Message Image

Skip main navigation (Press Enter).

Endpoint Protection

View Only

Back to discussions

Expand all | Collapse all

Service Account used for AD Authentication

Migration UserApr 21, 2014 02:07 PM

Hi, My question is - What service account is used in SEPM 11/12 for AD authentication? I researched ...

ℬrίαηApr 21, 2014 04:47 PM

This is defined by you from within your AD structure, independant from the SEPM. Once created, you can ...

SMLatCSTApr 22, 2014 10:10 AM

I don't think I've ever been able to find documentation on the Domain rights required for this either, ...

1. Service Account used for AD Authentication

0 Recommend
Migration User
Posted Apr 21, 2014 02:07 PM

Reply Reply Privately
Hi,

My question is - What service account is used in SEPM 11/12 for AD authentication?

I researched and found a lot of entries on how to set up AD authentication but no detail about the actual service that is involved with this process.

Thanks,

Tim
2. RE: Service Account used for AD Authentication

0 Recommend
ℬrίαη
Posted Apr 21, 2014 04:47 PM

Reply Reply Privately
This is defined by you from within your AD structure, independant from the SEPM. Once created, you can then setup AD sync within the SEPM, using the new account.
3. RE: Service Account used for AD Authentication

0 Recommend
SMLatCST
Posted Apr 22, 2014 10:10 AM

Reply Reply Privately
I don't think I've ever been able to find documentation on the Domain rights required for this either, but AFAIK basic Domain User rights are sufficient for the SEPM to provide AD authentication for your SEP Admins.

Essentially, it should just need Read access to the AD objects in question.

#EDIT#

Closest thing I've found to back this up is below (where they say the SEPM will never write changes to AD):

https://www-secure.symantec.com/connect/forums/how-powerful-logonid-do-you-need-synchronize-active-directory#comment-3112251
http://www.symantec.com/docs/HOWTO81142

Copyright 2019. All rights reserved.

Powered by Higher Logic