Solved

Can you have a password that works on any Active Directory user?

Posted on 2008-06-20
4
408 Views
Last Modified: 2010-03-17
On Apple networks I have seen the possibility of having one password work for any user, as a secondary password(not defined by the user, but the system admin). Is this possible with Active Directory?

- I do not want to keep user passwords documented as they are changed.
- I do not want to reset user passwords, then have to notify the user its been changed.
- I want a secondary password that can authenticate with selected users / groups / or OUs.

Is there a setting, third party software, or better standard of pratice I should be following?

Hamm
0
Comment
Question by:aguyhamm
  • 2
4 Comments
 
LVL 83

Expert Comment

by:oBdA
ID: 21829672
Definitely not. For your own safety and that of your users.
How would a user feel if the admin would log on with the user's account and send an insulting email to management?
How would an admin feel if a user would send an insulting email to management, then claim it was the admin, 'because he's able to logon with my account'?
Standard practice is to either handle this together with the user, or to reset the password, which is an audited event and can not be hidden from the user.
There is usually no need to log on as the user.
0
 
LVL 2

Expert Comment

by:andrewjones1987
ID: 21830804
that facility is not available in Microsoft Apps
0
 

Author Comment

by:aguyhamm
ID: 21832034
We have a content server that records what users are logged into what machine, ect. So it could be proven the email did not come from the specified user.

When someone is having Exchange/Outlook/OWA issues I am looking for an easy way to check and make sure things are corrected, without having to reset a users password to see their inbox.

Is there a different way to approach this?
0
 
LVL 83

Accepted Solution

by:
oBdA earned 250 total points
ID: 21833253
And how exactly would you "prove" this if the admin is logging on with the user's credentials?
Anyway, no, Windows does not provide any way to do so other than resetting the user's password, and it's better for you and for the user.
0

Featured Post

Superior storage. Superior surveillance.

WD Purple drives are built for 24/7, always-on, high-definition security systems. With support for up to 8 hard drives and 32 cameras, WD Purple drives are optimized for surveillance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now