On Apple networks I have seen the possibility of having one password work for any user, as a secondary password(not defined by the user, but the system admin). Is this possible with Active Directory?
- I do not want to keep user passwords documented as they are changed.
- I do not want to reset user passwords, then have to notify the user its been changed.
- I want a secondary password that can authenticate with selected users / groups / or OUs.
Is there a setting, third party software, or better standard of pratice I should be following?