We have one net2 box that insists on a logged-in user. The registry keys to implement this have the password in clear-text in the registry. It is an undue security risk. Pretty much the only way I think you can deal with it is mitigate the amount of control the account has to other machines in the domain (i.e. none). If we can't get something to run as a service using the MS tools for service creation, we pretty much try to phase it out ASAP.
there may be software that handles this better, someone may know of something that helps 2009/9/22 David Lum <[email protected]> > Do you guys have any servers that automatically log into the console > session at boot-up? We have a phone reporting server (Win2K Server) with old > software that won’t run unless someone is logged in at the console. I’d like > to make it auto-login with a local (non-domain) account but I want to keep > myself and the security team satisfied that I’m not creating an undue > security risk. > > > > Anyone have a similar situation, and if so how do you handle it? > > *David Lum** **// *SYSTEMS ENGINEER > NORTHWEST EVALUATION ASSOCIATION > (Desk) 971.222.1025 *// *(Cell) 503.267.9764 > > > > > > > > > > -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." http://raythestray.blogspot.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
