Solved

How to keep domain admin password only accessible at the actual server

Posted on 2014-11-17
3
149 Views
Last Modified: 2014-11-19
I have a small 2012 Active Directory network with about 300 clients. I recently found out that going on any client as an administrator and doing a "net user administrator <new-password> /Domain" the servers and all of the other clients password were changed. I wish to restrict that so only accessing the server itself can this be done. I have looked in group policy under default domain policy and can't seem to find the specific policy that provides that. Help please.
0
Comment
Question by:hatcherb1234
  • 2
3 Comments
 
LVL 54

Expert Comment

by:McKnife
ID: 40448614
Why do you want to do that - what's the idea if I may ask?
Because only the domain admin himself can use that command in the first place.
0
 
LVL 1

Author Comment

by:hatcherb1234
ID: 40453126
I realize that. I just feel uncomfortable about it and I believe it is a stupid design to allow any client on the domain the ability to make such powerful changes as that just in case someone learns the domain password. I'm from the old school where physical security was part of the rule.
0
 
LVL 54

Accepted Solution

by:
McKnife earned 500 total points
ID: 40453661
I see. Well, if someone learned the password, the last thing he would do is change it, that would only arouse suspicions.

You cannot do anything about it since the ability to change a password is given anywhere.
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In today's information driven age, entrepreneurs have so many great tools and options at their disposal to help turn good ideas into a thriving business. With cloud-based online services, such as Amazon's Web Services (AWS) or Microsoft's Azure, bus…
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question