Hope to get some help on this:
My objective is to prevent a in-house developed service to run if Windows cannot connect to the domain controller during startup. The reason for this is that some old machines may have hardware time wrong and when they started up, if they are not able to communicate with the DC, their times will be wrong. Some down-level clients (devices using embedded os) get the time from these machines (Windows XP, Windows 7 professional) and if the time is wrong and the service is running, wrong time will be propagated, that can create havoc.
So, if it is possible to only allow the service to run if I am sure that the time is correct (that the machine has synchronized with a DC), then I can prevent down-level machines to synchronize time with these Windows workstations.
Is it possible? For example, if machine authentication with DC fails during startup the service shall not start. Is there any Windows service that is dependent on machine authentication with DC (that can only run if machine authentication is successful)?
Valuable skills are not learned, learned skills aren't valuable.