You can configure a regular Windows user to access WMI information by adding the regular user account to the Distributed COM Users and the Performance Monitor Users group using lusrmgr.msc, and then configuring the DCOM security settings to allow the groups to access the system remotely (using dcomcnfg).
Note: These configurations are required to be performed in the User profiles of the client devices that are to be monitored.
Configuring Distributed COM Users in Local user and Groups Setting:
To begin with, we are adding the DCOM user group in our local user settings.
Configuring the DCOM Security Settings to allow the groups to access the system remotely:
Next, we're providing basic access permissions to the user groups (Distributed COM Users and Performance Monitor Users) to be able to gain control of the device remotely.
Setting the WMI Control security settings to be applied to all namespaces:
Finally, access is provided for all classes under all namespaces for both the user groups, in order to enable OpManager to fetch those data using WMI monitor.
If you wish to monitor whether Windows Service monitors are up/down, you need to grant permission to SCManager. The access to the Windows services is controlled by the Security Descriptor of Service Control Manager, which by default is restricted for hardened OS. The below mentioned steps will grant remote access to Service Control Manager in user level, to get the list of services on a server.
Retrieve the user SID of the User Account
wmic useraccount where name="UserName" get name,sid
Example:
wmic useraccount where name="administrator" get name,sid
Retrieve the current SDDL for the SC Manager
sc sdshow scmanager > CurrentSDDL.txt
D:(A;;CC;;;AU)(A;;CCLCRPRC;;;IU)(A;;CCLCRPRC;;;SU)(A;;CCLCRPWPRC;;;SY)(A;;KA;;;BA)(A;;CC;;;AC)S:(AU;FA;KA;;;WD)(AU;OIIOFA;GA;;;WD)
Update the SDDL:
(A;;CCLCRPWPRC;;;<SID of User>)
(A;;CCLCRPWPRC;;;S-1-0-10-200000-30000000000-4000000000-500)
D:(A;;CC;;;AU)(A;;CCLCRPRC;;;IU)(A;;CCLCRPRC;;;SU)(A;;CCLCRPWPRC;;;SY)(A;;KA;;;BA)(A;;CC;;;AC)(A;;CCLCRPWPRC;;;S-1-0-10-200000-30000000000-4000000000-500)S:(AU;FA;KA;;;WD)(AU;OIIOFA;GA;;;WD)
sc sdset scmanager D:(A;;CC;;;AU)(A;;CCLCRPRC;;;IU)(A;;CCLCRPRC;;;SU)(A;;CCLCRPWPRC;;;SY)(A;;KA;;;BA)(A;;CC;;;AC)(A;;CCLCRPWPRC;;;S-1-0-10-200000-30000000000-4000000000-500)S:(AU;FA;KA;;;WD)(AU;OIIOFA;GA;;;WD)
You should now be able to perform WMI monitoring on this Windows host with a regular user account instead of an admin account.