Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 77
  • Last Modified:

Group Policy security best practice for service account used by Account auditing tool ?

People,

I'm using Netwrix ALE: https://www.netwrix.com/account_lockout_examiner.html freeware to get some report about the locked account in my AD domain.

But the problem is that due to PCI compliance, I cannot put the service accoutn which is used by the service as the member of the DOMAIN\Administrator group, and also cannot be member for all Computer and Server Local Administrator group either ?

So can anyone here please share some thought and comments of how it is best to secure this type of service account while maintaining its functions ?

Thanks.

According to this guide: https://www.netwrix.com/download/documents/Netwrix_Account_Lockout_Examiner_Administrator_Guide.pdf
it requires at least local administraor to audit security log & event ?
0
Senior IT System Engineer
Asked:
Senior IT System Engineer
  • 2
1 Solution
 
bbaoIT ConsultantCommented:
basically, as always, the principle of least privilege applies.

per the instruction on page 8 regarding service account's requirement, it "'must be a member of the Domain Admins group in all managed domains, OR have" five given rights, you got two choices: domain admin or a specific user with customised rights.

therefore you may create a user to meet the five rules. be aware the LOCAL administrator right is a MUST for client workstation, this seems to be uncompromised.
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
Ah I see,

So according to the page 8, I do not have any other choice than to give the Local Administrators group member for all Servers & Computers in the domain.
0
 
bbaoIT ConsultantCommented:
correct.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now