Gary,
You can look for authentication attempts on your domain controller to
see where the admin acct logs in.
Ideally, the admin acct wouldn't be used, rather you would have a
separate service acct for each service that needed rights. That way you
could assign specific rights to each service (they likely don't need
domain admin rights, they likely only need local admin rights or
specific rights on a few select boxes).
However, I just wanted to throw out a reminder: changing the domain
admin password does not change the AD restore password.
Kind Regards,
Scott Ramsdell
-----Original Message-----
From: listbounce_at_securityfocus.com [mailto:listbounce_at_securityfocus.com]
On Behalf Of Gary Collis
Sent: Thursday, February 01, 2007 2:41 PM
To: security-basics_at_lists.securityfocus.com
Subject: Changing the domain admin password.
Time has come to change the domain admin password. Unfortunately this is
used (hardcoded?) across the network in lots of different places,
services, virus downloads etc. Does anyone know of a way for me to audit
the admin account so I can see where it is currently in use.
Has anyone got any other tips for changing the domain admin password
without lots of pain?
Thanks,
Received on Feb 02 2007
Intro
