Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
Loading...
Loading...

HOWTO: How do I configure services and user rights for Windows installations of Security Reporting Center?

Expand / Collapse


This article applies to:

  • Security Reporting Center 2.0
  • Security Reporting Center 2.1

Question:

How do I configure services and user rights for Windows installations of Security Reporting Center?

Symptoms:

  • Error: None of the requested log files were found.

Procedure:

If you plan to access log files or other resources through your network, you must first configure product services to log on under an account with access to those network drives. This is especially important when you distribute an installation across multiple computers. By default, product services log on under the system account. To access network drives, you should typically configure the services to log on under a user account. This involves two steps: selecting an account to use for each services, and giving that account the appropriate rights.

You should perform the steps described below if you plan to use a network drive to do any of the following:

  • Retrieve log files
  • Store the DNS cache
  • Collect Check Point log files via OPSEC LEA
  • Collect log files with the NetIQ Syslog Service
  • Store FastTrends databases
  • Unzip log files

Microsoft Windows NT

    To configure services, use the following steps.

    1. Open the Windows Control Panel and click Services.

    2. Select the NetIQ Scheduler Agent service from the list.

    3. Click Startup. The Service dialog box opens.

    4. Select This Account. Specify which account to use, and type the password for the account.

    5. Stop and restart the service.

    If you want the NetIQ LEA Service or the NetIQ Syslog Service to write to a mapped or network drive, repeat each service.


    To give the account necessary rights, use the following steps.

    1. Open the User Manager by selecting Programs | Administrative Tools | User Manager from the Windows Start menu.

    2. Select the account that you specified for your services, and select User Rights from the Policies menu.

    3. Select the Show Advanced User Rights check box.

    4. Select Act as Part of the Operating System from the Right: list.

    5. If the account you specified above is not in the list, click Add.

    6. Add the account, and click OK.

    7. Repeat Steps 4-6 for the Log On as a Service right. Click OK to close the User Rights Policy dialog box.

    8. In the bottom pane of the User Manager, double-click Administrators. If your account is not in the list, add it. Click OK to close the Group Properties window.



Microsoft Windows 2000 and Windows XP

    To configure services, use the following steps.

    1. Go to the Windows Control Panel and double-click Administrative Tools.

    2. In the Administrative Tools window, double-click Component Services.

    3. Select Services (local) in the left pane.

    4. Right-click NetIQ Scheduler Agent in the right panel, and select Properties.

    5. Click the Log On tab.

    6. Select This Account and click Browse to select an account from the list.

    7. Type the password for the account, confirm it, and click OK to exit the dialog box.

    8. Stop and restart the service.

    If you want the NetIQ LEA Service or NetIQ Syslog Service to write to a mapped or network drive, repeat Steps 1-7 for those services.


    To give the account necessary rights, use the following steps.

    1. Go to the Windows Control Panel and double-click Administrative Tools.

    2. Double-click Local Security Policy.

    3. Under Security Settings in the left pane, expand Local Policies.

    4. Double-click User Rights Assignments.

    5. Double-click Acts as Part of the Operating System, and make sure the account you specified earlier is in the list. Click Add to add the user account.

    6. Repeat this step for Log on as a Service and Log on locally.

This article was previously published as:
NETIQKB13339

To contact Trustwave about this article or to request support:


Rate this Article:
     
Tags:

Add Your Comments


Comment submission is disabled for anonymous users.
Please send feedback to Trustwave Technical Support or the Webmaster
.