There is a trick to set "AT Service Account" to existing account , but
wrong dummy password - front end validation validate only account name.
In this case jobs scheduled with "at" - assuming attacker managed to run
at - will not be able to execute.
Any idea how to do this in script or by writing to registry to
distribute through template/policy?

Thanks
Alexander

Microsoft How-to is:
Open Control Panel and double-click Scheduled Tasks.
In the Scheduled Tasks window, open the Advanced menu and then choose AT
Service Account.
Click This Account and specify a particular user and password. Click OK.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]