Announcement

Collapse
No announcement yet.

Service that use Domain Admin credential

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Service that use Domain Admin credential

    Hello All,

    I new here its my first post:

    I got a new job that the environment are exclusively Window server 2003-2008, my previous job was Sun Os and Linux,i got a good experience on Window server and so far everything go well.

    But my IT director still test my skill , and have asking me what will be the consequence of changing the Domain Admin Password , im ok with this but since i new at this place, he want me to specify each service and application that will be affected by the password change...

    So my question, do you guys know any tool that can help me with this, some say nmap , but i don't know how to scan for this "specific task"

    Hope you can help me!!

    Thank!

  • #2
    Re: Service that use Domain Admin credential

    I'm not sure I completely understand your question...

    When you refer to the "Domain Admin Password" are you referring to the builtin DOMAIN\Administrator password?

    If so, that account shouldn't be used for anything but emergencies. Also, that account should never-ever-ever be used as a service account - I really hope you aren't doing that! You should have individual privileged accounts you create specifically for any person that requires domain administrator privileges

    If you can provide some clarity, I'll offer my perspective and try to answer your questions...
    Last edited by userPrincipalName; 18th July 2013, 19:26.
    Rules of life:
    1. Never do anything that requires thinking after 2:30 PM
    2. Simplicity is godliness
    3. Scale with extreme prejudice


    I occasionally post using a savantphone, so please don't laugh too hard at the typos...

    Comment


    • #3
      Re: Service that use Domain Admin credential

      You can tell him you don't know what the consequences would be since you didn't setup the domain and don't know if the person responsible created a specific Services Account instead of using the Dom Admin one. Better keep it nice in case your boss did the setup.
      1 1 was a racehorse.
      2 2 was 1 2.
      1 1 1 1 race 1 day,
      2 2 1 1 2

      Comment


      • #4
        Re: Service that use Domain Admin credential

        Originally posted by deste View Post
        But my IT director still test my skill , and have asking me what will be the consequence of changing the Domain Admin Password , im ok with this but since i new at this place, he want me to specify each service and application that will be affected by the password change...
        If there is a correct answer to that question, I believe it is this: Changing the password for the built-in Administrator account (or any account used to manage the domain, such as user accounts that are members of the Domain Admins or Enterprise Admins groups) should have no adverse effects in a properly configured domain environment.

        Services should not be using the "Administrator" account or an account that is a member of the "Domain Admins" group. On the off-chance that you are in fact using a product that specifically requires a service to be running with Domain Admin privileges, surely the configuration of that product and the associated service account will be properly documented?

        You could use a script to locate and identify service accounts (see this thread for more information). If no services are using the "Administrator" account, changing the password for that account should have no other consequence than requiring a different password to be entered at logon.

        Comment


        • #5
          Re: Service that use Domain Admin credential

          Hi thank all for all you answer,

          Well, i found a script that scan for any service or task management that use
          the DOMAIN\Administrator, unfortunately i found some service like "sql agent" on one machine but the MSSQL server( express) was stopped, found Symantec Backup Exec and all is 4 ? service running with DOMAIN\Administrator too, and another MSSQL server 2005 standard too..so far this is what i found and i need to give my report to on Tuesday..


          I will keep you informed , thank for all you precious advice

          Comment

          Working...
          X