AuditWizard - Getting Started - Pre-Installation - Domain-User Account
AuditWizard requires one domain-user account. It is used for the AuditWizard Service (the service that runs on the AuditWizard server) and the Audit Agent Service (the service that runs on the target, client, computer).
Commonly a domain-admin account should be capable of these operations but we have discovered that many domain-admin accounts cannot do all of the below. In this case, it is advised that a new account with the following permissions be created for use with AuditWizard.
The account is configured in Administration > General > AuditWizard Service > Service Control.
The account must have sufficient permissions to do the following operations:
For the AuditWizard Server Service
- Must be able to write AuditAgent.exe and AuditAgent.xml to \\Computer\ADMIN$\System32\ (C:\WINDOWS\System32\) on the target computer
- Must be able to install AuditAgent.exe as a service on the target computer
- Must be able to start, stop and remove the AuditWizard Agent service on the target computer
- Must be able to delete AuditAgent.exe, AuditAgent.log and AuditAgent.xml from \\Computer\ADMIN$\System32\ on the target computer
- Must be able to read and write to the AuditWizard network share.
For the Client Audit Agent Service
- Must be able to write to the local C:\WINDOWS\System32\ folder
- Must be able to write to the root of C: on the local computer.
- Must be able to write to the AuditWizard network share.
An initial test can be done to determine whether an account will be suitable. Log into the AuditWizard computer using the account. Attempt to open the ADMIN$ share on a target computer (\\Computer\ADMIN$). If the account can't do this, then it is not suitable.