Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
hi-sec on a dc with forwarder service
0 views
Skip to first unread message
tonyr
May 6, 2009, 12:41:01 PM5/6/09
to
currently our acs forwarder runs as local system but thats not acceptable
what are the min priv's the AdtAgent.exe service can run with. Everything I
look at (pertaining to permissions) talks about runas agents which has
nothing to do with the forwarder service. So unless I missed something (most
likely did) I need helpp
thanks
tr
what are the min priv's the AdtAgent.exe service can run with. Everything I
look at (pertaining to permissions) talks about runas agents which has
nothing to do with the forwarder service. So unless I missed something (most
likely did) I need helpp
thanks
tr
Joseph Chan [MSFT]
May 20, 2009, 3:30:13 PM5/20/09
to
At a minimum, Adtagent needs to be running as Network Service (to communicate
with the collector) with SeAuditPrivilege right (to read the security event
log)
with the collector) with SeAuditPrivilege right (to read the security event
log)
--
Joseph Chan [MSFT]
-------------------------
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
0 new messages