Prevent service accounts from logging in locally or remotely

windows security windows-terminal-services service-accounts
17,318

You can create settings in your local group policy (gpedit.msc) to achieve this. Look under Computer Config | Windows Settings | Security Settings | Local Policies | User Rights Assignment. The specific ones you want are Deny logon as a batch job, Deny logon locally and Deny logon through Terminal Services.

You can also tune some of the other settings here, such as Access this computer from the network, to harden it further.

It goes without saying, but make these changes one at a time, and test your service works correctly after each one before proceeding to the next.

Share:
17,318

Related videos on Youtube

Garrett
Author by

Garrett

Updated on September 17, 2022

Comments

  • Garrett
    Garrett almost 2 years

    We have a company doing development for us in-house and they have access to several service accounts. The company rotates people in and out, and instead of requesting accounts the developers are using service accounts to log on to the servers.

    What is the best way to lock out the ability to use that account without affecting the purpose of a service account?

    Can we safely check the "Deny this user permissions to log on to any Terminal Server" tickbox in AD under Terminal Services Profile?

    If we created a domain policy to prevent logging in for that OU would that be a better way to go?

  • Greg Askew
    Greg Askew almost 7 years
    What if they created a virtual machine named DT000?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How can I run a process as "NT Authority\NetworkService"?
How to list all openssl ciphers available in statically linked python releases?
CryptographicException: Access denied - How to give access on User store?
Determine password expiry date
How to set Windows Services permissions from Powershell?
Hide the taskbar using C#
Error C0000142 when Starting a Process
Confused over LocalSystem and LocalService Accounts
Detect when users take screenshots of my program
Add group "Everyone" to directory and all of it's sub-directories