Service account is not secure in its current configuration
Used to secure the following MIM PAM Service Accounts
- Application Pool ( For Rest API )
- PAM Component Service
- Privileged Access Management Monitoring Service
Issue:
When installing the "PAM" Privileged Access Management Features you are presented with one or all of the below warnings about the service accounts to be used. This is a warning and will not prevent you from continuing but it is recommended to secure the accounts at your earliest availability. See Resolution
Images:
- Rest API Application Pool account is not secure in its current configuration
- Component Service account is not secure in its current configuration
- Monitoring Service account is not secure in its current configuration
Cause:
- Prior to installing the PAM Feature the Service Accounts to be used were not secured.
Resolution:
- On the server that the PAM Features will be installed on or has already been installed on:
- on the server that host the Forefront Identity Manger Synchronization Service open up Local Security Policy
- Expand Local Polices
- Click on User Rights Assignment
- Scroll down to locate the following policies
- Deny log on as a batch job
- Deny log on locally
- Deny access to this computer from the network
Questions? Comments? Love FIM / MIM so much you can't even stand it?
EMAIL US>EMAIL US<