What credentials does NetWrix Account Lockout Examiner use?
NetWrix Account Lockout Examiner uses two types of accounts:
- The service account – an account used to run the Netwrix Account Lockout Examiner service. This account is used to collect logs and examine machines. It is recommended to use a domain admin account. Here is the list of all required rights and permissions.
- An account to run the console. By default credentials of a user that is loged currently are used. It is counted by the license and is shown as examination initializer. This account must be granted Account Lockout Examiner Administrator role in the product settings. This role allows to access the Help-desk portal as well. It is recommended to grant the account the local admin role.
- An account you enter to access the Help-desk portal. Usually the portal promts for the crednetials, otherwise the credentials of a user that is logged in currently are used. This account is also counted by license. It must be granted Helpdesk Operator role in the product settings.