Solved

Admin Password

Posted on 2011-09-02
8
277 Views
Last Modified: 2012-05-12
I recently had a sysadmin quit. To be safe I want to reset the Domain Administrator password with as little fuss as possible. Is there a very simple procedure for this - i.e. select administrator account in AD and change password or are there other considerations?

Thanks
0
Comment
Question by:gwg80
  • 2
  • 2
  • 2
  • +2
8 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36473431
The biggest consideration here is if the account is used for any services.  If it is you will have to update the password on the services too.    Other than that you should be ok and this is best practice for security reasons.

Thanks

Mike
0
 
LVL 10

Expert Comment

by:abhijitwaikar
ID: 36473489
Services shouldn't run under user accounts, for this sort of reason. The only thing you can do is make sure everything keeps running smoothly when you make the change.

but anyhow if you know which services use the admin account, create a dedicated account(s) for those services, make sure they run OK using the new credentials and then change the admin password.

Check the Password Policies for Windows Active Directory.
http://www.my-pcgeek.com/wordpress/?p=93

Regards,
Abhijitw.
0
 
LVL 6

Expert Comment

by:c1nmo
ID: 36477174
It could be used within applications as well as services e.g. ftp server to connect to AD.  Depends how big your company is, number of systems/services.  If the person is leaving the company you could disable remote access for this domain admin account?  If he was worth his salt he wouldn't have used this account!
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 24

Accepted Solution

by:
Awinish earned 500 total points
ID: 36480880
You can make use of below article to scan the account used for service or not & then reset the password. Mostly, i have seen people configured domain admin for SQL service.

http://adventuresofanitpro.blogspot.com/2007/12/script-to-audit-service-accounts.html
http://community.spiceworks.com/scripts/show/74-search-for-service-account
0
 

Author Comment

by:gwg80
ID: 36485119
99% of all services have Local System or Local Service listed as Log On. Does this impact anything?
0
 
LVL 24

Expert Comment

by:Awinish
ID: 36485149
Nope,you are good to go.

0
 
LVL 10

Expert Comment

by:abhijitwaikar
ID: 36498691
99% of all services have Local System or Local Service
That is fine, No imapct but what about 1%?  

As suggested, if anyone uses admin or other account, create a dedicated account(s) for those services, make sure they run OK using the new credentials and then change the admin password.

Regards,
AbhiijitW.
0
 

Author Closing Comment

by:gwg80
ID: 36540367
Went off without a hitch.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question