<< Click to Display Table of Contents >> Raynet One Data Hub > 14.0 u1 > Connectors > Alphabetic Connector List > ECM Connector Prerequisites |
The connector uses the Windows Management Instrumentation in order to create a connection to the Configuration Manager Console server of the ECM system. The following parameters are required in order to create the connection:
Parameter |
Description |
Values |
---|---|---|
API |
Option to execute the queries on the target SCCM machine |
•SM (System Management) •MMI (Microsoft Management Infrastructure) |
Access Type |
Access type used to connect to the target server |
•DCOM (Distributed Component Object Model) •WSMan (Web Service Management) [API MMI only!] |
Host |
Target hostname |
Custom string [Hostname or FQDN] |
User Name |
User used for the connection operation |
Custom string |
Password |
Password for the specified user |
Custom security string |
Site |
SMS site name |
Custom string |
In ECM the user needs to at least be granted the Read-only Analyst role. This role grants the permissions to view all the Configuration Manager objects.
To grant the necessary rights, open the Properties of the user and click on the Add... button. Then select the Read-only Analyst role by checking the checkbox.
Check that the Security Roles Column shows the Read-only Analyst as role for the user that will be used with the connector.
This is the approach with the highest permission level necessary. The user needs to be part of the local administrators group. Local administrators usually have full permissions to WMI.
This is the approach with the least privileges necessary. For granting dedicated permissions to specified service users or groups, the following needs to be configured on the target system:
Group Membership
The user or group needs to a member of the following groups:
Performance Monitor Users |
S-1-5-32-558 |
Distributed COM Users |
S-1-5-32-562 |
Remote Management Users |
S-1-5-32-580 |
Dedicated Permissions
The user or group needs the following permissions on the WMI namespace:
Namespace |
Permission |
Inheritance |
---|---|---|
\root |
Enable Remote Enable |
No |
\root\sms\site_<SITENAME> |
Enable Execute Methods Remote Enable Read Security |
Yes |