Discovery: How to discover Domain Controller machines without using a domain admin account?

Version 3
    Share This:

    This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.


    BMC Discovery


    BMC Discovery 11.3


    BMC Discovery


    How to discover Domain Controller machines without using a domain admin account?




    Legacy ID:KA389745


    An administrator account is recommended for Windows scans. Without this level of permissions, only partial data is discovered.  Also, the RemQuery utility can only be run as an administrator user. Without RemQuery, the scan cannot perform the following actions:

    • Get network connection information from basic discovery
    • Get files from patterns
    • Run commands from patterns

    For more info see

    Some suggestions:

    The Domain Admin credential can be specified in a Windows AD proxy, rather than in a Discovery credential. In this way, the credentials are only owned and maintained by the Windows administrator, and are not known by Discovery in any way.

    The only other possible solution is to create a new, non-admin domain account in the DC, and then add enough rights and permissions to it to make it usable by Discovery. It would include access to some shares like C$ and home$ and to execute administrative commands. This would not be a simple task and BMC doesn't have guidance on everything that would be needed. There is some information about this in the doc mentioned above.



    Article Number:


    Article Type:


      Looking for additional information?    Search BMC Support  or  Browse Knowledge Articles