FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Can we change the dynatrace service to use an AD service account instead of dtuser?

Go to solution
robert_dietz
Newcomer

‎19 Sep 2019 09:35 AM

Our security policy has flagged the dtuser local account on our servers. I have been tasked with finding a solution. It seems to me that the easiest way to remedy would be to create an AD service account and putting it in the "Performance Monitor User" group. Then all I have to do is change the OneAgent services to run with this service account. Then I can delete the local dtuser. Is there any reason this would not work? It seems like the easiest solution to me...


Labels:
0 Kudos
Reply
2 REPLIES 2

Go to solution
Tomasz_Gajger
Dynatrace Champion
Dynatrace Champion

‎19 Sep 2019 11:51 PM

Hi Bob, to comply with your security policy the only supported option would be to use USER=no_create installer parameter, see the following page for details: https://www.dynatrace.com/support/help/shortlink/windows-custom-installation

What you have suggested is an unsupported modification and would not work correctly.

Regards,
Tomasz


0 Kudos
Reply

Go to solution
robert_dietz
Newcomer

‎20 Sep 2019 04:06 AM

Thanks Thomasz … that's what we are gathering. One employee at Dynatrace says it MAY work but it would nullify support for OneAgent on the host machine... We are working with our provider to get clarity since we are being told different things from different people at Dynatrace.


0 Kudos
Reply
Ask a question