I'm getting push back on installing UFs on domain controllers and I believe installing in low privilege mode is the solution which will meet windows administrators concerns. My only issue is that I haven't been able to find a document that states the exact limitations of running the UF in low privilege mode, other than this article.
https://answers.splunk.com/answers/93998/running-universal-forwarder-with-non-administrator-service-account.html
Does anyone know if there is a document on what a low privilege UF can't do?
Will this let me run Powershell commands?
... View more