you could use a program like password safe, keeps the info local, but now you have to share a password amongst staff to get to passwords you want to share amongst staff ;P
On Wed, Nov 5, 2014 at 12:13 PM, Matthew W. Ross <[email protected]> wrote: > Just curious, but what would you use as an alternative? > > ACLs can be ignored if you have physical access to the machine. Online > syncing solutions (like LastPass) are a little scary for me, if your > keeping those keys to the kingdom in them. (Not to say LastPass and others > like it are not great for personal password.) > > The only other option I can think of is a hand-written list, kept on > something non-digital. Please enlighten me to the (I'm sure glaringly > obvious) solution I'm not thinking of! Sm:)e. > > > --Matt Ross > Ephrata School District > > > > > Matthew W. Ross <[email protected]> , 11/5/2014 9:07 AM: > > Yes, if the file it's in is encrypted. > > > --Matt Ross > Ephrata School District > > > > > Kennedy, Jim <[email protected]> , 11/5/2014 5:35 AM: > > Are you two ok with storing important passwords in text document on a > share and using ACL’s to secure that? > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Matthew W. Ross > *Sent:* Tuesday, November 4, 2014 7:52 PM > *To:* [email protected] > *Subject:* Re: [NTSysADM] Has anyone implemented this solution? > > > > If you don't trust Windows based ACLs, how do you secure anything in > Windows? > > > > --Matt Ross > Ephrata School District > > > > > > Michael B. Smith <[email protected]> , 11/4/2014 4:46 PM: > > Do you trust Windows ACL-based security? > > If not - well, you might have a lot of other concerns as well. > > -----Original Message----- > From: [email protected] [mailto: > [email protected]] On Behalf Of Kurt Buff > Sent: Tuesday, November 4, 2014 7:41 PM > To: [email protected] > Subject: Re: [NTSysADM] Has anyone implemented this solution? > > Yes, they are stored in plain text in the AD field. That's something to > think about, and something to test in the lab. > > Kurt > > On Tue, Nov 4, 2014 at 4:18 PM, Kennedy, Jim <[email protected]> > wrote: > > My kid just pointed out that in the fine print it states the passwords > > are stored in plain text. Yea the are restricted access but still..... > > > > > > Comments mention you can get then encrypted with Premier. > > > > ------ Original message------ > > > > From: Kurt Buff > > > > Date: Tue, Nov 4, 2014 3:51 PM > > > > To: [email protected]; > > > > Subject:Re: [NTSysADM] Has anyone implemented this solution? > > > > Cool. I'll see if I can lab this up, and if I get it working, I'll > > report back. > > > > Thanks! > > > > Kurt > > > > On Tue, Nov 4, 2014 at 12:35 PM, Kennedy, Jim > > <[email protected]> wrote: > >> Ok, got one confirmation from Twitter that it deployed with no > >> problems and works as advertised. > >> > >> -----Original Message----- > >> From: [email protected] > >> [mailto:[email protected]] On Behalf Of Kurt Buff > >> Sent: Tuesday, November 4, 2014 2:42 PM > >> To: [email protected] > >> Subject: [NTSysADM] Has anyone implemented this solution? > >> > >> If so, how did it go? Any gotchas? > >> > >> Blog article on implementation > >> > >> http://blogs.technet.com/b/askpfeplat/archive/2014/05/19/how-to-autom > >> ate-changing-the-local-administrator-password.aspx > >> > >> Code for the project > >> https://code.msdn.microsoft.com/Solution-for-management-of-ae44e789 > >> > >> I might have the chance to implement, but wanted feedback before I > >> put it up in a lab. > >> > >> Thanks, > >> > >> Kurt > >> > >> > > > > > >
