Re: local admin security question

From: Jeff Pigott (jpigott_at_karmak.com)
Date: 04/06/05

  • Next message: Joseph MCAD: "RE: web application can not access event log" 
    Date: Tue, 5 Apr 2005 17:15:07 -0500

    Our app doesn't require it, we are just having problems with Systems that do
    not use English on the initial install during the Windows 2003 Server
    install. They install it as Spansh, and our Windows Service need to use a
    regional setting of English. So we found out we need to use a user account
    vs. a "local admin" account. Are there any whitepapers on locking a user
    account down just to a Windows Service?
    ---------
    "Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com> wrote
    in message news:%23$FySuiOFHA.580@TK2MSFTNGP15.phx.gbl...
    > If you are concerned about security, then it is probably best to avoid
    > using an account that has admin privileges at all. Does your app
    > absolutely require that?
    >
    > The question of local account vs. domain account depends on whether the
    > service needs to access domain resources on the network.
    >
    > If you really need admin privileges and only need a local machine account,
    > then creating a different user is probably a good idea because then you
    > can change the regular administrator password easily without breaking your
    > service.
    >
    > Joe K.
    >
    > "Jeff Pigott" <jpigott@karmak.com> wrote in message
    > news:um%23sOYiOFHA.3512@TK2MSFTNGP15.phx.gbl...
    >> Can anyone suggest whether to use Local Admin service as a Windows
    >> service account for our .NET ADO applicaiton or create a user with Admin
    >> privledges to use for this account?
    >>
    >> Is one better than the other?
    >>
    >> Thanks,
    >>
    >> Jeff
    >>
    >
    >

  • Next message: Joseph MCAD: "RE: web application can not access event log"

    Relevant Pages