Does anyone know of any techniques for restricting which services a logged in person can stop/start?
We’re working toward locking down our production servers. One products solution to a frequent printing problem is to stop and start two services.We’d like to give the application support person and a consultant the ability to stop/start the services without opening up other admin functions.
On our drawing board: An app that runs as a service for stopping/starting others services. User would ‘request’ starting/stopping a service and the app would check authorization in a restricted file or registry entry, and only perform the request if authorized.
Other ideas?