I have searched the internet, technical documents, and asked various network support technicians, but have yet to get a clear cut answer to the question.
I have been involved with Network Security for many years and worked for several companies, either as a consultant, or full time employee and this question comes up everytime.
As a member of the Security Team, we are responsible for a multitude of things, many of which, in my opinion, require some type of privileded account in order to do our job.
The constant battle over whether to provide Domain Admin rights, Local Admin rights, and so on, is becoming a burden. Even creating an Admin level Service Account for our tools to run, is a fight.
I would like to know the forums thoughts on this subject.