When you run inetd(1) as a Windows service, you should create a new user account with which to run inetd. Although you could run inetd as an administrator, doing so is a security risk because the administrator account has many powerful privileges that the inetd account does not need. Creating a special inetd account with the minimum privileges required greatly reduces these risks.
To reduce the administrative overhead for properly configuring several inetd accounts, create the inetd account on the primary domain controller for the network. Although the user account could have almost any name, you can use the name inetd to make it easier to remember. Regardless of the name that you give the account, you must assign it the right to log on locally.
On Windows NT 4.0 Server, use the User Manager for Domains programs to create users. On Windows 2000 or Windows XP, use the Local Users and Groups snap-in within the Computer Management management console. If you are using Active Directory, use Active Directory Users and Computers. When you create an inetd account, assign the settings described in the following table:
Setting | Value |
---|---|
User name (suggested) | inetd |
Account is disabled | Not checked |
Change password at next log on | Not checked |
User cannot change password | Checked |
Password never expires | Checked |