Documente online.
Zona de administrare documente. Fisierele tale
Am uitat parola x Creaza cont nou
 HomeExploreaza
upload
Upload




Create a Service Account

computers


Create a Service Account

A service account is a user account that is created explicitly to provide a security context for services running on Microsoft Windows Server 2003. Application pools use service accounts to assign permissions to Web sites and applications running on Internet Information Services (IIS). Administrators can manage service accounts individually to determine the level of access for each application pool 444s183e in a distributed environment.



Use Active Directory Users and Computers to create service accounts in the Active Directory directory service. Use Computer Management to create local service accounts on a local computer.

Requirements

u·     Credentials: Membership in the Administrators group on the local computer.

u·     Tools: Active Directory Users and Computers; Computer Management.

Recommendation

As a security best practice, log on to your computer using an account that is not in the Administrators group, and then use the Run as command to run IIS Manager as an administrator. At the command prompt, type runas /user:administrative_accountname "mmc %systemroot%\system32\inetsrv\iis.msc".

To create a service account in Active Directory

Open Administrative Tools, and then click Active Directory Users and Computers.

In the console tree, double-click the Domain node.

In the Details pane, right-click the organizational unit where you want to add the service account, point to New, and then click User.

In First name, type a first name for the service account.

In Last name, type a last name for the service account.

Modify Full name as desired.

In User logon name, type the name that the service account will log on with and, from the drop-down list, click the UPN suffix that must be appended to the service account logon name (following the @ symbol). Click Next.

In Password and Confirm password, type a password for the service account.

Select the appropriate password options, and then click Next.

Click Finish to complete creating a service account.

To create a service account on the local Web server

Open Administrative Tools, and then click Computer Management.

In the console tree, expand System Tools, expand Local Users and Groups, and then click Users.

On the Action menu, click New User.

Type a User name, Full name, and a Description of the user account.

In Password and Confirm password, type a password for the user account.

Set the user account access by selecting the check box to set the option or clearing the check boxes to remove the option for:

u·     User must change password at next logon

u·     User cannot change password

u·     Password never expires

u·     Account is disabled

Click Create, and then click Close.

To create a service account for IIS_WPG Group

Open Administrative Tools, and then click Computer Management.

In the console tree, expand System Tools, expand Local Users and Groups, and click Groups.

Click the IIS_WPG group and, on the Action menu, click Add to Group.

Under Description, type the name of the account and click Add.

In the Select Users dialog box, click the Object Types button, and select or clear the check box for the object types you want to find. Click OK.

Click the Locations button to select the location of the service account. Click OK.

Enter the name of the object under Enter the object names to select.

Click OK, and then click OK again.


Document Info


Accesari: 1491
Apreciat: hand-up

Comenteaza documentul:

Nu esti inregistrat
Trebuie sa fii utilizator inregistrat pentru a putea comenta


Creaza cont nou

A fost util?

Daca documentul a fost util si crezi ca merita
sa adaugi un link catre el la tine in site


in pagina web a site-ului tau.




eCoduri.com - coduri postale, contabile, CAEN sau bancare

Politica de confidentialitate | Termenii si conditii de utilizare




Copyright © Contact (SCRIGROUP Int. 2024 )