Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

IT asking for Domain passwords when upgrading computers

Posted on 2013-06-17
7
Medium Priority
?
262 Views
Last Modified: 2013-06-17
I know others Admins a completely against that and have ways instead of asking for Domain or Exchange email passwords.  
I like to hear what other Admins doing to avoid this question.  "what your password?", or we can reset and you change back later.

Thanks.
0
Comment
Question by:Tiras25
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 20

Assisted Solution

by:edster9999
edster9999 earned 400 total points
ID: 39254384
Your options are :

1. Have the user put in their password.  Normally you do not know how long it will take to run the process so this is impractical.
2. Get them to write down their login/password.  Not really good practice as you then know their login and if something goes wrong in the next few weeks they can blame you.
3. Same as number 2 but advise them to change it the next day (or toggle the flag so they HAVE to change it the next day)
4. You change their password to be something you know - and do your work, then at the end set it to something simple like Password123 and flag that it HAS to be changed on first login.

Which of these is good / bad - that depends on how good you want (or need) your security to be and how techy your user base is.
I would say 3 or 4 are acceptable and 1 and 2 or not in most cases
0
 
LVL 25

Assisted Solution

by:Ron Malmstead
Ron Malmstead earned 400 total points
ID: 39254685
I usually run into this when someone needs something done under their profile, and they aren't in the office to log on to their own computer.

As an admin, my options are..
1) call them and get their password.
2) reset their password.
3) wait until they get back.

If I can avoid it, I would rather not know someones password.. especially if that someone is my boss or a manager.
0
 
LVL 17

Author Comment

by:Tiras25
ID: 39254691
I'm with you on not knowing their passwords.  Just looking for alternative ways doing it.
0
Create the perfect environment for any meeting

You might have a modern environment with all sorts of high-tech equipment, but what makes it worthwhile is how you seamlessly bring together the presentation with audio, video and lighting. The ATEN Control System provides integrated control and system automation.

 
LVL 56

Assisted Solution

by:McKnife
McKnife earned 800 total points
ID: 39254693
Handing it over is a no-go. There is no need to as they can reset it, do their work and reset it to another pw you gave them (just for resetting it to something non-standard), then they will never have it. Of course there's still the problem with password history policies that won't allow you to change it back to the original pw - that's something indeed only an admin would be allowed to do.

But please think of the price: they know your pw, they can act as you whenever they like for whatever reason: making fun, mobbing, snooping personal stuff without being verifiable.

There should be no need to do that - upgrading (the OS, or what?) is no regular maintenance task and will NOT require the admin to logon as a user. Pre-setting user preferences without logging in as the user himself is no fine art but standard admin work.
0
 
LVL 17

Author Comment

by:Tiras25
ID: 39254766
Hi McKnife, this is for building a new computer for the user.   Are you saying this can be done without logging as that user and confoguring his or her profile?
0
 
LVL 56

Assisted Solution

by:McKnife
McKnife earned 800 total points
ID: 39254779
Of course, yes. I admit, it's nice to be able to verify certain things works  in the profile of that very user, but normally, they do :)! Everything can be preset scripted/via GPOs with experience at the admin side.
0
 
LVL 16

Accepted Solution

by:
Raymond Peng earned 400 total points
ID: 39254834
You can implement something like LastPass so passwords are saved and shared amongst Domain Admins only - when passwords are updated, you update the list.  Pretty much just a safe password list.
0

Featured Post

Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
IF you are either unfamiliar with rootkits, or want to know more about them, read on ....
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question