Re: About network admin password
What equipment do you use to send the SMS? On Fri, Oct 28, 2011 at 13:06, Sam Cayze sca...@gmail.com wrote: I send mine directly to my SMS gateway, bypassing our mail server. SMS is pretty much the only thing that works at my cabin anyway, so this is preferred for me. All my important alerts go that route. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, October 28, 2011 1:21 PM To: NT System Admin Issues Subject: Re: About network admin password So, how do you get 'circuit down' messages? On Fri, Oct 28, 2011 at 09:20, David Lum david@nwea.org wrote: The monitoring software I use can send messages via SMTP, so one of the checks is to watch event logs for specific UserID's and then send it to my call phone's e-mail address. I also finally got smart and stopped using my clients local e-mail server as the SMTP relay too, kind of hard to get e-mail server down messages when you are relying on the monitored e-mail server to send a message out :-) -Original Message- From: HELP_PC [mailto:g...@enter.it] Sent: Friday, October 28, 2011 6:46 AM To: NT System Admin Issues Subject: R: About network admin password Where from did you setup a send text to the phone? Guido Elia HELPPC -Messaggio originale- Da: David Lum [mailto:david@nwea.org] Inviato: venerdì 28 ottobre 2011 15.28 A: NT System Admin Issues Oggetto: RE: About network admin password At %nightjob% a couple users at clients have DA accounts so they can occasionally install software on their SBS servers (usually with vendors onsite and I am unavailable), and I have event log monitoring set up to send a text to my phone whenever that account us used. It's a compromise we live with that beats alternatives. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, October 27, 2011 7:05 AM To: NT System Admin Issues Subject: Re: About network admin password On Thu, Oct 27, 2011 at 9:57 AM, HELP_PC g...@enter.it wrote: How can I may be sure that another people don't try to get access as admin if they know the password.Track every logon ? Track every log on, and immediately log the details to a system they don't have access to. (If you only log locally, they can modify the log records.) Possibly less intensive is to not simply give them the password. Instead, give them a record of the password under opaque seal. Periodically audit the seal to make sure it hasn't been broken. If they need some access normally: Create a separate account, with separate credentials. Grant that account the least privilege they need to do their job. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana
RE: About network admin password
At %nightjob% a couple users at clients have DA accounts so they can occasionally install software on their SBS servers (usually with vendors onsite and I am unavailable), and I have event log monitoring set up to send a text to my phone whenever that account us used. It's a compromise we live with that beats alternatives. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, October 27, 2011 7:05 AM To: NT System Admin Issues Subject: Re: About network admin password On Thu, Oct 27, 2011 at 9:57 AM, HELP_PC g...@enter.it wrote: How can I may be sure that another people don't try to get access as admin if they know the password.Track every logon ? Track every log on, and immediately log the details to a system they don't have access to. (If you only log locally, they can modify the log records.) Possibly less intensive is to not simply give them the password. Instead, give them a record of the password under opaque seal. Periodically audit the seal to make sure it hasn't been broken. If they need some access normally: Create a separate account, with separate credentials. Grant that account the least privilege they need to do their job. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
R: About network admin password
Where from did you setup a send text to the phone? Guido Elia HELPPC -Messaggio originale- Da: David Lum [mailto:david@nwea.org] Inviato: venerdì 28 ottobre 2011 15.28 A: NT System Admin Issues Oggetto: RE: About network admin password At %nightjob% a couple users at clients have DA accounts so they can occasionally install software on their SBS servers (usually with vendors onsite and I am unavailable), and I have event log monitoring set up to send a text to my phone whenever that account us used. It's a compromise we live with that beats alternatives. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, October 27, 2011 7:05 AM To: NT System Admin Issues Subject: Re: About network admin password On Thu, Oct 27, 2011 at 9:57 AM, HELP_PC g...@enter.it wrote: How can I may be sure that another people don't try to get access as admin if they know the password.Track every logon ? Track every log on, and immediately log the details to a system they don't have access to. (If you only log locally, they can modify the log records.) Possibly less intensive is to not simply give them the password. Instead, give them a record of the password under opaque seal. Periodically audit the seal to make sure it hasn't been broken. If they need some access normally: Create a separate account, with separate credentials. Grant that account the least privilege they need to do their job. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: About network admin password
