http://itknowledgeexchange.techtarget.com/itanswers/ad-domain-admin-permissions-to-sql/ Fri, 27 Nov 2009 06:43:29 +0000 http://wordpress.org/?v=2.6.2 http://itknowledgeexchange.techtarget.com/itanswers/ad-domain-admin-permissions-to-sql/#comment-64336 Hlx Tue, 09 Jun 2009 17:09:36 +0000 #comment-64336 Depending on your viewpoint, it would be pretty trivial for a Domain Admin to change a password and login as a domain user that they know is SA and then grant themselves access. The only clue would be that the hijacked account holder would then be unable to login with what they thought was their password. One call to the help desk or perhaps even the Domain Admin to reset their password and all traces go away. Depending on your viewpoint, it would be pretty trivial for a Domain Admin to change a password and login as a domain user that they know is SA and then grant themselves access. The only clue would be that the hijacked account holder would then be unable to login with what they thought was their password. One call to the help desk or perhaps even the Domain Admin to reset their password and all traces go away.

]]>