Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.
Solved
Requirement for dual approval when changing system passwords - Server 2008 R2 domain
Posted on 2012-03-28
We have a new requirement in that any changes to System passwords need to be approved by 2 users. Instead of 1 person with the appropriate permissions being able to change system passwords. Eg the administrator acocunt.
We have a server 2008 R2 domain level.
We have a server 2008 R2 domain level.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2 Comments
Active today
Never heard of this requirement or ever being able to be considered or done. Put simply, I'm going to say sorry, but this cannot be done without being able to implement some kind of two factor authentication and each person only has access to one "factor".
I'm curious if anyone else has suggestions, but your answer may simply be that this is not possible. You might have to implement an audit system whereby you track who changes the password and then that person must retain records as to who authorized the change.
I'm curious if anyone else has suggestions, but your answer may simply be that this is not possible. You might have to implement an audit system whereby you track who changes the password and then that person must retain records as to who authorized the change.
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
A safe way to clean winsxs folder from your windows server 2008 R2 editions
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job.
The first step is to acquire the necessary licen…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller.
Log onto the new domain controller with a user account t…
Suggested Courses
Course of the Month13 days, left to enroll
650 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.