Jump to content

How does your organizations manage the local administrator account on workstations?

Guest Spin

By Guest Spin
in Techno Babble

 Share

Recommended Posts

Guest Phillip Windell

Guest Phillip Windell

Posted
Posted

Re: How does your organizations manage the local administrator acc

 

"Dan" <Dan@discussions.microsoft.com> wrote in message

news:1747E688-5C5C-43CD-AB30-7727A05530BF@microsoft.com...<span style="color:blue">

> Good point and the yellow sticky notes that people try to hide near their

> computers</span>

 

Hide? :-)

 

I've seen 'em stuck on monitor all the way around. The stupid thing looked

like a giant Sun Flower! :-)

I didn't know if I should Click-it, sniff it, or each the seeds.

 

--

Phillip Windell

www.wandtv.com

 

The views expressed, are my own and not those of my employer, or Microsoft,

or anyone else associated with me, including my cats.

-----------------------------------------------------

  • Replies 33
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Dan

Guest Dan

Posted
Posted

Re: How does your organizations manage the local administrator acc

 

Well, I am expanding the topic to include a multi-level security approach

with using not only login passwords which of course is better on Windows XP

but also BIOS passwords, passwords used in 3rd party programs, biometrics,

and how to fully safeguard and secure your machine from hackers whether

internal or most importantly imo, remote external hackers with such skills

that we could be talking about employees from the federal governments of say

China or Russia now that is the true big time.

 

"Paul Adare - MVP" wrote:

<span style="color:blue">

> On Tue, 2 Sep 2008 20:16:00 -0700, Dan wrote:

> <span style="color:green">

> > Just buy and use cryptainer --- gee whiz and it works on Windows 98

> >

> > http://www.cypherix.com/sols.htm</span>

>

> We're talking about logon passwords here Dan. Should be obvious.

>

>

>

> --

> Paul Adare

> MVP - Identity Lifecycle Manager

> http://www.identit.ca

> Long computations that yield zero are probably all for naught.

> </span>

Guest Dan

Guest Dan

Posted
Posted

Re: How does your organizations manage the local administrator acc

 

Good idea but I would go farther that the discarded passwords be shredded and

then ideally burned by fire just to be extra safe and secure and to keep you

safe from dumpster diving.

 

"S. Pidgorny <MVP>" wrote:

<span style="color:blue">

> G'day:

>

> Spin wrote:<span style="color:green">

> > Gurus,

> >

> > How does your organizations manage the local administrator account on

> > workstations? Typically the end-users do run with "administrative"

> > privileges, but a local admin account is needed to access a machine

> > offline. So how is this account typically named (i.e. renamed) and

> > password secured (i.e., complex and only a few people know it)? Then

> > you have the problem of having to change this password on every

> > workstation if a member of the IT staff leaves. Just looking for quick

> > thoughts here, no long treatise on the topic is necessary!

> > </span>

>

> Set random password and throw it away. Do not try managing passwords for

> disk encryption either.

>

> Users should not have expectation that the data located on the local

> disks can be recovered in case of the system failure. Store data on servers.

>

> Stateless systems that actually reset to original state when user logs

> off will proliferate, thanks to advances of virtual desktop

> technologies. There is no point in managing local admin password on such

> systems.

>

> --

> Svyatoslav Pidgorny, MS MVP - Security, MCSE

> -= F1 is the key =-

>

> http://sl.mvps.org http://msmvps.com/blogs/sp

> </span>

Guest Roger Abell [MVP]

Guest Roger Abell [MVP]

Posted
Posted

Re: How does your organizations manage the local administrator acc

 

"Dan" <Dan@discussions.microsoft.com> wrote in message

news:B443F559-7733-4E98-9B7D-7609F6879A58@microsoft.com...<span style="color:blue">

> Good idea but I would go farther that the discarded passwords be shredded

> and

> then ideally burned by fire just to be extra safe and secure and to keep

> you

> safe from dumpster diving.

></span>

 

but what about the molecular ash reorganizers ??

 

<span style="color:blue">

> "S. Pidgorny <MVP>" wrote:

><span style="color:green">

>> G'day:

>>

>> Spin wrote:<span style="color:darkred">

>> > Gurus,

>> >

>> > How does your organizations manage the local administrator account on

>> > workstations? Typically the end-users do run with "administrative"

>> > privileges, but a local admin account is needed to access a machine

>> > offline. So how is this account typically named (i.e. renamed) and

>> > password secured (i.e., complex and only a few people know it)? Then

>> > you have the problem of having to change this password on every

>> > workstation if a member of the IT staff leaves. Just looking for quick

>> > thoughts here, no long treatise on the topic is necessary!

>> ></span>

>>

>> Set random password and throw it away. Do not try managing passwords for

>> disk encryption either.

>>

>> Users should not have expectation that the data located on the local

>> disks can be recovered in case of the system failure. Store data on

>> servers.

>>

>> Stateless systems that actually reset to original state when user logs

>> off will proliferate, thanks to advances of virtual desktop

>> technologies. There is no point in managing local admin password on such

>> systems.

