Recommended service logon account level for a JTS running on WAS as a service on Windows Server 2012
Hello,
We have currently installed a Websphere application server (V9) running as a service on a Windows Server 2012. Jazz Team Server (6.0.4) is installed on the WAS.
I would like to know the recommended service logon account level to be used to run the WAS as a Windows Service.
Currently, we have configured a domain user account as an Administrator on the Windows server and is using this account to run the WAS as a service. This procedure is detailed out in https://www.ibm.com/developerworks/websphere/techjournal/1010_supauth/1010_supauth.html.
Now, as per Microsoft's recommendation, this is not the correct practice. (https://docs.microsoft.com/en-us/windows/desktop/ad/domain-user-accounts). The domain user account ideally should not be given an admin privilege and this is similar to running the service as a Local System Account itself with very high privileges.
To summarize, my question would be: Can we run WAS (and JTS and other CLM applications) as a service under a domain user account, who is configured as a non-administrator on a Windows Server?
Also, If yes, is this a recommended practice (running WAS as a non-admin domain user) or is the IBM recommendation to run the service as a local system account/domain user account with admin privileges?
Regards
Deepak
|
Be the first one to answer this question!
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.