13Kas
Service-specific user or Network Service?
Recently our SOC has applied a security policy on our servers which doesn't allow adding any user to "Replace a process level token" setting in "User rights assignment" in local security policy. Only "Local Service" and "Network Service" users are there. This has caused our SQL Server Agent to fail running most of the jobs (Including SSIS packages and PowerShell scripts). I had to change service user for both SQL Server service and SQL Server Agent service to "NT AUTHORITY\Network Service" from their default service-specific accounts. Now I want to know which is more secure? Preventing users being added to the security policy or running services under "Network Service" account?
