SharePoint Dungeon: Group policy settings for SP2013

Recently I had to sort out group policy user rights for SP2013 service accounts - I put together the following table which may be useful to anyone else out there who has to do this:

GPO setting	Service Account	Path	Notes
Act as part of the Operating System	Claims to Windows	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
Allow log on locally	Farm	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment	Also added Administrators
Adjust memory quotas for a process	Setup	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
	Reporting Services	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
	Search	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
	Service Apps	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
	Web Apps	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
	Farm	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
Impersonate a client after authentication	Claims to Windows	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment	Also added Administrators and SERVICE
	Web Apps	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
	Farm	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
	Search	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
Logon as a batch job	Workflow	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
	Farm	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
	Web Apps	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
	Service Apps	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
Logon as a service	Setup	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
	Claims to Windows	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
	Search	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
	Service Apps	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
	Workflow	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
	Farm	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
	Web Apps	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
Replace a process level token	Setup	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
	Reporting Services	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
	Search	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
	Service Apps	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
	Web Apps	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
	Farm	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
Local Administrators Group	Setup	\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Restricted Groups

SharePoint Dungeon

Monday 10 August 2015

Group policy settings for SP2013

No comments:

Post a Comment

SharePoint Information Architecture Diagram