Network Service account
E705218
The Network Service account is a built-in Windows service account with limited local privileges that accesses network resources using the computer’s credentials.
All labels observed (1)
| Label | Occurrences |
|---|---|
| Network Service account canonical | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T7981023 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: Network Service account Context triple: [Windows services, canRunAs, Network Service account]
-
A.
Keystone Service
Keystone Service is an Amtrak-operated passenger rail service in Pennsylvania that provides frequent regional connections, primarily between Harrisburg and New York City via Philadelphia.
-
B.
Admin Directory service
Admin Directory service is a Google Workspace API that lets administrators programmatically manage users, groups, and organizational settings within their domain.
-
C.
Cloud IAM
Cloud IAM is Google Cloud’s identity and access management service that lets administrators define and enforce who can access specific cloud resources and what actions they can perform.
-
D.
Cloud Identity
Cloud Identity is Google Cloud’s standalone identity and access management service that provides centralized user, group, and device management with enterprise-grade security and single sign-on for cloud applications.
-
E.
Kubernetes service
A Kubernetes service is a managed cloud offering that provides orchestration, deployment, scaling, and management of containerized applications using the open-source Kubernetes platform.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: Network Service account Target entity description: The Network Service account is a built-in Windows service account with limited local privileges that accesses network resources using the computer’s credentials.
-
A.
Keystone Service
Keystone Service is an Amtrak-operated passenger rail service in Pennsylvania that provides frequent regional connections, primarily between Harrisburg and New York City via Philadelphia.
-
B.
Admin Directory service
Admin Directory service is a Google Workspace API that lets administrators programmatically manage users, groups, and organizational settings within their domain.
-
C.
Cloud IAM
Cloud IAM is Google Cloud’s identity and access management service that lets administrators define and enforce who can access specific cloud resources and what actions they can perform.
-
D.
Cloud Identity
Cloud Identity is Google Cloud’s standalone identity and access management service that provides centralized user, group, and device management with enterprise-grade security and single sign-on for cloud applications.
-
E.
Kubernetes service
A Kubernetes service is a managed cloud offering that provides orchestration, deployment, scaling, and management of containerized applications using the open-source Kubernetes platform.
- F. None of above. chosen
Statements (47)
| Predicate | Object |
|---|---|
| instanceOf |
Windows built-in service account
ⓘ
service account ⓘ |
| accesses | network resources ⓘ |
| authenticationMethod | computer account credentials ⓘ |
| availableSince | Windows 2000 and later ⓘ |
| canAccess |
domain resources permitted to the computer account
ⓘ
network shares using computer account ⓘ |
| canBeUsedFor | services that require network access ⓘ |
| cannot |
be assigned a password by administrators
ⓘ
be used for remote interactive logon ⓘ |
| category |
Windows security principal
ⓘ
built-in identity ⓘ |
| configuredVia |
Services management console
ⓘ
service configuration APIs ⓘ |
| contrastedWith |
Local Service account
ⓘ
Local System account ⓘ custom domain service accounts ⓘ |
| defaultGroupMembership |
Authenticated Users (on remote systems)
ⓘ
Users (local) ⓘ |
| hasLocalPrivileges | limited ⓘ |
| hasLogonRight | Log on as a service ⓘ |
| hasProfile | no roaming user profile ⓘ |
| isBuiltIn | true ⓘ |
| isManagedBy | operating system ⓘ |
| logonName | NT AUTHORITY\NETWORK SERVICE NERFINISHED ⓘ |
| logonType | service logon ⓘ |
| networkIdentity | computer account in Active Directory ⓘ |
| notRecommendedFor |
applications requiring administrative privileges
ⓘ
interactive logon ⓘ |
| passwordExpiration | does not require manual password changes ⓘ |
| passwordManagement | password managed by operating system ⓘ |
| platform |
Windows
ⓘ
surface form:
Microsoft Windows
|
| privilegeLevel |
higher than Local Service account
ⓘ
lower than Local System account ⓘ |
| recommendedUse | services needing network access with limited local rights ⓘ |
| runsWith | minimal local privileges ⓘ |
| scopeOfUse |
background processes
ⓘ
services ⓘ |
| securityContext | least-privileged ⓘ |
| securityGoal | reduce attack surface compared to Local System ⓘ |
| SID | S-1-5-20 ⓘ |
| supports | domain authentication via computer account ⓘ |
| usedByDefaultFor | some Windows services ⓘ |
| usedIn |
domain environments
ⓘ
workgroup environments ⓘ |
| usesCredentialsOf |
local computer account
ⓘ
machine account ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: Network Service account Description of subject: The Network Service account is a built-in Windows service account with limited local privileges that accesses network resources using the computer’s credentials.
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.