I'm a sysadmin managing multiple fully automated business processes using Power Automate desktop flows and another third-party automation tool. Recently, New York state has implemented regulations that dictate disabling interactive logins. I'm looking for advice on how my bot accounts can function without interactive login capabilities. Currently, these accounts maintain active RDP sessions to run the automation processes, and I need to understand how to adapt to these regulatory changes without disrupting operations.
2 Answers
If your bot doesn't need access to the graphical interface, consider blocking its local login through a local security policy as a test. You can do this by opening Local Security Policy, navigating to User Rights Assignment, and adding the service account to the "Deny log on locally" policy. Just make sure you document any exceptions for RPA bots that do require this access, as completely removing local login might require rewriting significant parts of your automation. You could also utilize GPO to manage service accounts better—creating a specific group to block local logins is a good strategy. Make sure to document any actions taken for compliance.
Sounds like a great idea to coordinate with your security team and compliance for this issue. You've got to make solid plans if you're considering implementing gMSA accounts, which typically don't allow local logins. Just a heads up—pots like these can have vulnerabilities, so keep that in mind during your discussions. Good luck with the adjustments!
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures