Mapping all incoming connections to the Administrator account is not a best practice - this means anyone who connects to the agent can do things as Administrator.
Normally, you would use the ADMIN_ACCOUNT property to handle this, setting it to "??HOST??-user001" as the default in the Property Dictionary, and then Push ACLs.
To make this work w/ the exports file, after you run the installer (bulk agent installer?) you need to run a post install script like:
echo " * rw,user=%COMPUTERNAME%-user001" > %SYSTEMROOT%\rsc\exports
you may have to play w/ the double quotes - DOS does echo a little different then *nix.
I was a bit too optimistic
infact we discovered that even the "user001" part is not fixed but variable without a fixed rule.
the use of a domain account common to all machines could solve our problem, but the documentation clearly states that one must use a local account.
Is it really not possible to use a domain account for the user= option of the exports file?
if the username still has the computer name in it, you can still figure it out, though you'd be using some DOS Batch scripting to do it.
you would list the users on the system, search for the %COMPUTERNAME%, assuming that is the only user on the system w/ the hostname in the username, and then echo that into your exports file.
As Bill was saying, ideally when installing an agent you don't want to provide any mapping in your exports file. I would recommend this:
Then once you've installed the agent and added the server to Config Manager, you'll want to run the ACL Push Job as BLAdmins:BLAdmin. Is there any way to update your users.local file on each target to provide mappings to the correct local admin user?
To answer a previous question of yours, you have to map to a local user on the remote host. Domain accounts will not work.