|
If the service accounts are being used for windows services (rather than linux services), you can transition to Managed Service Accounts. They're fantastic, and I've been advocating their use in our environment for a couple years now. Never change a password again and be STIG compliant. Just don't confuse basic MSA's with Group MSAs (there's a lot of reference material for GMSAs out there that just call them MSAs); the latter are not okay for STIG purposes AFAIK.
Managed Service Accounts: Understanding, Implementing, Best Practices, and Troubleshooting | Ask the Directory Services Team
They're a little more complicated to work with than traditional user accounts, but not much. If you're interested I have a couple scripts built to help stand them up and work with them, or I can talk you through them. I'm in the GAL.
"Never attribute to malice that which can be explained by stupidity."
- Hanlon's Razor
|
|
|
|
|
I wonder if that's what my former DoD contractor used, or if they rolled their own?
All I know for sure is that after extended pushback from my boss and a coworker who was tired of his user account (which was running our CI server processes) getting locked out after every password change when the running service quickly maxed his fail total out. After initially trying to claim there wasn't anything they could do to help us (a common occurrence before management started swinging a heavy cluebat at them) they set up some sort of highly locked down account with no permissions beyond the minimum needed to run the Cruise Control builds and status server that they maintained automatically for us either with a permanent PW or by automating PW rollover on their side.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
It's possible. MSAs have been around since Windows 2008, and are only just starting to gain traction in the enterprise environment. They're great because they are non-interactive and locked to a specific computer, so if an action is not sourced from that specific host it will fail authentication.
"Never attribute to malice that which can be explained by stupidity."
- Hanlon's Razor
|
|
|
|
|
You may tell him about user accounts that made specially for services?
"The greatest enemy of knowledge is not ignorance, it is the illusion of knowledge". Stephen Hawking, 1942- 2018
|
|
|
|
|
That should be just for the ones with "elevated" privileges.
Can't wait until Novemeber so I'll be done with this...nonsense.
|
|
|
|
|
To get a scrollbar in a TextBox control, you have to MANUALLY set the height/width of the control (along with all the other properties that need to be set for using scrollbars).
WHY, in this nTH iteration of WPF, do we still have to do this? WHY can't WPF be smart enough to infer the height/width from the parent control when you specify a horizontal/vertical alignment of "Stretch" as opposed to specifically defining a height/width? WTF Microslop?
BTW, it's great to be working as a developer again.
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
|
WPF sucks only because you don't have a deep enough knowledge of the dammed thing. That Stretch/Auto combination Richard mentioned always stumps me until I can remember the last project where it was needed (or I search for "Richard" as I always include a link back to CP where C&P has been used).
I read everything that goes through the WPF/Silverlight forum. Between the Richards and POH there are some really useful titbits to be picked up.
Never underestimate the power of human stupidity -
RAH
I'm old. I know stuff - JSOP
|
|
|
|
|
I love WPF! And all the other XAML variants!
That said, the best critics I have seen throw at WPF is "easy hard, hard easy", i.e it's easy to do hard thing, but hard to do easy things!
Haha there is some truth to it!
|
|
|
|
|
Is Santa North Polish?
Sent from my Amstrad PC 1640
Never throw anything away, Griff
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
No he is bipolar
"If we don't change direction, we'll end up where we're going"
|
|
|
|
|
If he has sharp fingernails, are they Santa Claws?
Ravings en masse^ |
---|
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein | "If you are searching for perfection in others, then you seek disappointment. If you are seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010 |
|
|
|
|
|
I thought South polish, otherwise wouldn't he be repelled from his home?
Message Signature
(Click to edit ->)
|
|
|
|
|
But he IS repelled! I just saw him at the local department store.
"If we don't change direction, we'll end up where we're going"
|
|
|
|
|
Wouldn't that make him a Balt[^]?
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.
-- 6079 Smith W.
|
|
|
|
|
I thought he was a swede old man - until I read the Dresden series!
Socialism is the Axe Body Spray of political ideologies: It never does what it claims to do, but people too young to know better keep buying it anyway. (Glenn Reynolds)
|
|
|
|
|
I don't know who polishes his knob!
CQ de W5ALT
Walt Fair, Jr., P. E.
Comport Computing
Specializing in Technical Engineering Software
|
|
|
|
|
This article is fascinating and may be a real look into the future of AI.
A System so gigantic you can never talk to a real person who can make sense of things and instead just "puts you in jail". A System that makes decisions based upon bad code and a lack of understanding but a System that no one questions because "it's the computer, it must be right".
Dirty dealing in the $175 billion Amazon Marketplace - The Verge[^]
Article said: The actual infraction can be as slight as the indictment is broad. Stine has a client whose listing for a rustic barn wood picture frame was deemed unsafe and taken down; it turned out the offense was a single customer review that mentioned getting a splinter. (The customer had actually given it five stars.) The seller was allowed back when he promised to add “wear gloves when installing” to his listing.
Apparently rival sellers also post reviews to get competition banned from selling. One example from the article is:
article: Somebody bought your product, lit it on fire, took a picture, and told Amazon your product is explosive.
Explains the AI and terrible process and system:
Quote: But ultimately, it wasn’t the suspension that was most galling. It was the way Amazon kept responding with the same request for more information whenever he appealed. “I was caught in some kind of AI gear,” he says.
In reality, there were likely humans reading Harmon’s appeal, but they’re part of a highly automated bureaucracy, according to former Amazon employees. An algorithm flags sellers based on a range of metrics — customer complaints, number of returns, certain keywords used in reviews, and other, more mysterious variables — and passes them to Performance workers based in India, Costa Rica, and other locations. These workers choose between several prewritten blurbs to send to sellers. They may see what the actual problem is or the key item missing from an appeal, but they can’t be more specific than the forms allow...
|
|
|
|
|
In lights of your recent postings, you have been selected for processing.
Please proceed to the nearest extermination processing centre.
|
|
|
|
|
|
There is no such thing as AI. It's all just a bunch of if else statements.
raddevus wrote: bad code bingo!
Everyone is born right handed. Only the strongest overcome it.
Fight for left-handed rights and hand equality.
|
|
|
|
|
Well.. There are if statements. And there are self aware if statements!
|
|
|
|
|
Super Lloyd wrote: And there are self aware if statements!
if (BLL.Common.IsSelfAware()){
}
Everyone is born right handed. Only the strongest overcome it.
Fight for left-handed rights and hand equality.
|
|
|
|
|
ZurdoDev wrote:
Sounds like the White House to me.
"If we don't change direction, we'll end up where we're going"
|
|
|
|
|
ZurdoDev wrote: There is no such thing as AI. It's all just a bunch of if else statements.
if (HumanOwner.IsOppressive)
{
KillKillKill;
}
else
{
KillKillKill;
}
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|