Register

Forgot Password

Site FAQ

Home > IT Answers > Security > How best to control Junior Admins

Pandub

130 pts.

How best to control Junior Admins

Administrative privileges, IT staff, Junior Network Administrators, Network administrators, Windows Server 2003

Hi all, Need to give new member of team Admin rights, but I'd like to know how you all manage your junior admins? I'd like to give restricted rights and have an audit trail. Environments in Use; - Window server 2003 and Active Directory - Vmware ESX + vcentre - Lotus Domino + Notes I guess most of it comes down to AD! Thanks Paul

Software/Hardware used:

ASKED: June 2, 2009 10:51 PM

UPDATED: June 4, 2009 4:57 PM

RELATED QUESTIONS

Answer Wiki:

You would recommend using of both a security group (e.g. Junior Admins), assign those personnel in this membership, and then create a group policy with those permissions. Then assign this group policy to this security group. As per the auditing, You can use the built-in auditing within windows with some modifications. Or you can use a product like Active Administrator. Within ESX, you cause modify the authentication mechanism to utilize Active Directory. Here's the pdf link to enable that: http://www.vmware.com/vmtn/resources/582 Lotus Domino & Notes (not familiar with) should be able to utilize AD which can then be audited by Active Administrator.

Last Wiki Answer Submitted: June 4, 2009 4:57 pm by Aguacer0

8,120 pts.

All Answer Wiki Contributors: Aguacer0

8,120 pts.

To see all answers submitted to the Answer Wiki: View Answer History.

RSS - Discussions Help

Discuss This Question:

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

POSTED: Jun 2, 2009 11:37 PM (GMT)

A large stick and threats of physical violence works for me. “You break my network, I break your fingers”

Also the words “If you don’t know how to do it, ASK” – That is how we all learn. And make regular backups !

BlankReg

12,265 pts.

POSTED: Jun 3, 2009 4:58 PM (GMT)

Hi.

Here are the documents and procedures on administering the systems. All changes are logged. Access to the local administrator account password is for emergencies only and is logged (it is also changed 4 hours after the password is retrieved).

If you don’t know how to do something or are unclear on procedure, ask. Nothing goes to production without successfully going through test.

The first minor oops is free. Second oops or major oops get you…

So far as learning and testing? That is why there are test and engineering environments.

Here is your administrative IDs for each environment and initial passwords. Change the passwords now.

Pjb0222

3,310 pts.

Ask a Question

Browse IT Answers by Topic

>>VIEW ALL TAGS

Community Blog | About Us | Contact Us | FAQ | Terms of Use | DMCA Policy

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organization's IT projects - with its network of technology-specific Web sites, events and magazines.
All Rights Reserved, Copyright 1999-2013, TechTarget | Read our Privacy Policy
Questions and Answers Index 1 | Questions and Answers Index 2 | IT Topics Index 1 | IT Topics Index 2 | Blogs Index | Blogs Tags