tcp Port Sharing Service|NetTcpPortSharing
Network Location Awareness|NlaSvc
Network Store Interface Service|nsi
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Office Source Engine|ose
BranchCache|PeerDistSvc
Performance Logs & Alerts|pla
Plug and Play|PlugPlay
IPsec Policy Agent|PolicyAgent
[wmi/wmic.c:212:main()] OK : Retrieve result data.
User Profile Service|ProfSvc
Protected Storage|ProtectedStorage
Remote Access Auto Connection Manager|RasAuto
Remote Access Connection Manager|RasMan
Routing and Remote Access|RemoteAccess
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Remote Registry|RemoteRegistry
Remote Procedure Call (RPC) Locator|RpcLocator
Remote Procedure Call (RPC)|RpcSs
Resultant Set of Policy Provider|RSoPProv
Special Administration Console Helper|sacsvr
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Security Accounts Manager|SamSs
Smart Card|SCardSvr
Task Scheduler|Schedule
Smart Card Removal Policy|SCPolicySvc
Secondary Logon|seclogon
[wmi/wmic.c:212:main()] OK : Retrieve result data.
System Event Notification Service|SENS
Terminal Services Configuration|SessionEnv
Internet Connection Sharing (ICS)|SharedAccess
Shell Hardware Detection|ShellHWDetection
Software Licensing|slsvc
[wmi/wmic.c:212:main()] OK : Retrieve result data.
SL UI Notification Service|SLUINotify
Symantec Management Client|SmcService
Symantec Network Access Control|SNAC
SNMP Trap|SNMPTRAP
Print Spooler|Spooler
[wmi/wmic.c:212:main()] OK : Retrieve result data.
SQL Server Browser|SQLBrowser
SQL Server Agent (MSSQLSERVER)|SQLSERVERAGENT
SQL Server VSS Writer|SQLWriter
SSDP Discovery|SSDPSRV
Secure Socket Tunneling Protocol Service|SstpSvc
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Microsoft Software Shadow Copy Provider|swprv
Symantec Endpoint Protection|Symantec AntiVirus
Superfetch|SysMain
Telephony|TapiSrv
TPM Base Services|TBS
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Terminal Services|TermService
Themes|Themes
Thread Ordering Server|THREADORDER
Distributed Link Tracking Client|TrkWks
Windows Modules Installer|TrustedInstaller
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Interactive Services Detection|UI0Detect
Terminal Services UserMode Port Redirector|UmRdpService
UPnP Device Host|upnphost
Desktop Window Manager Session Manager|UxSms
Virtual Disk|vds
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Volume Shadow Copy|VSS
Windows Time|W32Time
Block Level Backup Engine Service|wbengine
Windows Color System|WcsPlugInService
Diagnostic Service Host|WdiServiceHost
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Diagnostic System Host|WdiSystemHost
Windows Event Collector|Wecsvc
Problem Reports and Solutions Control Panel Support|wercplsupport
Windows Error Reporting Service|WerSvc
WinHTTP Web Proxy Auto-Discovery Service|WinHttpAutoProxySvc
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Windows Management Instrumentation|Winmgmt
Windows Remote Management (WS-Management)|WinRM
WMI Performance Adapter|wmiApSrv
Portable Device Enumerator Service|WPDBusEnum
Windows Presentation Foundation Font Cache 4.0.0.0|WPFFontCache_v0400
[wmi/wmic.c:212:main()] OK : Retrieve result data.
Windows Update|wuauserv
Windows Driver Foundation - User-mode Driver Framework|wudfsvc
-
Like (0)