- Applies to Windows 2003 server
- Service account is not a member of the local administrators group
- Batch job runs as non-interactive process
Required for service account:
- RX permissions to c:\windows\system32\Cmd.exe
- Any share and NTFS permissions it needs to access files or data
- "Logon as a service" configured in the security policy editor (run gpedit.msc -> computer configuration -> windows settings -> security settings -> local policies -> user rights assignment -> Log on as a service)
- "Log on as a batch job" configured similarly using gpedit.msc
No comments:
Post a Comment