diff --git a/site/windows/manifests/init.pp b/site/windows/manifests/init.pp
new file mode 100644
index 0000000..08c6e8d
--- /dev/null
+++ b/site/windows/manifests/init.pp
@@ -0,0 +1 @@
+class windows {}
diff --git a/site/windows/manifests/users.pp b/site/windows/manifests/users.pp
new file mode 100644
index 0000000..b77582c
--- /dev/null
+++ b/site/windows/manifests/users.pp
@@ -0,0 +1,32 @@
+# Create a local user
+# Create a local group
+# Add the user to the group
+# Grant your user the "Log on as a Service" right
+
+# Explain what the "Log on as a Service" right does : 
+# This policy setting determines which service accounts can register a process as a service. 
+# Running a process under a service account circumvents the need for human intervention.
+
+
+
+class windows::users {
+  $users = ['service-01']
+  $group = 'service-account'
+
+  user { $users:
+    ensure => present,
+  }
+
+  group { $group:
+    ensure => present, 
+    members => $users,
+  }
+
+  # local_security_policy { 'Log on as a service':
+  #   ensure => present,
+  #   policy_value => '90',
+  # }
+
+}
+
+