Service Manager
A family of System Center products for managing incidents and problems.
210 questions
Remove Network Authentication for Windows Virtual Service Accounts
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 12%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGS%3C/text%3E%3C/svg%3E)
gabriel sztejnworcel
31
Reputation points
Hi,
We have created a Windows service and we are using the virtual service account (https://learn.microsoft.com/en-us/windows/security/identity-protection/access-control/service-accounts#bkmk-virtualserviceaccounts) to run the service. From the documentation, we understand that in a domain environment, if the service account tries to access any Windows remote resource, for example an SMB share, it will use the machine account credentials (COMPUTERNAME$), similar to the way NETWORK SERVICE account works. We would like to disable this option as an additional hardening step, since we don't really need this, so it will work like the LOCAL SERVICE account in this scenario (but we don't want to use LOCAL SERVICE since it's a shared account).
Is this possible?
Links to additional documentation will also be appreciated.
Thanks,
Gabriel