Hi,
I've just started using this product and wanted to know what the minimum permission are and where they are required to run the service account with least privilege. I note that it installs as LOCAL SYSTEM and so have been adding the service account as a member of the local Administrators group, but I'd prefer to have an account with less privilege if it is supported. Is this documented anywhere?
Regards,
Jeremy.
Service Account Rights
Re: Service Account Rights
What exactly are you hoping to achieve?
Why are you adding this user to the administrator group?
What is wrong with the default 'system' user (unless you have remote storage and/or remote database)?
In answer...
The user that the service runs under will need:-
read / write access to the database (whichever database you choose)
read / write access to the data directory
Read only access to the rest of the hMailserver branch of the file system
You should also allow only ports through the firewall, not the program
There may be other things required if you use a webmail.
Why are you adding this user to the administrator group?
What is wrong with the default 'system' user (unless you have remote storage and/or remote database)?
In answer...
The user that the service runs under will need:-
read / write access to the database (whichever database you choose)
read / write access to the data directory
Read only access to the rest of the hMailserver branch of the file system
You should also allow only ports through the firewall, not the program
There may be other things required if you use a webmail.
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation
https://www.hmailserver.com/documentation
-
- New user
- Posts: 5
- Joined: 2012-09-10 07:16
Re: Service Account Rights
Correct. I want to use a remote SQL server with Windows authentication and not use the Computer Account to provide access. Thanks for the info.mattg wrote:What exactly are you hoping to achieve?
Why are you adding this user to the administrator group?
What is wrong with the default 'system' user (unless you have remote storage and/or remote database)?
In answer...
The user that the service runs under will need:-
read / write access to the database (whichever database you choose)
read / write access to the data directory
Read only access to the rest of the hMailserver branch of the file system
You should also allow only ports through the firewall, not the program
There may be other things required if you use a webmail.