000013580 - AxM - What 'Log On As ' user does Access Manager install use in Services

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000013580
Applies ToAccess Manager 6.0.x
ClearTrust 5.5.x
IssueAxM - What "Log On As " user does Access Manager install use in Services
Customer had failure with startup of services due to bad "Log On As user" listed in the services. What was the default installation "Log On As" user
Resolution

By default, with both ClearTrust 5.5.3 and Access Manager 6.x, the services are installed with "Log On As" Local System account

Some feel that the Local System account is too powerful account  (full access to the system, including the directory service on domain controllers)  and change it to Local User Account.

The same may be done with the  Network Service account which is similar to an authenticated user account. The Network Service account has the same level of access to resources and objects as members of the Users group. This limited access helps safeguard your system if individual services or processes are compromised.

If you select an user account that does not have permission to log on as a service, the Services snap-in automatically grants that account the user rights that are required to log on as a service on the computer that you are managing. It is recommended that the user accounts that are used to log on as a service have the Password never expires check box selected in their properties dialog box and that they have strong passwords.

Legacy Article IDa44408

Attachments

    Outcomes