Security: Service Account Guidelines
A UARK service account is intended to authenticate one system, subsystem or application to another. Service accounts are not intended for personal use. Since they do not expire, passwords for service accounts should be stronger than personal use passwords. When requesting a service account, only the minimum privileges required to accomplish its intended task should be specified.
To convert a secondary account to a service account, it must:
- Exist prior to requesting conversion
- Be active with a current (non-expired) password
Service accounts must be used only to authenticate one system, subsystem or application to another for automated tasks.
If the secondary account does not already exist, request one using the Account Request form. It may take up to 3 business days for the account to be created.
Submit an AskIT case to the Security category requesting the status change for the account. Include the following information in the description:
- The username of the secondary account
- A description of the service account's intended purpose
- What privileges are required
- A statement confirming that the account is for application use only
The requester will receive confirmation of the service account creation via AskIT.
Feel free to leave your questions or comments.