|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: Password Management with Services
From: Sergey V. Gordeychik (gordey
infosec.ru)
Date: Fri May 14 2004 - 00:24:28 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
>From: Adil Absar [mailto:saiyedadilabsarhotmail.com]
>Question is when the passowrd is changed on the account as per policy,
how
>to update all the users workstations of the change without giving an
>application group administrator access to users workstations?
1. You can change permissions on service to give group of user full
control on application service. This can be done via security template
and secedit.exe or Group Policy (See Security Templates, Security
Configuration and Analysis etc...).
http://www.microsoft.com/windowsxp/home/using/productdoc/en/default.asp?
url=/windowsxp/home/using/productdoc/en/sys_srv_permissions.asp
OR/AND
2. Periodically change password with following script.
I use it to change password on domain account and service account of SQL
services in domain.
Format of services.txt file is:
Dom\sqlsrv1
SqlSrv\MSSQLSERVER
<CR>
Dom\sqlsrv2
Cluster0\MSSQLSERVER
Cluster1\MSSQLSERVER
<CR> is \r\n.
This config will change password for Dom\sqlsrv1 user account and
MSSQLSERVER service on SqlSrv. After it change Dom\sqlsrv2 password and
password for service MSSQLSERVER on Cluster0 and Cluster1 boxes.
Detailed link (on Russian):
http://www.osp.ru/win2000/2003/07/056.htm
Script source:
http://www.osp.ru/win2000/2003/07/056_1v.htm
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]