There is a trick to set "AT Service Account" to existing account , but
wrong dummy password - front end validation validate only account name.
In this case jobs scheduled with "at" - assuming attacker managed to run
at - will not be able to execute.
Any idea how to do this in script or by writing to registry to
distribute through template/policy?
Thanks
Alexander
Microsoft How-to is:
Open Control Panel and double-click Scheduled Tasks.
In the Scheduled Tasks window, open the Advanced menu and then choose AT
Service Account.
Click This Account and specify a particular user and password. Click OK.
wrong dummy password - front end validation validate only account name.
In this case jobs scheduled with "at" - assuming attacker managed to run
at - will not be able to execute.
Any idea how to do this in script or by writing to registry to
distribute through template/policy?
Thanks
Alexander
Microsoft How-to is:
Open Control Panel and double-click Scheduled Tasks.
In the Scheduled Tasks window, open the Advanced menu and then choose AT
Service Account.
Click This Account and specify a particular user and password. Click OK.
[ reply ]