Symantec Management Platform (Notification Server)

 View Only

  • 1.  7.5 Running a Task Server as the Service Acount ???

    Posted Apr 27, 2014 08:00 PM

    I recall that we used to be able to change the service account that the Task Service ran under on Site Servers.

    We havea Task Server script task that checks whether a machine is in a specific collection. If it is, then the scripp will then proceed. Otherwise it aborts.

    The issue we have is that the script needs to authenticate with the Notification Server via the ASDK COM components as the application Service Account.

    This means adding the service account and password, in clear text in the script to authenticate.

    Under the previous version, SMP 7.1,we were able to change the Task Server components to run as the application service account. This permitted Task Server scripts to run as and authenticate as the Service Account without having to populate scripts with unencrypted authentication details.

     

    So, in short - is there a supported way of chaning the account that the Task Service runs under ?

     



  • 2.  RE: 7.5 Running a Task Server as the Service Acount ???

    Posted Apr 28, 2014 01:04 AM
    Most likely the same way as you have done in the past; however, it would be far better if Symantec provided a tool that would encrypt passwords for these types of situations. I believe pct has such a tool, but I doubt that the smp could unencrypt the passwords that it generates.


  • 3.  RE: 7.5 Running a Task Server as the Service Acount ???

    Posted Apr 29, 2014 04:31 PM

    7.5 Task Server should be running under SYSTEM account, there were some security related improvements implemented in 7.5 which now require SYSTEM account.