Log on as a service
|ID: oval:org.secpod.oval:def:22657||Date: (C)2015-01-07 (M)2017-11-21|
|Class: COMPLIANCE||Family: windows|
This security setting allows a security principal to log on as a service. Services can be configured to run under the Local System, Local Service, or Network Service accounts, which have a built in right to log on as a service. Any service that runs under a separate user account must be assigned the right.
Default setting: None.
When configuring a user right in the SCM enter a comma delimited list of accounts. Accounts can be either local or located in Active Directory, they can be groups, users, or computers.
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment!Log on as a service
(2) WMI: root\rsop\computer#RSOP_UserPrivilegeRight#AccountList#UserRight='SeServiceLogonRight' and precedence=1
|Microsoft Windows 8.1|