What are the best practices of managing local administrator account in large company with number of employees about 3000 in 1 office.
This is not very good, that 1 local administrator account have similar rights on all workstation. And the person that have local administrator password can connect to whatever workstation by admin share.
It's very easy for malicious user to collect administrator password. Just install keylogger and create some problem that require support personal to come to user's workstation and enter local administrator password. After this - the malicious user will have access to data in all workstations in company.
As I know if we disable local administrator account and the workstation will lost trust relationship with domain - I can just boot into safe mode and administrator account will be automatically enabled by Windows. Then I can create other temporary administrator account and boot normally.
But if there is no local administrator account on workstation I will be forced to use my domain account which also have access to all workstations and the password can be easily captured with keylogger. To overcome this I want to never enter my domain password on client workstation. So, when I go to resolve some problem on client workstation - I create local administrator account from remote MMC - Local users and groups before I go to client workstation. If workstation have no network access - I will go to it, reboot in safe mode and create temporary administrator account.
So the questions are:
1. Is it wise to disable administrator account on all client workstations?
2. Is it wise to create temporarily administrator account remotely from MMC when I go to troubleshoot some problem and if client workstation have no network - is it wise to boot in safe mode and create temporary local administrator account?
3. Are there any better ways of preventing malicious user to easily access all workstations in company?
I haven't got the time right now and will answer thoroughly later on.
But two facts need to be set straight,. first:
-you cannot boot into safe mode and get Access to the admin account on Domain joined
Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7.
Start the SARDU utility:
Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…