Support Center

Management Point Service Account Requirements

Last Updated: Jul 03, 2018 05:13PM IST
The Sam360 Management Point can use one or more accounts to 
  • Scan remote devices for software & hardware inventory
  • Import licensing relevant data from
    • SQL Server, Exchange, Skype for Business, SharePoint
    • Hyper-V, VMware vSphere and vCenter, XenServer
    • Office 365
  • Snapshot software usage data on XenApp, RemoteApp and other RDS servers
  • Import data from 3rd party inventory tools
The Management Point can use pre-existing accounts or a service account dedicated to Sam360 data collection. The account needs certain permissions to enable efficient and successful remote scanning.
Minimum Permissions required for Inventory Scan, SQL Server, Exchange, Skype for Business, SharePoint, Hyper-V & RDS Server usage snapshots
The Sam360 user account should have local administrative privileges on any device it is going to scan i.e. it should be part of the local Administrators group. In a Windows Domain or Forest environment, this can be achieved by adding the user to the 'Domain Admins' or 'Enterprise Admins' group. Alternatively, group policy can be used to add a dedicated Sam360 service account to the local admins group of any device to be scanned remotely.
 
Minimum Permissions required for VMware
The Sam360 Management Point uses the VMware integration PowerShell script from the open source SAM Gold Toolkit to query vSphere hosts and vCenter servers for host and guest information. The script does not make any changes to the VMware environment - it only reads information. As such, the specified user must have at least read only permission on the target server or farm. The easiest way to achieve this is to assign the system default 'Read Only' role to the user.
 
Minimum Permissions required for Office 365
The Sam360 Management Point uses the Office 365 integration PowerShell script from the open source SAM Gold Toolkit to query Office 365 for subscription and usage information. The script does not make any changes to the Office 365 environment - it only reads information. The script requires a Microsoft account in the "Service Support Administrator" Office 365 and "View-Only Organization Management" Exchange Online roles in order to query the licensing relevant data. There is more information on how to create a dedicated service account for Office 365 integration here.

Contact Us

a07e75482d8c9acab6343240bed7a2d1@sam360.desk-mail.com
http://assets1.desk.com/
false
sam360pro
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete