How to apply Service account permissions

I need help in applying read-only rights for cn, userPrincipleName, preferred language and member of for a service account I created.  I was asked to do this for the setup on a new application at work but i'm not good at applying rights at this level.

If someone can map out the procedure.... Highlight service account-> right click > select properties > select security tab > click on advanced > slect edit.... I'm lost from here...
If any one has a good link to explain how to apply custom rights, that would help too.

Thanks for any help in advance.
dv8angelAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

 
arnoldCommented:
To assign rights to a service accout, you would need to use GPO
computer configuration\windows settings\security settings\local policies\User Rights Assignment
Logon as a service (make sure to use one policy to grant this right to all your service accounts)
Lock Pages in Memory (same as above and depends on whether this is an option needed for the application you are installing.)

The account should remain only a domain user and will have the same rights as any user.

0
 
dv8angelAuthor Commented:
We have other accounts setup this way and have GPO's already applied to that OU to control access but this is an enterprise application service account and it has a requirement to have a custom set of attributes applied to allow it to work in AD. It needs to read as I mentioned in my question.  Thanks for your reply but that's not what I'm looking for.
0
 
arnoldCommented:
To what resource/s does this user need read only rights?
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
dv8angelAuthor Commented:
I found what I was looking for.  Thanks for your time.
0
 
dv8angelAuthor Commented:
Solution I discovered:
Highlight the OU where the service account resides> right click > select properties > select security tab > click on advanced > Authenticated Users or Domain Users > select edit > select Authenticated Users or Domain Users (this is your target group the permissions apply to) Apply rights on the Object and Properties tab.
NOTE: make sure there attributes you need permissions for are listed, they would have been created in the SCHEMA.
0

Experts Exchange Solution brought to you by ConnectWise

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
 
dv8angelAuthor Commented:
I found this solution from a friend at work because I couldn't get an answer on Experts so I wanted to make sure I shared this with the community. :-)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.