Re: Service accounts best practices
From: Ferdie (ferdie_at_sand.rr.com)
Date: 06/22/05
- Next message: Roger Abell: "Re: Service accounts best practices"
- Previous message: Adam Drayer: "Re: People pinging on my computer after firewall installed, previously infected!"
- In reply to: Roger Abell [MVP]: "Re: Service accounts best practices"
- Next in thread: Roger Abell: "Re: Service accounts best practices"
- Reply: Roger Abell: "Re: Service accounts best practices"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 21 Jun 2005 15:10:56 -0700
Thanks for the links. FYI - I just saw these links on the GRC Security
forums.
Looks like a good read.
"Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message
news:OQA7ROhdFHA.2288@TK2MSFTNGP14.phx.gbl...
> Fredie,
>
> These are not going to cover that list, but may give some people
> some pause, if not food for thought.
>
> The Administrator Accounts Security Planning Guide
> http://www.microsoft.com/technet/security/topics/serversecurity/administratoraccounts/default.mspx
>
> The Services and Service Accounts Security Planning Guide
> http://www.microsoft.com/technet/security/topics/serversecurity/serviceaccount/default.mspx
>
> As I said, hot off the press, so I really have not had time to digest
> enough
> to be opinionated on these . . .
>
> --
> Roger Abell
> Microsoft MVP (Windows Server: Security)
>
>
> "Ferdie" <ferdie@sand.rr.com> wrote in message
> news:uvZOXebdFHA.584@TK2MSFTNGP15.phx.gbl...
>> Take your time.
>>
>> Some issues that I'll be looking for in the guide:
>>
>> Best way to give DB Admins access to Enterprise Admin.
>>
>> Best way to give Backup Operators access. We don't have the Backup
>> Operators group. We're using W2K native mode.
>>
>> Best way to allow service accounts local access without access to log on
>> locally.
>>
>> Best way to allow service accounts to copy files between multiple
>> servers.
>>
>> Best way to allow Admins access to C$ shares.
>>
>> Best way to monitor access using a privileged account.
>>
>>
>>
>> "Roger Abell" <mvpNOSpam@asu.edu> wrote in message
>> news:OtQLxEadFHA.4040@TK2MSFTNGP14.phx.gbl...
>>> I'll try to give it a quick review today and forward link along
>>> (weekend :-)
>>>
>>> --
>>> Roger
>>
>>
>
>
- Next message: Roger Abell: "Re: Service accounts best practices"
- Previous message: Adam Drayer: "Re: People pinging on my computer after firewall installed, previously infected!"
- In reply to: Roger Abell [MVP]: "Re: Service accounts best practices"
- Next in thread: Roger Abell: "Re: Service accounts best practices"
- Reply: Roger Abell: "Re: Service accounts best practices"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
