sunhux
asked on
Does enabling / running "Net logon" service in Win 2008 / 2012 pose any security impact
From CIS benchmark & hardening guide, it says to enable this service if needed
& from MS site, it says this service is needed if a Win server joins the domain.
So is this a security issue if Net Logon is running ? I guess most servers would
join domain nowadays for better management or am I wrong on this?
& from MS site, it says this service is needed if a Win server joins the domain.
So is this a security issue if Net Logon is running ? I guess most servers would
join domain nowadays for better management or am I wrong on this?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
If a Windows server is not a Domain Controller, does it need to run Netlogon service
if it joins a domain ?
if it joins a domain ?
Netlogon service needs to be enable only if you wan to monitor or troubleshoot authentication, DC locator, account lockout, or other domain communication-related issues
if not then is not needed to be start
If all is working OK in your network and service is not running now then you don't need to turn it on.
if not then is not needed to be start
If all is working OK in your network and service is not running now then you don't need to turn it on.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
with no security impact if it's the case