DX Unified Infrastructure Management

UIM 9.02 Install, Windows auth for DB gets logged in user not user specified.  I enter the domain account but rather than trying to login as that account it tries it as the user I'm logged into the local machine as.  How do we resolve this?

login as the Domain user you want to user for UIM to do the install.

------------------------------
Gene Howard
Principal Support Engineer
Broadcom
------------------------------

Original Message:
Sent: 02-18-2020 09:58 AM
From: Keith Clay
Subject: UIM 9.02 Install, Windows auth for DB gets logged in as wrong user

UIM 9.02 Install, Windows auth for DB gets logged in user not user specified.  I enter the domain account but rather than trying to login as that account it tries it as the user I'm logged into the local machine as.  How do we resolve this?

We can't as it's a service account and security policy disallows server logins.
Original Message:
Sent: 02-18-2020 09:59 AM
From: Gene HOWARD
Subject: UIM 9.02 Install, Windows auth for DB gets logged in as wrong user

login as the Domain user you want to user for UIM to do the install.

------------------------------
Gene Howard
Principal Support Engineer
Broadcom

Original Message:
Sent: 02-18-2020 09:58 AM
From: Keith Clay
Subject: UIM 9.02 Install, Windows auth for DB gets logged in as wrong user

UIM 9.02 Install, Windows auth for DB gets logged in user not user specified.  I enter the domain account but rather than trying to login as that account it tries it as the user I'm logged into the local machine as.  How do we resolve this?

in order for UIM to work correctly, this service account will require the logon locally permissions anyway.
But you and try and create the service manually during the installation as that is probably the only thing that is failing during the installation.

the below KB articles has directions on how to create the service manually
https://ca-broadcom.wolkenservicedesk.com/external/article?articleId=35046

------------------------------
Gene Howard
Principal Support Engineer
Broadcom
------------------------------

Original Message:
Sent: 02-18-2020 10:03 AM
From: Keith Clay
Subject: UIM 9.02 Install, Windows auth for DB gets logged in as wrong user

We can't as it's a service account and security policy disallows server logins.
Original Message:
Sent: 02-18-2020 09:59 AM
From: Gene HOWARD
Subject: UIM 9.02 Install, Windows auth for DB gets logged in as wrong user

login as the Domain user you want to user for UIM to do the install.

------------------------------
Gene Howard
Principal Support Engineer
Broadcom

Original Message:
Sent: 02-18-2020 09:58 AM
From: Keith Clay
Subject: UIM 9.02 Install, Windows auth for DB gets logged in as wrong user

UIM 9.02 Install, Windows auth for DB gets logged in user not user specified.  I enter the domain account but rather than trying to login as that account it tries it as the user I'm logged into the local machine as.  How do we resolve this?

Keith

We had the same requirement (domain service running nimbuswatcherservice could not logon to server due to policy).

We started with 9.0.2 but have upgraded to 9.2.0 + hot-fixes.  This is what we do and it seems to work.
Login in to server with admin user (either local or domain it doesn't matter) and do the install using a sa equivalent SQLserver user
Then
1. update data_engine to use a more appropriate level user (can read and write the UIM database only)
2. run nimsoftwatcherservice as the required service account (we are now using a MSA to remove the password management requirement) by
2.1 register MSA with the local server - standard procedure
2.2 give MSA owner and inherit privileges to the nimsoft install tree (use icacls /grant and icacls /setowner commands to do this)
2.3 make the MSA owner of the nimbus service (sc config nimbuswatcherservice obj="<MSA name>" type=own)
2.4 restart nimbus service

We do this for all robots running on security sensitive systems (this includes the primariy hub, standard hubs as well as robots).  Note on some systems we have to give the MSA additional privileges depending on the types of probes that are running on the robot, but we have found that being a member of the locacl administratos group is very rarely needed.

Hope this helps

Gene:  I know MSA's are not "officially" supported, but what is supported is too security relaxed/vulnerable we cannot do it the "supported" way, hence going down this path on an as needed basis.

Regards, Andrew

------------------------------
Knows a little about UIM/DXim, AE, Automic
------------------------------

Original Message:
Sent: 02-18-2020 10:06 AM
From: Gene HOWARD
Subject: UIM 9.02 Install, Windows auth for DB gets logged in as wrong user

in order for UIM to work correctly, this service account will require the logon locally permissions anyway.
But you and try and create the service manually during the installation as that is probably the only thing that is failing during the installation.

the below KB articles has directions on how to create the service manually
https://ca-broadcom.wolkenservicedesk.com/external/article?articleId=35046

------------------------------
Gene Howard
Principal Support Engineer
Broadcom

Original Message:
Sent: 02-18-2020 10:03 AM
From: Keith Clay
Subject: UIM 9.02 Install, Windows auth for DB gets logged in as wrong user

We can't as it's a service account and security policy disallows server logins.
Original Message:
Sent: 02-18-2020 09:59 AM
From: Gene HOWARD
Subject: UIM 9.02 Install, Windows auth for DB gets logged in as wrong user

login as the Domain user you want to user for UIM to do the install.

------------------------------
Gene Howard
Principal Support Engineer
Broadcom

Original Message:
Sent: 02-18-2020 09:58 AM
From: Keith Clay
Subject: UIM 9.02 Install, Windows auth for DB gets logged in as wrong user

UIM 9.02 Install, Windows auth for DB gets logged in user not user specified.  I enter the domain account but rather than trying to login as that account it tries it as the user I'm logged into the local machine as.  How do we resolve this?