Problems with "Log on as a service"

[StefanSa]

Hi rich, i have the following problem with the "Logon Restrictions for Tier 0/1/2 servers". Especially with "Log on as a service" -NT SERVICE\ALL Services -LogOnAsService

I have tested the GPO "Logon Restrictions for Tier 1 Servers" assigned to a sharepoint server. For this i added the necessary sharepoint services to the local group "LogOnAsService". However, many other applications have not started because they are not members of the local local group "LogOnAsService".

For example: SQLServer2005SQLBrowserUser$COMPUTER NT SERVICE\SQLTELEMETRY NT SERVICE\SQLSERVERAGENT NT SERVICE\MSSQLSERVER IIS APPPOOL \ Classic .NET AppPool IIS APPPOOL \ .NET v4.5 IIS APPPOOL \ .NET v2.0 IIS APPPOOL \ .NET v4.5 Classic IIS APPPOOL \ .NET v2.0 Classic

What is the best way to deal with such special groups? The local prinizable of "NT SERVICE + IIS APPPOOL were no problem, but what am i doing with SQLServer2005SQLBrowserUser$COMPUTER?