Maybe it may be politic to be careful about deleting system logs, or even accessing records of login, or runas attempts.
I found that some log entries on a system I was admin'ing hid passwords if you used the supplied extraction/viewer, but they were clearly visible if you just used a text file handler, and/or text browser to extract the required records - perl, REXX etc. And for those with naughty intent, even a collection of incorrect password attempts can give very useful hints. JimB From: [email protected] [mailto:[email protected]] On Behalf Of [email protected] Sent: Monday, June 23, 2014 10:14 PM To: [email protected] Subject: Re: [NTSysADM] Permission for Helpdesk Auditing is your friend here, as is a separate account. Unseemly behaviour equals dismissal. Despatched via Blackberry. Mock if you will, but it gets my email without a fuss. _____ From: J- P <[email protected]> Sender: [email protected] Date: Mon, 23 Jun 2014 17:04:09 -0400 To: [email protected] <mailto:[email protected]%[email protected]> <[email protected]> ReplyTo: [email protected] Subject: RE: [NTSysADM] Permission for Helpdesk And what if he's a "wiesenheimer" and resets my password ? _____ From: [email protected] To: [email protected] Subject: RE: [NTSysADM] Permission for Helpdesk Date: Mon, 23 Jun 2014 20:51:28 +0000 You may also want to consider granting the ability to unlock an account due to too many incorrect passwords. -Aakash Shah From: [email protected] [mailto:[email protected]] On Behalf Of J- P Sent: Monday, June 23, 2014 12:01 PM To: [email protected] Subject: RE: [NTSysADM] Permission for Helpdesk ahh,, and that's why I ask- and on that note, to reset Citrix sessions, is basically local admin on the Citrix box correct? Jean-Paul Natola _____ Subject: Re: [NTSysADM] Permission for Helpdesk To: [email protected] From: [email protected] Date: Mon, 23 Jun 2014 18:54:19 +0000 Reset passwords and reset Citrix sessions Nowt else :-) Despatched via Blackberry. Mock if you will, but it gets my email without a fuss. _____ From: J- P <[email protected]> Sender: [email protected] Date: Mon, 23 Jun 2014 14:47:28 -0400 To: [email protected] <mailto:[email protected]%[email protected]> <[email protected]> ReplyTo: [email protected] Subject: [NTSysADM] Permission for Helpdesk Hi all, I'll be transitioning from full time in-house IT to network/server consultant, I would like to get a helpdesk intern or something of that nature to help out with day-day . Aside from making the helpdesk a local admin on the desktops , are there any other permissisons I should grant ? Off the top , the only thing that comes to mind is allowing print server access in case they need to restart the spooler or the server- This is the network; 6 locations VPN Each location has its own DC main office servers are ; Exchange/BlackBerry/Citrix/RDS/VOIP/File/Helpdesk/DFSR/Accounting Server any tips would be appreciated