>>

>> --

>> Svyatoslav Pidgorny, MS MVP - Security, MCSE

>> -= F1 is the key =-

>>

>> http://sl.mvps.org http://msmvps.com/blogs/sp

>> </span></span>

Guest Dan

Guest Dan

Posted
Posted

Re: How does your organizations manage the local administrator acc

 

Seriously or a Joke <grins>

 

"Roger Abell [MVP]" wrote:

<span style="color:blue">

> "Dan" <Dan@discussions.microsoft.com> wrote in message

> news:B443F559-7733-4E98-9B7D-7609F6879A58@microsoft.com...<span style="color:green">

> > Good idea but I would go farther that the discarded passwords be shredded

> > and

> > then ideally burned by fire just to be extra safe and secure and to keep

> > you

> > safe from dumpster diving.

> ></span>

>

> but what about the molecular ash reorganizers ??

>

> <span style="color:green">

> > "S. Pidgorny <MVP>" wrote:

> ><span style="color:darkred">

> >> G'day:

> >>

> >> Spin wrote:

> >> > Gurus,

> >> >

> >> > How does your organizations manage the local administrator account on

> >> > workstations? Typically the end-users do run with "administrative"

> >> > privileges, but a local admin account is needed to access a machine

> >> > offline. So how is this account typically named (i.e. renamed) and

> >> > password secured (i.e., complex and only a few people know it)? Then

> >> > you have the problem of having to change this password on every

> >> > workstation if a member of the IT staff leaves. Just looking for quick

> >> > thoughts here, no long treatise on the topic is necessary!

> >> >

> >>

> >> Set random password and throw it away. Do not try managing passwords for

> >> disk encryption either.

> >>

> >> Users should not have expectation that the data located on the local

> >> disks can be recovered in case of the system failure. Store data on

> >> servers.

> >>

> >> Stateless systems that actually reset to original state when user logs

> >> off will proliferate, thanks to advances of virtual desktop

> >> technologies. There is no point in managing local admin password on such

> >> systems.

> >>

> >> --

> >> Svyatoslav Pidgorny, MS MVP - Security, MCSE

> >> -= F1 is the key =-

> >>

> >> http://sl.mvps.org http://msmvps.com/blogs/sp

> >> </span></span>

>

>

> </span>

Guest George Ellis

Guest George Ellis

Posted
Posted

Re: How does your organizations manage the local administrator acc

 

You don't have one? We have to use ours at least once a month.

 

"Dan" <Dan@discussions.microsoft.com> wrote in message

news:600CE98F-B842-41E3-A852-44D23107E053@microsoft.com...<span style="color:blue">

> Seriously or a Joke <grins>

>

> "Roger Abell [MVP]" wrote:

><span style="color:green">

>> "Dan" <Dan@discussions.microsoft.com> wrote in message

>> news:B443F559-7733-4E98-9B7D-7609F6879A58@microsoft.com...<span style="color:darkred">

>> > Good idea but I would go farther that the discarded passwords be

>> > shredded

>> > and

>> > then ideally burned by fire just to be extra safe and secure and to

>> > keep

>> > you

>> > safe from dumpster diving.

>> ></span>

>>

>> but what about the molecular ash reorganizers ??

>>

>></span></span>

Guest ~BD~

Guest ~BD~

Posted
Posted

Re: How does your organizations manage the local administrator acc

 

"We" ???? Can't you manage its use all by yourself? <wink>

 

Dave

 

--

"George Ellis" <george.ellis@9delta9.com> wrote in message

news:eyZxe10DJHA.1228@TK2MSFTNGP02.phx.gbl...<span style="color:blue">

> You don't have one? We have to use ours at least once a month.</span>

 

<snip>

Guest Dan

Guest Dan

Posted
Posted

Re: How does your organizations manage the local administrator acc

 

It is funny and I talk in we are the time at work in referring to my

co-workers or should I say are Wii there yet --- <grin> --- really dumb I

know but my humor is poor --- <smiles>

 

"~BD~" wrote:

<span style="color:blue">

> "We" ???? Can't you manage its use all by yourself? <wink>

>

> Dave

>

> --

> "George Ellis" <george.ellis@9delta9.com> wrote in message

> news:eyZxe10DJHA.1228@TK2MSFTNGP02.phx.gbl...<span style="color:green">

> > You don't have one? We have to use ours at least once a month.</span>

>

> <snip>

>

>

> </span>

  • 1 month later...
Guest Matt Maslowski

Guest Matt Maslowski

Posted
Posted

RE: How does your organizations manage the local administrator account

 

Spin,

 

I've seen a couple of companies using product provided by Autocipher -

www.autocipher.com....this is an agentless password management solution for a

windows environment.....It simply does the job!

 

Let me know if you have any questions.

 

Matt

 

"Spin" wrote:

<span style="color:blue">

> Gurus,

>

> How does your organizations manage the local administrator account on

> workstations? Typically the end-users do run with "administrative"

> privileges, but a local admin account is needed to access a machine offline.

> So how is this account typically named (i.e. renamed) and password secured

> (i.e., complex and only a few people know it)? Then you have the problem of

> having to change this password on every workstation if a member of the IT

> staff leaves. Just looking for quick thoughts here, no long treatise on the

> topic is necessary!

>

> --

> Spin

>

> </span>

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...