I am testing scripts on my Domain Controllers and they are not running.  So I built a custom inventory rule that just returns "whoami".  This obviously returns "nt authority\system" as expected for all non-Domain Controllers.  It does not run on the domain controllers, so I do not know what context the agent runs under.  A couple other custom inventory rules do run on the DC, so the agent can run some commands. 

Thanks for any help.

Answer Summary:
0 Comments   [ + ] Show Comments


Please log in to comment

Community Chosen Answer


The problem was just with powershell scripts.  And the cause was that there is not a 32-bit version of powershell installed by default on Server Core 2008 R2.  Changing the script to utilize the sysnative path to access the 64-bit version of powershell resolved this problem. 

Answered 06/11/2013 by: dimitris
Purple Belt

Please log in to comment



Active Directory has introduced new levels to server security management. If you would like to grant a remote administrator the rights to install software or services on a domain controller, that person would have to be a domain administrator.

Answered 06/10/2013 by: SMal.tmcc
Red Belt

  • That makes sense. But the agent does run on Domain Controllers and does have some level of access as all the hardware/software fields are populated on the appliance. I imagine it is with the System account. I was just wanting to confirm that this context is what it is running under and if that context should have rights to run scripts. If not, is there a non domain admin user setup that will allow running scripts via the appliance through the agent. Thanks.
    • You most likely installed the agent as a DA. Once installed it runs a service as system to do tasks. Due to security we do not even put the agent on any of our DC's so I can not help you with a work around, maybe someone else will give you the work around.
Please log in to comment
Answer this question or Comment on this question for clarity