• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 297
  • Last Modified:

2nd login for domain users

We regularly need to log-in as the user instead of administrator.  Is there any way (perhaps from AD) that we can assign a regularly changing password that will let us sign-in as the user when needed.  This way the user has a password for 'his account', as do domain admins.
0
tedpenner
Asked:
tedpenner
3 Solutions
 
sirbountyCommented:
A user account can only have a single password...
There's not an option to have one for the user and one for admins.

You can log in as the admin and then run specific applications using "RunAs", but unfortunately there's no solution like you're seeking...
0
 
chris_calabreseCommented:
Or the other way around - login as the regular user and use run-as to access a secondary administrator account (preferably one per person for auditability).

And in Vista, you'll actually be able to have a single admin-privileged account but run normally with regular privs but have something like run-as to get admin when you need it.
0
 
younghvCommented:
RichRumble will probably weigh in on this - he has published numerous articles on it.

We have 2 network accounts for each Domain Administrator.
A regular user account with the same privs as all other users on the network (how else can you test configurations and functions).
Each admin has a separate account to do that work ("Run As" or logged in with that account).

Giving an account admin rights and then allowing that user to log in that way for normal work is a major breach of basic network security and opens your network for some serious intrusion.

Vic
0
KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

 
mahe2000Commented:
the operating system does not allow to do that because of a security problem. in that way you can steal users identity and act as if you were him.
0
 
sirbountyCommented:
With all due respect, I'm not certain that last comment provided anything on top of what was already stated...
0
 
younghvCommented:
Agree with sirbounty.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now