Computer Technos

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Saturday, 17 April 2010

Service Accounts

Posted on 10:23 by Unknown
Services are background processes. For example, the Server service accepts incoming filesharing connections, and the Workstation service manages outgoing file-sharing connections.

Each service must run in the context of a service account. The permissions of the service account largely define what the service can and cannot do, just like a user account defines what a user can do. In early versions of Windows, security vulnerabilities in services were often exploited to make changes to the computer. To minimize this risk, service accounts should have the most restrictive permissions possible.

Windows Vista provided three types of service accounts: Local Service, Network Service, and Local System. These accounts were simple for administrators to configure, but they were often shared between multiple services and could not be managed at the domain level. Administrators can also create domain user accounts and configure them to act as a service account. This gives administrators complete control over the permissions assigned to the service, but it requires administrators to manually manage passwords and service principal names (SPNs). This management overhead can become very time consuming in an enterprise environment.

Windows 7 introduces two new types of service accounts:

• Managed service accounts provide services with the isolation of a domain account while eliminating the need for administrators to manage the account credentials.

• Virtual service accounts act like managed service accounts, but they operate at the local computer level rather than at the domain level. Virtual service accounts can use a computer’s credentials to access network resources.

Both types of accounts have passwords that reset automatically so that administrators do not need to manually reset the passwords. Either type of account can be used for multiple services on a single computer. However, they cannot be used for services on different computers, including computers in a cluster.


Source of Information : Windows 7 Resource Kit 2009 Microsoft Press
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in Windows 7 | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Windows 7 Shortcut Keys
    Longtime users of Windows have probably grown accustomed to navigating around the Windows user interface using the keyboard. This especially...
  • Windows on Mac: Virtualization Solutions
    If you’d prefer to join the ever-increasing ranks of Mac switchers—you traitor, you—you can still run Windows and, more important, Windows a...
  • Customizing Library Folders in Windows 7
    In your library folders, you can customize view options based on the contents. In the toolbar of the Pictures and Music library folders, Win...
  • Windows 7 BitLocker Drive Encryption
    In Windows Vista, you had the BitLocker Drive Encryption feature that allowed you to encrypt the content of entire volumes. In Windows 7, Mi...
  • Using Windows 7’s Performance Options
    While all the performance tools are available individually throughout the system, Windows 7 introduces a nice list of available tools, if yo...
  • Windows 7 - Installing and Configuring a Printer
    If your printer is already installed and operational at this point, you can skip this section and skim ahead for others that may be of inter...
  • Considering Centralized versus Group Sharing
    One of the most important preparation steps for your server is determining how to store the data you create. The two common methods are cent...
  • Berkeley Motes
    The Berkeley motes are a family of embedded sensor nodes sharing roughly the same architecture. Let us take the MICA mote as an example. The...
  • Using Windows 7 Ease of Access Tools
    If you have difficulty using a mouse or typing, have slightly impaired vision, or are deaf or hard of hearing, you can adjust the appearance...
  • Troubleshooting Boot and Startup Problems - Driver Loading in Safe Mode
    How does Windows know which device drivers and services are part of standard and networking-enabled safe mode? The answer lies in the HKLM\S...

Categories

  • Access 2010
  • BlackBerr
  • BlackBerry
  • Computer Science
  • Cyber Security
  • Exchange Server 2010
  • File Utilities
  • Foursquare
  • Google
  • Hardware
  • Internet
  • iPad
  • Linux
  • Lync Server
  • Microsoft Virtualization
  • Mobile Web
  • Networking
  • News
  • Security
  • Server Architectures
  • Smartphone
  • Ubuntu Linux
  • Windows
  • Windows 7
  • Windows Home Server
  • Windows Security
  • Windows Server 2008
  • Windows Server 2008 Hyper-V
  • Windows XP
  • Wireless

Blog Archive

  • ►  2012 (66)
    • ►  August (5)
    • ►  July (9)
    • ►  June (9)
    • ►  May (8)
    • ►  April (9)
    • ►  March (9)
    • ►  February (8)
    • ►  January (9)
  • ►  2011 (85)
    • ►  December (5)
    • ►  November (6)
    • ►  October (7)
    • ►  September (8)
    • ►  August (9)
    • ►  July (9)
    • ►  June (7)
    • ►  May (7)
    • ►  April (4)
    • ►  March (6)
    • ►  February (8)
    • ►  January (9)
  • ▼  2010 (230)
    • ►  December (13)
    • ►  November (3)
    • ►  October (2)
    • ►  September (10)
    • ►  August (31)
    • ►  July (32)
    • ►  June (23)
    • ►  May (2)
    • ▼  April (21)
      • Windows Deployment Platform Components - Answer Files
      • Windows Deployment Platform Components
      • Windows 7 Deployment Terminology
      • Windows 7 deployment
      • Service Accounts
      • Smart Cards
      • Windows Biometric Framework
      • Safe Unlinking in the Kernel Pool
      • Auditing Enhancements
      • Internet Explorer Security Features
      • UAC Improvements in Windows 7
      • Enabling Non-Administrators to Make Configuration ...
      • Admin Approval Mode
      • User Account Control
      • Multiple Active Firewall Profiles
      • AppLocker
      • Why IM
      • Introducing Windows Live Mail
      • Blocking Pop-Ups in IE
      • Personalizing IE tabbed browsing
      • Windows Explorer Versus Internet Explorer
    • ►  March (32)
    • ►  February (28)
    • ►  January (33)
  • ►  2009 (119)
    • ►  December (33)
    • ►  November (31)
    • ►  October (35)
    • ►  September (20)
Powered by Blogger.

About Me

Unknown
View my complete profile