Re: password expiration policy for admin and system accounts ?

From: Joe Richards [MVP] (humorexpress_at_hotmail.com)
Date: 10/21/05

• Next message: Joe Richards [MVP]: "Re: Password policy"
• Previous message: Imhotep: "Re: Windows chokes on latest Microsoft patch"
• In reply to: JJ: "password expiration policy for admin and system accounts ?"
• Next in thread: Brad Baker: "Re: password expiration policy for admin and system accounts ?"
• Reply: Brad Baker: "Re: password expiration policy for admin and system accounts ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Thu, 20 Oct 2005 20:23:55 -0400

Hell I would and do object as well.

http://blog.joeware.net/2005/05/08/10/

--
Joe Richards Microsoft MVP Windows Server Directory Services
www.joeware.net
JJ wrote:
> Our auditors are objecting to our having Domain Administrator and domain
> system accounts with passwords that never expire.
> 
> Yes, we change some of these passwords from time to time, but they're
> normally set to never expire.
> 
> 
> We are wondering about how other companies do it, since we've never heard of
> any IT Dept. that had such a policy, and we think the auditors are being
> unreasonable -- forcing password expiration on such accounts could be a
> logistical nightmare as it would cause critical services to stop running.
> 
> We're not that big, but we do have about 30 servers and 200 users to
> support. There's only 1 Win2K domain, with Exchange 2K, SQL and other
> resource servers.
> 
> Please post your experiences and opinions.
> 
> Thanks.
> 
> 

---

• Next message: Joe Richards [MVP]: "Re: Password policy"
• Previous message: Imhotep: "Re: Windows chokes on latest Microsoft patch"
• In reply to: JJ: "password expiration policy for admin and system accounts ?"
• Next in thread: Brad Baker: "Re: password expiration policy for admin and system accounts ?"
• Reply: Brad Baker: "Re: password expiration policy for admin and system accounts ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: password expiration policy for admin and system accounts ? ... Joe Richards Microsoft MVP Windows Server Directory Services ... > Our auditors are objecting to our having Domain Administrator and domain ... > system accounts with passwords that never expire. ... but we do have about 30 servers and 200 users to ... (microsoft.public.win2000.security) Re: nessus scan ... Null sessions do NOT allow unauthenticated access to data on ... > when XP Pro users try to change their domain passwords at logon. ... > downlevel clients to access those servers. ... > auditing for account logons events and account management on domain ... (microsoft.public.win2000.security) Re: Outlook express ... I recently purchased a Dell and still want to use Outlook ... no matter what computer you use to access your account. ... still go through all of your accounts with passwords and change them. ... Email goes to your ISP's servers, ... (microsoft.public.windows.inetexplorer.ie6_outlookexpress) Re: How do you have OWA configured???? ... How to Change OWA Passwords Through IIS ... The exchange servers are stand alone AD units that ... (microsoft.public.inetserver.iis.security) Re: Lock out Internet logon attempts? ... > How long are your passwords? ... >> willing to take the minimum precautions of safety on the internet, ... >> Safety and Security starts with the servers that I own. ... (microsoft.public.security)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)