Inside Windows® Server 2003

Service Accounts

When a background service starts, it needs to run in the security context of an account. In classic NT, services typically run under the LocalSystem account. This causes security problems because processes running as LocalSystem have virtually unlimited privileges.

In Windows Server 2003, Microsoft tried to correct this vulnerability by including two new service accounts:

LocalService. This account provides a security context for several services that access local system resources.
NetworkService. This account provides a security context for several services that access network resources.

These two accounts have their own profiles under Documents and Settings so they can obtain public key certificates. This enables them to ...

Get Inside Windows® Server 2003 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Inside Windows® Server 2003 by William Boswell

Service Accounts

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly