Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Changing the domain admin password

Posted on 2016-11-21
9
Medium Priority
?
134 Views
Last Modified: 2016-11-22
Hi all

Need some advice, need to change domain admin password. Apart from any services that may have manual credential entries, what else should i look out for
0
Comment
Question by:Technical Information
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 16

Assisted Solution

by:Jason Crawford
Jason Crawford earned 400 total points
ID: 41896042
Make sure you have a backup admin user account to fall back on if needed.
0
 
LVL 56

Expert Comment

by:McKnife
ID: 41896057
Look at this tool, it will list services and scheduled tasks on remote computers (search whole domain: possible) and list their accounts: http://www.cjwdev.com/Software/ServiceCredMan/Info.html - free even!
1
 
LVL 9

Accepted Solution

by:
jmac44 earned 1200 total points
ID: 41896666
I would not install tool that searches for credentials like that on my network period. You don't know what it's going to install and it not responsible for any System Admin to do that. It could install key loggers etc...

Your better off looking for schedule task yourself. Most services are not manually updated with admin passwords meaning if you change the admin password it will automatically change any services that use the Admin password. Your biggest concerns are schedule tasks and maybe some company apps that might rely on the admin password.  

I can not express what a failure it would be to install any ones software to search and discover where your admin password might be used.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 56

Expert Comment

by:McKnife
ID: 41897170
@jmac44
Agreed, why install tools from 3rd party sources when you can script it yourself? I can script that. but can the author do it?
And if you look at the tons of softwares that some people execute without the slightest bit of worrying... some with admin accounts, some even with domain admin accounts.

But still agreeing, although this would imply that you have no testing procedures running that take away the worries. I work for a company close to the military. Whatever software we introduce is closely monitored, any change on local or remote systems during installation or usage is analysed before it goes to the production environment. That software passed the test.
0
 
LVL 2

Author Comment

by:Technical Information
ID: 41897389
@jmac44 thanks for the advice and yes I agree, 3rd party software will not be used to recover passwords.

Can you advise on password complexity is a password like £$%Ffwe05" over the top for a domain admin password?
0
 
LVL 56

Assisted Solution

by:McKnife
McKnife earned 400 total points
ID: 41897401
"I agree, 3rd party software will not be used to recover passwords. " - recover passwords? No, that software queries task scheduler and service manager for account information - not for passwords. As I wrote, we tested that software for compliance.
"Can you advise on password complexity is a password like £$%Ffwe05" over the top for a domain admin password?" - a domain admin password should be complex and long (at least 15 characters) which should be no problem since it will not be typed regularly, only when administering the domain.
0
 
LVL 2

Author Comment

by:Technical Information
ID: 41897802
@Mcknife I worded that last comment wrong, i didn't mean recover password.
0
 
LVL 9

Assisted Solution

by:jmac44
jmac44 earned 1200 total points
ID: 41897808
Although your choice is complex it's a little short. Typically you want your admin password 15 character or longer and it shouldn't have any repeating characters with a combination of upper case, lower case and special characters.  It should be something that you can remember without having to reference anything while under pressure when something fails and the boss is breathing down your neck for results.

I like this article by Bruce Schneier that gives some simple advice on choosing passwords. https://www.schneier.com/blog/archives/2014/03/choosing_secure_1.html It's by no means aimed at System Administrators but he gives some good examples of how to choose complex passwords and why.
1
 
LVL 2

Author Comment

by:Technical Information
ID: 41898117
Thanks for your response guys, password has been changed using 14 characters, symbols and numbers. Only service I had to change was Kaspersky.
1

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question