Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [service-accounts]

83 questions
4
votes
3 answers

Task Scheduler with Virtual Accounts, possible?

Currently I'm using LOCAL SERVICE as the user account for various regular tasks, and was wondering if it was possible to use a Virtual Account instead. Task Scheduler seems to reject NT SERVICE\ style account names.
Fowl
  • 396
  • 1
  • 4
  • 21
4
votes
3 answers

When should new service accounts be created/used?

At my organisation there are conflicting schools of thoughts around service accounts. This has come up because they wish to deploy SQL Server for the sole purpose of running SharePoint databases. One group believe that a different service account…
Alex Angas
  • 2,007
  • 2
  • 26
  • 37
4
votes
2 answers

Creating Limited User Accounts on Ubuntu Server

Using Ubuntu server, I need to create some user accounts that have the following limitations: (1) User may only view and manipulate files in their home directory. (2) User may only execute commands related to rsync and sftp. I want users to be able…
LonnieBest
  • 1,450
  • 4
  • 21
  • 36
3
votes
1 answer

How to use JSON keys with google cloud gsutil to manage multiple Keys

We have multiple GCP Service account keys from different environment such as DEV,STAGING,..PROD. I would like to run a command in my jenkins box which is there in Dev environment to create access DEV and Staging environments, I don't want to run…
Dinesh SC
  • 33
  • 1
  • 6
3
votes
1 answer

Why Domain Admin Cannot Enable Domain Wide Delegation for Service Accounts?

We need to use service accounts for our application instead of individually end users to call some Google Apis such as Admin Directory Api. There are 3 members of this project which are me as owner, our domain admin as service account admin and…
AshleyCam
  • 31
  • 1
  • 2
3
votes
1 answer

Group Managed Service Accounts per service per server (Best practice?) and long names?

I've talked with a few colleagues about what might be best practice for using group managed service accounts in our environment. It seems that ideally, we would create 1 gMSA per service (e.g. SQL Agent service) per server (e.g. SQLDEV01). This…
Michael
  • 141
  • 4
3
votes
1 answer

Moving Service Accounts to a new OU

I just want to double check before possibly breaking something. I want to move the majority of created service accounts in AD to another OU (doing a clean up). I understand Exchange service accounts should stay put, but those that I've created, can…
tropolite
  • 33
  • 3
3
votes
1 answer

Change service user password in AD running service

I have a running service with logon user credentials using a service account in AD. If I change the service account password in AD users and groups but not on the service startup/logon details would the service still run? Or does the password only…
morleyc
  • 1,120
  • 13
  • 45
  • 86
3
votes
1 answer

SQL Service Accounts and which to use

I've done lots and lots of searching and I cant seem to find a simple answer, I assume it is because everyone's circumstances differs however; We need to setup a few SQL servers for production and I am not too sure which SQL service accounts to use.…
dqnet
  • 305
  • 2
  • 9
3
votes
2 answers

What are best practices for creating a system account? (*NIX)

I've manually installed a service called Gate One into /opt. I want to harden its security, so I thought I'd create a system account for it to use, because of least necessary privileges, and all that. However, when I ran adduser --system gateone, it…
strugee
  • 901
  • 10
  • 25
3
votes
3 answers

Allow members of a group to be unlocked by a specific account on AD

Background I'm creating a service to allow support staff to enable their firecall accounts out of hours (i.e. if there's an issue in the night and we can't get hold of someone with admin rights, another member of the support team can enable their…
JohnLBevan
  • 1,134
  • 7
  • 20
  • 44
3
votes
1 answer

Impersonation Service Account

I am bringing up AppXtender Workflow Manager. One of the instructions is to create an Impersonation Service Account. I have never heard of such. What is it and how do I create an impersonation service account on Windows Server?
hanleyhansen
  • 257
  • 2
  • 4
  • 11
3
votes
3 answers

Can TFS 2010 be configured with managed service accounts?

I'm trying to deploy TFS 2010 in a sandbox environment, and I created a managed service account for TFS. However, I seem to be unable to configure it in the Advanced Configuration Wizard. The error reported when I click 'test' is "TFS254021: The…
Ben Collins
  • 233
  • 1
  • 4
  • 14
3
votes
2 answers

How do I Generate a Bearer Token for cURL to Get Thru IAP (GCP)?

I need to cURL a web app hosted behind IAP on GCP. Normally, users log in through IAP and use the web app, but I need to run some cURL commands (interactive and non-interactive) that hit the web app URLs (for example: …
sts
  • 115
  • 2
  • 16
3
votes
1 answer

Sudden permissions denied for service account

I Have a ServiceAccount that has permissions to do all sort of things on my GCP project, and a Jenkins pipeline that runs on nightly basis and shutdown one of my GKE environments. Few days ago i've started noticing random failures on fetching…
user14242404
  • 131
  • 1
  • 2
1
2
3 4 5 6