My developer is telling me that in order to run a service with the reduced privileges of the built-in account SYSTEM\LocalService, he needs to grant it the "log on as a service" right.
How can this possibly be so? Half of the services in my Windows 2012 R2 machine are running as LocalService (the other half, inexplicably LocalSystem).
Developer points me to this page, where indeed, the right is not listed there. https://msdn.microsoft.com/en-us/library/windows/desktop/ms684188%28v=vs.85%29.aspx
Can someone explain this paradox to me?
No comments:
Post a Comment