Solved

Group Policy security best practice for service account used by Account auditing tool ?

Posted on 2016-08-29
4
39 Views
Last Modified: 2016-10-16
People,

I'm using Netwrix ALE: https://www.netwrix.com/account_lockout_examiner.html freeware to get some report about the locked account in my AD domain.

But the problem is that due to PCI compliance, I cannot put the service accoutn which is used by the service as the member of the DOMAIN\Administrator group, and also cannot be member for all Computer and Server Local Administrator group either ?

So can anyone here please share some thought and comments of how it is best to secure this type of service account while maintaining its functions ?

Thanks.

According to this guide: https://www.netwrix.com/download/documents/Netwrix_Account_Lockout_Examiner_Administrator_Guide.pdf
it requires at least local administraor to audit security log & event ?
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 37

Accepted Solution

by:
bbao earned 500 total points
ID: 41775833
basically, as always, the principle of least privilege applies.

per the instruction on page 8 regarding service account's requirement, it "'must be a member of the Domain Admins group in all managed domains, OR have" five given rights, you got two choices: domain admin or a specific user with customised rights.

therefore you may create a user to meet the five rules. be aware the LOCAL administrator right is a MUST for client workstation, this seems to be uncompromised.
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 41775839
Ah I see,

So according to the page 8, I do not have any other choice than to give the Local Administrators group member for all Servers & Computers in the domain.
0
 
LVL 37

Expert Comment

by:bbao
ID: 41775845
correct.
0

Featured Post

WordPress Tutorial 1: Installation & Setup

WordPress is a very popular option for running your web site and can be used to get your content online quickly for the world to see. This guide will walk you through installing the WordPress server software and the initial setup process.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Part One of the two-part Q&A series with MalwareTech.
This article is written by John Gates, CISSP. Gates, the SNUG President-Elect, currently holds the position of Manager of Information Systems at Lake Park High School in Roselle, Illinois.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question