<div>
<div class="content wysiwyg-content">
What kind of questions should be asked when determining whether there is a valid business case for an AD account to be added into the domain admins group? Or on the flip side what kind of valid business cases are there for putting a user in a domain admins group, i.e. for what purposes is it necessary. Which of your accounts/staff of are domain admins and why? <br />
<br />
Also is there anyway to see when an account became a member of the domain admins group? i.e. whether this was part of the account creation (keep hearing about a “primary group”) or at a later date, elevation of privilege etc.
</div>
</div>


What kind of questions should be asked when determining whether there is a valid business case for an AD account to be added into the domain admins group? Or on the flip side what kind of valid business cases are there for putting a user in a domain admins group, i.e. for what purposes is it necessary. Which of your accounts/staff of are domain admins and why? 

Also is there anyway to see when an account became a member of the domain admins group? i.e. whether this was part of the account creation (keep hearing about a “primary group”) or at a later date, elevation of privilege etc.

domain admins account case

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

The Microsoft Server topic includes all of the legacy versions of the operating system, including the Windows NT 3.1, NT 3.5, NT 4.0 and Windows 2000 and Windows Home Server versions.

Microsoft Server OS

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.