Solved

Creating accounts for service logon only?

Posted on 2003-10-21
4
251 Views
Last Modified: 2010-04-14

How exactly do I allow an account to only logon as a service thereby preventing anybody logging on with that account on a workstation/server?  (for Active Directory - DC's running SP4).

thanks.
0
Comment
Question by:allangray
4 Comments
 
LVL 51

Accepted Solution

by:
Netman66 earned 250 total points
ID: 9591822
Setup a user account - add it to the local Administrator group and remove it from the Domain User group.  Create a complex password and record it.  Lock that in your HR's vault.

Using Group Policy, set the security option for "log on as a service" by adding that user.

In the user's properties, set the option to only be able to log into the server.

Hope that helps.

0
 

Expert Comment

by:adamday
ID: 9592325
Create an standard account, make it an administrator. If you change the domain controller security policy or domain security policy and set the access rights to allow the logon as a service and not logon as interactive. This will prevent the user login on but permit use as a service.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Syteline and a new domain controller 4 730
P2V conversion for Windows NT 4.0 Server 2 2,294
Old Schema existing from Windows 2000 DC that is no longer available 14 137
windows 2000 image 3 141
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
In case you ever have to remove a faulty web part from a page , add the following to the end of the page url ?contents=1
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question