When installing agents to process site objects, you can select to use the LocalSystem account for agent operation on the target computers, or specify another account:
If you select to use an account other than LocalSystem, InTrust automatically attempts to grant the account the Log on as a service right. However, Group Policy settings may prevent this. If the account fails to get the right, you can configure account rights using the Local Security Policy console.
To grant user rights to a service account
To change the account for an agent that is already running
See the following topics:
The default InTrust deployment is mainly designed for a specific scenario: real-time collection of logs to an InTrust repository, viewing the contents of the repository and generating reports on those contents in Repository Viewer. If you want to depart from this scenario (collect a rare log, add real-time alerts, make SSRS-based reports with correlated events and so on), you should begin by extending your default deployment with new InTrust components.
For that, run the InTrust setup suite on the computer where the default set of components is installed, as described in Installing and Configuring InTrust Components. The necessary components will be added.
Caution: Due to an issue in the installer, customizing the communication ports on the Review Default Settings step currently does not work. You can specify custom ports and successfully complete the setup, but these changes will have no effect, and InTrust will keep using the default ports: 900 and 8340.
After you have extended a default InTrust deployment, it is not recommended that you mix real-time event collection with classic InTrust real-time monitoring. In your new extended deployment, let the original InTrust server keep performing real-time event collection. For real-time monitoring, use other servers in the same InTrust organization (add them if necessary).
In InTrust, your environment is represented by InTrust sites. Sites define the scope of InTrust operation and also specify the computers where InTrust agents can reside. See the following topics: