How to apply Service account permissions

I need help in applying read-only rights for cn, userPrincipleName, preferred language and member of for a service account I created.  I was asked to do this for the setup on a new application at work but i'm not good at applying rights at this level.

If someone can map out the procedure.... Highlight service account-> right click > select properties > select security tab > click on advanced > slect edit.... I'm lost from here...
If any one has a good link to explain how to apply custom rights, that would help too.

Thanks for any help in advance.
dv8angelAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

arnoldCommented:
To assign rights to a service accout, you would need to use GPO
computer configuration\windows settings\security settings\local policies\User Rights Assignment
Logon as a service (make sure to use one policy to grant this right to all your service accounts)
Lock Pages in Memory (same as above and depends on whether this is an option needed for the application you are installing.)

The account should remain only a domain user and will have the same rights as any user.

0
dv8angelAuthor Commented:
We have other accounts setup this way and have GPO's already applied to that OU to control access but this is an enterprise application service account and it has a requirement to have a custom set of attributes applied to allow it to work in AD. It needs to read as I mentioned in my question.  Thanks for your reply but that's not what I'm looking for.
0
arnoldCommented:
To what resource/s does this user need read only rights?
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

dv8angelAuthor Commented:
I found what I was looking for.  Thanks for your time.
0
dv8angelAuthor Commented:
Solution I discovered:
Highlight the OU where the service account resides> right click > select properties > select security tab > click on advanced > Authenticated Users or Domain Users > select edit > select Authenticated Users or Domain Users (this is your target group the permissions apply to) Apply rights on the Object and Properties tab.
NOTE: make sure there attributes you need permissions for are listed, they would have been created in the SCHEMA.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
dv8angelAuthor Commented:
I found this solution from a friend at work because I couldn't get an answer on Experts so I wanted to make sure I shared this with the community. :-)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.