Re: Service accounts best practices
From: Joe Richards [MVP] (humorexpress_at_hotmail.com)
Date: Thu, 16 Jun 2005 20:21:59 -0400
Make them document exactly why they need domain admin. I have done this dance
with several vendors. Generally they say that because they have no idea what
their app needs nor why.
-- Joe Richards Microsoft MVP Windows Server Directory Services www.joeware.net Ferdie wrote: > Can someone point me to a guide to securing service accounts? I have some > accounts that require Domain Admin rights (or so they say), but don't need > to log on locally. I'd like to remove that right, so that they don't use it > to bypass the logical access control. There might be some other issues that > come up, so I might need a guide. > > Thanks, > Ferdie > >