On Thu, Sep 11, 2014 at 10:25 PM, Craig Ringer <craig@2ndquadrant.com> wrote:
> The PostgreSQL installer now uses the NETWORKSERVICE account on Windows
> by default (as of 9.2), instead of creating a "postgres" account with
> username and password. Which is a big improvement to usability.
Using NETWORKSERVICE is not cool as it is created by the system and
may be shared by some other processes. I am not sure about the
security implications but this sounds weird and should be avoided if
possible.
> I recently found out that on Windows 7 / win2k8 R2 and newer there's now
> a better alternative available: virtual accounts and managed service
> accounts. They combine the benefit of avoiding all that password
> management cruft with the ability to run services in less-privileged,
> better isolated accounts.
Makes sense to use it.
> It may be worth adopting this when the installer detects a Windows 7 /
> Win2k8 R2 or newer system - just create an account like:
>
> NT Service\PostgreSQL$EDB-9.4-x86
By looking here:
http://msdn.microsoft.com/en-us/library/windows/desktop/bb545671%28v=vs.85%29.aspx
You'd need to be sure as well that there are necessary privileges in
ALL SERVICES: at least SeServiceLogonRight and optionally
SeNetworkLogonRight for network stuff. I guess that it is as well
necessary to be careful about the platform version and to have a
fallback mechanism to NETWORKSERVICE if platform version is rather
old (older than 6.1 for Win2k8 R2 and Win7?!) or if necessary
privileges are not present but well you are aware of that already :)
--
Michael
