Hi @m_nicholls 


Your directory service account will need read access to all objects in the monitored domains.  



Yes, one account will work with: exampledomain.com &  child.exampledomain.com


If you also have a multi-forest environment with a two-way trust, you still only need one account. 


Additional credentials are only required for each forest with non-Kerberos trust or no trust.  




We support Ukraine and condemn war. Push Russian government to act against war. Be brave, vocal and show your support to Ukraine. Follow the latest news HERE