Run As Accounts in SCOM!!!!

As accounts define which credentials will be used for certain actions that are carried out by the Operations Manager agent. These accounts are centrally managed through the Operations console and assigned to different Run As profiles. If a Run As profile is not assigned to a particular action, it will be carried out under the Default Action account. In a low-privilege environment, the default account may not have the required permissions for a particular action, and a Run As profile can be used to provide this authority. Management packs may install Run As profiles and Run As accounts to support required actions. If this is the case, their documentation should be referenced for any required configuration. The following table lists the default Run As accounts that are created by Operations Manager during setup. The following table lists the Run As profiles that are created by Operations Manager during setup. Note that if the Run As account is left blank for the particular profile, the Default Action account (either the Management Server Action account or the Agent Action account, depending on the location of the action) will be used. NAME DESCRIPTION RUN AS ACCOUNT Active Directory Based Agent Assignment Account Account used by Active Directory-based agent assignment module to publish assignment settings to Active Directory. Local System Windows Account Automatic Agent Management Account This account will be used to automatically diagnose agent failures. None Client Monitoring Action Account If specified, used by Operations Manager 2016 to run all client monitoring modules. If not specified, Operations Manager uses the default action account. None Connected Management Group Account Account used by Operations Manager management pack to monitor connection health to the connected management groups. None Data Warehouse Account If specified, this account is used to run all Data Warehouse collection and synchronization rules instead of the default action account. If this account is not overridden by the Data Warehouse SQL Server Authentication account, this account is used by collection and synchronization rules to connect to the Data Warehouse databases using Windows integrated authentication. None Data Warehouse Report Deployment Account This account is used by Data Warehouse report auto-deployment procedures to execute various report deployment-related operations. Data Warehouse Report Deployment Account Data Warehouse SQL Server Authentication Account If specified, this login name and password is used by collection and synchronization rules to connect to the Data Warehouse databases using SQL Server authentication. Data Warehouse SQL Server Authentication Account MPUpdate Action Account This account is used by the MPUpdate notifier. None Notification Account Windows account used by notification rules. Use this account's e-mail address as the e-mail and instant message 'From' address. None Operational Database Account This account is used to read and write information to the Operations Manager database. None Privileged Monitoring Account This profile is used for monitoring, which can only be done with a high level of privilege to a system; for example, monitoring that requires Local System or Local Administrator permissions. This profile defaults to Local System unless specifically overridden for a target system. None Reporting SDK SQL Server Authentication Account If specified, this login name and password is used by SDK Service to connect to the Data Warehouse databases using SQL Server authentication. Reporting SDK SQL Server Authentication Account Reserved This profile is reserved and must not be used None Validate Alert Subscription Account Account used by the validate alert subscription module that validates that notification subscriptions are in scope. This profile needs administrator rights. Local System Windows Account SNMP Monitoring Account This account is used for SNMP monitoring. None SNMPv3 Monitoring Account This account is used for SNMPv3 monitoring. None UNIX/Linux Action Account THis account is used for low privilege UNIX and Linux access. None UNIX/Linux Agent Maintenance Account This account is used for privileged maintenance operations for UNIX and Linux agents. Without this account agent maintenance operations will not work. None UNIX/Linux Privileged Account This account is used for accessing protected UNIX and Linux resources and actions that require high privileges. Without this account some rules, diagnostics and recoveries will not work. None Windows Cluster Action Account This profile is used for all discovery and monitoring of Windows Cluster components. This profile defaults to used action accounts unless specifically populated by the user. None WS-Management Action Account This profile is used for WS-Management access. None NAMEx`