Run Zabbix Agent as Domain Admin
The Setup:
I need a simple check for a possible Nextcloud synchronization error on our NAS.
So I wrote a simple PowerShell script to check for that and I want Zabbix to call and monitor this and throw an alarm, in case the value returns 1
The Script is on a Windows Server with several tools and the synchronization happens on the NAS.
The Problem:
- The script itself it works just fine if you execute it locally.
- But: if I try to call it through Zabbix (Zabbix-Agent 2 installed on the Win Server) though, I get a
However: If I change the path in the script to something local like "C:\Users\Administrator.DOMAIN\Documents" Zabbix can easily call the script and get a result.
Which leads me to believe that my Zabbix-Agent runs with/ has local Admin rights, but not Domain rights.
Is there any way to change the permissions with which Zabbix-Agent runs resp. executes the script?
I need a simple check for a possible Nextcloud synchronization error on our NAS.
So I wrote a simple PowerShell script to check for that and I want Zabbix to call and monitor this and throw an alarm, in case the value returns 1
Code:
$path = "\\nas\<path>\KeePass\Databases"
$pattern = "corrupted"
$search_results = Get-ChildItem -Path $path | Where-Object { ((! $_.PSIsContainer)) }
foreach ($file in $search_results) {
if ($file.name -like "*$pattern*") {
return "1"
}
}
return "0"
The Problem:
- The script itself it works just fine if you execute it locally.
- But: if I try to call it through Zabbix (Zabbix-Agent 2 installed on the Win Server) though, I get a
Code:
PermissionDenied: (\\nas\<path>\KeePass\Databases:String) [Get-ChildItem], Unauthoriz edAccessException
Which leads me to believe that my Zabbix-Agent runs with/ has local Admin rights, but not Domain rights.
Is there any way to change the permissions with which Zabbix-Agent runs resp. executes the script?
Comment