Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 373
  • Last Modified:

Requirement for dual approval when changing system passwords - Server 2008 R2 domain

We have a new requirement in that any changes to System passwords need to be approved by 2 users. Instead of 1 person with the appropriate permissions being able to change system passwords. Eg the administrator acocunt.

We have a server 2008 R2 domain level.
0
Mayogroup
Asked:
Mayogroup
1 Solution
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
Never heard of this requirement or ever being able to be considered or done.  Put simply, I'm going to say sorry, but this cannot be done without being able to implement some kind of two factor authentication and each person only has access to one "factor".

I'm curious if anyone else has suggestions, but your answer may simply be that this is not possible.  You might have to implement an audit system whereby you track who changes the password and then that person must retain records as to who authorized the change.
0
 
MayogroupAuthor Commented:
That is what I thought. It was a strange request, but I at least had to check.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now