Windows user to start and stop services that cannot log into servers.
I need to change permission on a user ID. I need the account to be able to start services and run Scheduled tasks but not be able to log into server or workstations.
Currently the UID in question is a member of the administrators group and is being used used as a universal login name by the development team. I have tried everything except disabling the UID to stop this practice. The UID has been used for many years and is used for many services and scheduled tasks.
Any ideas on how to prevent the login of this UID without bringing down many services and scheduled tasks?