<div>
Is logon as a service the only rights it needs?<br />
Is there a server associated with this? &nbsp;In AD for the account you can also specify what machines the account can logon to. &nbsp;<br />
&nbsp;<br />
Thanks<br />
Mike<br />

</div>


Is logon as a service the only rights it needs?
Is there a server associated with this?  In AD for the account you can also specify what machines the account can logon to.  
 
Thanks
Mike


<div>
I can't honestly say how much privilege the account needs. Is there any way to designate it to connect to the local &quot;SYSTEM&quot; account?<br />
<br />
Sweet recommendation for limiting logon. I forgot about that option. I'm not sure the account needs to logon to anything currently.
</div>


I can't honestly say how much privilege the account needs. Is there any way to designate it to connect to the local "SYSTEM" account?

Sweet recommendation for limiting logon. I forgot about that option. I'm not sure the account needs to logon to anything currently.

<div>
I should be able to do as I intended and specify any extra permissions from there. Thanks.
</div>


I should be able to do as I intended and specify any extra permissions from there. Thanks.

<div>
<div class="content wysiwyg-content">
We have a server running some demo network monitoring software that requires a domain service account. Is there an easy way to create a user account to be used for accessing each machine on the domain? The best way I can think would be to create a normal user account and create a group policy to set &lt;DOMAIN\User acct&gt; under &quot;Deny logon locally&quot; &amp;&nbsp;&quot;Log on as a service&quot; local policies. Security is a concern as this software is being &quot;demo'd&quot; from a new vendor.
</div>
</div>


We have a server running some demo network monitoring software that requires a domain service account. Is there an easy way to create a user account to be used for accessing each machine on the domain? The best way I can think would be to create a normal user account and create a group policy to set <DOMAIN\User acct> under "Deny logon locally" & "Log on as a service" local policies. Security is a concern as this software is being "demo'd" from a new vendor.

Create service account for domain use

Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).

Windows Server 2003

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.