[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

How to keep domain admin password only accessible at the actual server

Posted on 2014-11-17
3
Medium Priority
?
163 Views
Last Modified: 2014-11-19
I have a small 2012 Active Directory network with about 300 clients. I recently found out that going on any client as an administrator and doing a "net user administrator <new-password> /Domain" the servers and all of the other clients password were changed. I wish to restrict that so only accessing the server itself can this be done. I have looked in group policy under default domain policy and can't seem to find the specific policy that provides that. Help please.
0
Comment
Question by:hatcherb1234
  • 2
3 Comments
 
LVL 58

Expert Comment

by:McKnife
ID: 40448614
Why do you want to do that - what's the idea if I may ask?
Because only the domain admin himself can use that command in the first place.
0
 
LVL 1

Author Comment

by:hatcherb1234
ID: 40453126
I realize that. I just feel uncomfortable about it and I believe it is a stupid design to allow any client on the domain the ability to make such powerful changes as that just in case someone learns the domain password. I'm from the old school where physical security was part of the rule.
0
 
LVL 58

Accepted Solution

by:
McKnife earned 2000 total points
ID: 40453661
I see. Well, if someone learned the password, the last thing he would do is change it, that would only arouse suspicions.

You cannot do anything about it since the ability to change a password is given anywhere.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
The Relationships Diagram is a good way to get an overall view of what a database is keeping track of. It is also where relationships are defined. A relationship specifies how two tables connect to each other. As you build tables in Microsoft Ac…
Planning to migrate your EDB file(s) to a new or an existing Outlook PST file? This video will guide you how to convert EDB file(s) to PST. Besides this, it also describes, how one can easily search any item(s) from multiple folders or mailboxes…
Suggested Courses
Course of the Month8 days, 6 hours left to enroll

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question