It is extremely easy to get a hold of your account list, anyone on your network can see this list. With NT 4.0 and 2k is all a user needs is "user manager for domains" copied from a nt 4 server CD. Also, all a user has to do is down load a demo of a program like hyena. Users do not need any special permission to view the user list they just can't change it. Also the account description is viewable so you would not want to put users passwords in there for those people who call you every Monday because they can't remember there password. Don't laugh I see this a lot. Is what we do is just create user accounts with very normal names then the IT director keeps a list under lock and key.
Justin Elkins IS Department MCSE, A+ VLC, an IGT company 2311 South 7th Avenue Bozeman, MT 59715 email: [EMAIL PROTECTED] office telephone: 406-585-6733 fax:406-586-8211 cellular (emergency use only): 406-920-2317 "This message is confidential and may contain VLC or Anchor Gaming proprietary information. If you are not the intended recipient of this message, please reply to the sender, and delete this message immediately. Contents copyright 2000 - 2002" -----Original Message----- From: Wes Owen [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 09, 2002 9:53 AM To: NT 2000 Discussions Subject: Use of administrative accounts We are in the process of implementing separate administrative accounts for all of our admins as part of a security project and trying to put as many "best practices" in place as possible. Any one else out their doing such a thing? If so, how did you implement them from a naming perspective. We started out adding a ADM designation on each account, but doing that really makes them stick out. If someone was to get a hold of an account list in some manner I am concerned that they may immediately know what accounts to go after. This e-mail and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. If you are NOT the intended recipient or the person responsible for delivering the e-mail to the intended recipient, be advised that you have received this e-mail in error and that any use, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited. ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED] ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
