Problem
When you install Symantec Endpoint Protection Manager (SEPM) 12.1.5 (12.1 RU5) on Windows 7 / Server 2008 R2 or later, you notice that the accounts which run the Symantec Endpoint Protection Manager service, the Symantec Endpoint Protection Manager Webserver service, and Symantec Embedded Database service are NT SERVICE\semsrv, NT SERVICE\semwebsrv, and NT SERVICE\SQLANYs_sem5, respectively.When you install Symantec Endpoint Protection Manager 12.1.5 on Windows Server 2003 or Windows XP, you notice that the account which runs the Symantec Endpoint Protection Manager service, Symantec Endpoint Protection Manager Webserver service, and Symantec Embedded Database service is the Network Service Account.
Earlier versions of Symantec Endpoint Protection Manager configured these services to run with the local SYSTEM account.
Cause
To increase security, Symantec Endpoint Protection Manager services now use virtual service accounts (VSAs) with more secure permissions and privileges for Windows 7 / Server 2008 R2 or later. Earlier operating systems are not affected. A process launcher service securely launches additional processes with the elevated permissions and privileges they need.Solution
When you install or upgrade to Symantec Endpoint Protection Manager 12.1.5, the installation configures the relevant services to use the following accounts:For Windows 7 / Server 2008 R2 and later
- Symantec Endpoint Protection Manager: NT SERVICE\semsrv
- Symantec Endpoint Protection Manager Webserver: NT SERVICE\semwebsrv
- Symantec Embedded Database: NT SERVICE\SQLANYs_sem5
For Windows XP / Server 2003 / Server 2008
- Symantec Endpoint Protection Manager: Network Service Account
- Symantec Endpoint Protection Manager Webserver: Network Service Account
- Symantec Embedded Database: Network Service Account
No comments:
Post a Comment