Home
Certification Preparation
Microsoft
MCTS / MCITP on Windows 2008 General
Disabling interactive logon for service accounts
ankurj.hazarika
Team,
Why is it important to disable interactive logons for service accounts in a windows environment? Please help me understand.
Thanks.
Ankur
Find more posts tagged with
Comments
iBrokeIT
So that someone with the service account credentials cannot use it to log into the desktop environment on a system as the service account user with escalated privileges.
Lexluethar
Bingo - you don't want someone to go behind the scenes and log into a server with a service account. If they could log in with the service account there would be no way of knowing exactly who actually made server changes.
Same concept as changing the default admin password and storing it away so no one logs in using it.
gespenstern
Probably won't help against hackers, just a measure for preventing IT personnel from using these accounts to log on and do regular stuff.
TheFORCE
It's a method of hardening the system. Accounts should only be used for the reason they were created for, as such any rights that are not needed should be removed.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
