Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 371
  • Last Modified:

Requirement for dual approval when changing system passwords - Server 2008 R2 domain

We have a new requirement in that any changes to System passwords need to be approved by 2 users. Instead of 1 person with the appropriate permissions being able to change system passwords. Eg the administrator acocunt.

We have a server 2008 R2 domain level.
0
Mayogroup
Asked:
Mayogroup
1 Solution
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
Never heard of this requirement or ever being able to be considered or done.  Put simply, I'm going to say sorry, but this cannot be done without being able to implement some kind of two factor authentication and each person only has access to one "factor".

I'm curious if anyone else has suggestions, but your answer may simply be that this is not possible.  You might have to implement an audit system whereby you track who changes the password and then that person must retain records as to who authorized the change.
0
 
MayogroupAuthor Commented:
That is what I thought. It was a strange request, but I at least had to check.
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now