Re: Service Account
From: Glenn L (the.only(delete)_at_gmail)
Date: 03/22/05
- Next message: ptwilliams: "Re: dcdiag error"
- Previous message: Ted Gross: "dcdiag error"
- In reply to: Umesh Thakur: "Re: Service Account"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 21 Mar 2005 22:50:36 -0800
If the service itself is installed on all workstations, then your only
option is to keep this service account password private and away from your
users.
-- Glenn L CCNA, MCSE 2000/2003 + Security "Umesh Thakur" <UmeshThakur@discussions.microsoft.com> wrote in message news:977CED0B-9D94-41D8-BA81-97F671677035@microsoft.com... > et me explain it a bit more. > My application has a server part and client part. Client part has the > client > service that runs under a domain account (account has administrative > privileges). > Now, what I want is: That service should successfully run under the > account > but no user should be able to login to any workstation using that account. > I tried what you said to restrict the account logon but to no avail. It > blocks the services on clients as well. > Any help will be greatly appreciated. > > > > "Ryan Hanisco" wrote: > >> There are two ways to do this... >> >> -- You can do this in the domain policy and set the log on locally >> permissions to no workstations. >> >> -- You can do this in the account and specify which workstations it can >> log >> on to... and specify none. >> >> -- >> Ryan Hanisco >> MCSE, MCDBA >> FlagShip Integration Services >> Chicago, IL >> >> "Umesh Thakur" <UmeshThakur@discussions.microsoft.com> wrote in message >> news:35728DF7-0020-43A8-8350-8CAFD8704948@microsoft.com... >> > Hi, >> > >> > I have an application that requires to run under a service account >> > other >> > than localsystem. Also, that account must be a domain account with >> > administrative privileges. I have created that service account in AD, >> > granted >> > necessary permissions and allowed the service to run under this >> > account. >> > >> > My question is: I don't want anybody to use this account to login >> > interactively on >> > any computers console as we normally do with our accounts. How do i >> > restrict >> > this service account so that nobody should be able to login using this >> > account on any of the domain computers? >> > >> > Any answer is greatly appreciated. >> > >> > Regards, >> > Umesh >> >> >>
- Next message: ptwilliams: "Re: dcdiag error"
- Previous message: Ted Gross: "dcdiag error"
- In reply to: Umesh Thakur: "Re: Service Account"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
