We have started using Dell Support Assist Enterprise for our infrastructure.
For some devices windows domain credentials must be used in order to connect to the (other) managed servers openmanage instance in order to collect data.
Instead of using a typical domain account (with username / password) we would like to use Windows Managed service accounts
so the Dell Assist will connect to the managed servers with this type of account.
I configured such an account with success. I also added it on the Domain Admins group and also to the Local Administrator group (on each server).
I configured the Support Assist to connect to the managed servers with domain credentials:
password: [none, empty]
as this is the way managed service accounts should be configured, but it does not work (wrong credentials).
Is is possible to use managed service accounts with Support assist? If yes, how we configure them?
very interesting question
Well for me, I can't tell you, but I already asked the L3s on this and here we go with the next steps.
1st task: Q: Is there any specific reason that you created a domain service account with an empty password?
2nd task: Get me the application log with debug information. Instructions as follows:
I'll forward the logs to our engineering and keep you posted.
Thanks and Cheers
thank you for your reply.
This type of account, is a special one, which does not require a password. The password is auto-renewed by the system. We would like to deploy it like this for better security reasons.
In the link I have on my first post, it is in detail how it works and why it is used.
I will proceed with the next steps within this week and write back to you.
Thank you again
thanks for sending the logs.
In the meantime, I received an answer from the Engineering team for SupportAssist Enterprise and they have confirmed that they don’t support domain account without passwords.
So the way you wanna use it is not possible. You have to use at least one Account with a password to use it.
If I receive anything else I'll let you know.
For now, this seems to be solved as it works as designed.