If the DA is in the root forest.
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Heaton, Joseph@Wildlife
Sent: Wednesday, January 17, 2018 2:32 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: domain admin account passwords management
EA
Smith
Sent: Wednesday, January 17, 2018 12:15 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] RE: domain admin account passwords management
Notice: This email is from an outside source. Please do not open any
attachments, click on an
...@lists.myitforum.com] On
Behalf Of David McSpadden
Sent: Wednesday, January 17, 2018 12:30 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: domain admin account passwords management
Agreed on all accounts.
With that said how do we still manage the EA, DA, and SA accounts with the 90
day rotation
This is easy. Your remove domain admin from your service accounts. That is
unacceptable, insane...really bad. Take your pick. If they need more than
local admin on the box they are running then you dig in and give them the perms
they need.
Any vendor that says we need domain admin for a
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Michael B. Smith
Sent: Wednesday, January 17, 2018 11:15 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: domain admin account passwords management
I would suggest you should only have 4 (maximum)
@lists.myitforum.com
Subject: [NTSysADM] RE: domain admin account passwords management
Notice: This email is from an outside source. Please do not open any
attachments, click on any hyperlinks, or respond without first confirming the
authenticity of the email.
I would suggest you should only have 4 (maximum
I would suggest you should only have 4 (maximum) domain admin accounts.
If Ford can get by with 4, so can you.
And the actual Administrator account should have a disgustingly long password
that is written down and put in a safe.
I doubt highly that your service accounts need to be domain
7 matches
Mail list logo