Forum GLPI-Project

Maschik1234

Member

Registered: 2023-07-03

Posts: 26

Best practice GLPI agent with focus on security!

Hello, I would like to bring the agent into the corporate network, but would need a best practice guideline with a focus on security.

I don't necessarily want to give the agent to many admin rights.

There are also concerns about WINRM and the requirement that the agent or remote WINRM user needs admin rights.

In short, I want to use the agent but minimize the security risk and i need a best practice guide for this.

cconard96

Moderator

Registered: 2018-07-31

Posts: 2,813

Website

Re: Best practice GLPI agent with focus on security!

As far as I know, WinRM is only used for remote inventory tasks where an agent is installed on one or a few Windows computers and remotely connects to the rest of the Windows computers to pull inventory data and send it to GLPI.
If you want to avoid using WinRM, you should be able to install the agent on every computer make sure the agent is installed with the Remote Inventory option disabled.

---

GLPI Collaborator and Plugin Developer.
My non-English comments are automated translations. Sorry for any confusion that causes.
Mes commentaires non anglais sont des traductions automatiques. Désolé pour toute confusion qui cause.
Mis comentarios que no están en inglés son traducciones automáticas. Perdón por cualquier confusión que cause.

Maschik1234

Member

Registered: 2023-07-03

Posts: 26

Re: Best practice GLPI agent with focus on security!

Hello,

if I want to install the agent on the clients, what permissions are mandatory?

Ragnarok

Member

Registered: 2019-10-28

Posts: 44

Re: Best practice GLPI agent with focus on security!

Hello,

if I want to install the agent on the clients, what permissions are mandatory?

the agent runs as service with system account.. to get hardware related information