mailing list archives
Re: Re: Securing workstations from IT guys
From: bert.knabe () lubbockonline com
Date: 27 Nov 2007 15:49:18 -0000
#2 If IT does not know the local admin password, how can they do their job, patching & maintaining the PC.
Realistically, there shouldn't be any HR related applications that absolutely require end users to use the Admin ID to
do their job. And there is no other reason for user to know admin password.</snip>
Where I work we use images from our corporate parent. We install them over the network, leaving the "admin" account
password as it was set by corporate, which allows them to push updates they have tested for conflicts. AFAIK only the
people who make the images and the Landesk software know that password. The local techs have two accounts, a "normal"
account and a "shortname" account with full admin privileges. Normally the tech will login with the normal account, but
when there is a need to install software or do anything else requiring admin rights the shortname is used. The
shortname accounts are monitored more closely than the normal accounts, and any tech abusing his position will be dealt
Re: FW: Securing workstations from IT guys kurt . kessler (Nov 29)
- RE: Securing workstations from IT guys, (continued)