ogre351
asked on
Create service account for domain use
We have a server running some demo network monitoring software that requires a domain service account. Is there an easy way to create a user account to be used for accessing each machine on the domain? The best way I can think would be to create a normal user account and create a group policy to set <DOMAIN\User acct> under "Deny logon locally" & "Log on as a service" local policies. Security is a concern as this software is being "demo'd" from a new vendor.
ASKER
I can't honestly say how much privilege the account needs. Is there any way to designate it to connect to the local "SYSTEM" account?
Sweet recommendation for limiting logon. I forgot about that option. I'm not sure the account needs to logon to anything currently.
Sweet recommendation for limiting logon. I forgot about that option. I'm not sure the account needs to logon to anything currently.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I should be able to do as I intended and specify any extra permissions from there. Thanks.
Is there a server associated with this? In AD for the account you can also specify what machines the account can logon to.
Thanks
Mike