Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Why we need Local admin privileges on all targeted windows machines for Asset Insight Discovery tool

Tariq Ashraf
Tariq Ashraf
Contributor
October 6, 2022

Dear Team,

We are using Asset Insight Discovery tool to scan our assets but we have one security concern with Windows based machines. As mentioned in your documentation, we need local admin privileges on all targeted windows machines.

https://confluence.atlassian.com/insightapps/discovery-system-requirements-1085180644.html#Discoverysystemrequirements-Windows:WMI

Our Security team is not allowing local admin privileges and we have few concerns as mentioned below. 

i) Why asset discovery tool credentials need local admin privileges on all windows targeted machines?

ii) What will be activities performed by Insight Discovery tool using admin rights on windows?

iii) If we are not wrong, Insight Discovery will just read the information from windows system during scanning?

iv) Will Insight discovery tool will write anything on targeted windows machines?

v) Is there any clear requirements that on which specific paths we need to provide the admin rights for scanning?

Does anyone know regarding the above mentioned queries. Please provide you feedback for above queries

OR

Provide any workaround for this problem so that we don't need to use admin rights on each targeted windows machine.

 

Thanks & Regards,
Tariq Ashraf

Answer
Watch
Like Be the first to like this
622 views

1 answer

1 vote
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 6, 2022

I can't answer all of that in any detail but the short answer is "because you need to be an admin on the machine to be able to see a lot of the data Insight is looking for".

Windows doesn't have the granularity of admin control to be able to say "and let an unprivileged account see, but not edit, the settings" in a lot of places.

Insight will not try to change anything, it is a pure read of data.

View More Comments
Tariq Ashraf
Tariq Ashraf
Contributor
October 9, 2022

Dear Nic Brough,

Thanks for your response. But I am still confused, if it is just related to read the data and not to edit anything then why we need local admin privileges. 

Second concern, do you have any idea on which specific paths/folders we need to provide the admin rights for scanning?

 

Regards,

Tariq Ashraf

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 9, 2022

>just related to read the data and not to edit anything then why we need local admin privileges

Because that's how Windows works.

> which specific paths/folders we need to provide the admin rights for scanning

It doesn't do much direct reading of files, it's mostly reading system settings.  I don't know what files it might be reading, but it's safe to say "all the folders the operating system is installed and configured in"

Like
Nicolaus Brooks
Nicolaus Brooks August 24, 2023

@Nic Brough -Adaptavist- Hi, I am having trouble with testing my credentials I do have local admin rights on all of the devices but the test does not work. When I did a scan the only device that import was my device. Can you help at all? Can you use .\ before username for the local admin?

Like Christian Schneider likes this
Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
DEPLOYMENT TYPE
SERVER
VERSION
4.20.10
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.