I have some events emailed to my phone's texting email address (num...@vtext.net) - I also have them sent to my personal email address so I can view the entire event text. Sean Rector, MCSE -Original Message- From: HELP_PC [mailto:g...@enter.it] Sent: Friday, October 28, 2011 9:46 AM To: NT System Admin Issues Subject: R: About network admin password Where from did you setup a send text to the phone? Guido Elia HELPPC -Messaggio originale- Da: David Lum [mailto:david@nwea.org] Inviato: venerdì 28 ottobre 2011 15.28 A: NT System Admin Issues Oggetto: RE: About network admin password At %nightjob% a couple users at clients have DA accounts so they can occasionally install software on their SBS servers (usually with vendors onsite and I am unavailable), and I have event log monitoring set up to send a text to my phone whenever that account us used. It's a compromise we live with that beats alternatives. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, October 27, 2011 7:05 AM To: NT System Admin Issues Subject: Re: About network admin password On Thu, Oct 27, 2011 at 9:57 AM, HELP_PC g...@enter.it wrote: How can I may be sure that another people don't try to get access as admin if they know the password.Track every logon ? Track every log on, and immediately log the details to a system they don't have access to. (If you only log locally, they can modify the log records.) Possibly less intensive is to not simply give them the password. Instead, give them a record of the password under opaque seal. Periodically audit the seal to make sure it hasn't been broken. If they need some access normally: Create a separate account, with separate credentials. Grant that account the least privilege they need to do their job. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin Information Technology Manager Virginia Opera Association E-Mail: sean.rec...@vaopera.org Phone:(757) 213-4548 (direct line) {+} Tickets and Subscriptions On Sale Now! Aida | Hansel And Gretel | Orphée | The Mikado Visit us online at www.VaOpera.org or call 1-866-OPERA-VA Experience the Beauty, Power Passion of Virginia Opera. This e-mail and any attached files are confidential and intended solely for the intended recipient(s). Unless otherwise specified, persons unnamed as recipients may not read, distribute, copy or alter this e-mail. Any views or opinions expressed in this e-mail belong to the author and may not necessarily represent those of Virginia Opera. Although precautions have been taken to ensure no viruses are present, Virginia Opera cannot accept responsibility for any loss or damage that may arise from the use of this e-mail or attachments. {*} ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: About network admin password
The monitoring software I use can send messages via SMTP, so one of the checks is to watch event logs for specific UserID's and then send it to my call phone's e-mail address. I also finally got smart and stopped using my clients local e-mail server as the SMTP relay too, kind of hard to get e-mail server down messages when you are relying on the monitored e-mail server to send a message out :-) -Original Message- From: HELP_PC [mailto:g...@enter.it] Sent: Friday, October 28, 2011 6:46 AM To: NT System Admin Issues Subject: R: About network admin password Where from did you setup a send text to the phone? Guido Elia HELPPC -Messaggio originale- Da: David Lum [mailto:david@nwea.org] Inviato: venerdì 28 ottobre 2011 15.28 A: NT System Admin Issues Oggetto: RE: About network admin password At %nightjob% a couple users at clients have DA accounts so they can occasionally install software on their SBS servers (usually with vendors onsite and I am unavailable), and I have event log monitoring set up to send a text to my phone whenever that account us used. It's a compromise we live with that beats alternatives. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, October 27, 2011 7:05 AM To: NT System Admin Issues Subject: Re: About network admin password On Thu, Oct 27, 2011 at 9:57 AM, HELP_PC g...@enter.it wrote: How can I may be sure that another people don't try to get access as admin if they know the password.Track every logon ? Track every log on, and immediately log the details to a system they don't have access to. (If you only log locally, they can modify the log records.) Possibly less intensive is to not simply give them the password. Instead, give them a record of the password under opaque seal. Periodically audit the seal to make sure it hasn't been broken. If they need some access normally: Create a separate account, with separate credentials. Grant that account the least privilege they need to do their job. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
R: About network admin password
Win7 and Server 2008 do the job but which software do you use for server 2003 ? Guido Elia HELPPC -Messaggio originale- Da: David Lum [mailto:david@nwea.org] Inviato: venerdì 28 ottobre 2011 18.20 A: NT System Admin Issues Oggetto: RE: About network admin password The monitoring software I use can send messages via SMTP, so one of the checks is to watch event logs for specific UserID's and then send it to my call phone's e-mail address. I also finally got smart and stopped using my clients local e-mail server as the SMTP relay too, kind of hard to get e-mail server down messages when you are relying on the monitored e-mail server to send a message out :-) -Original Message- From: HELP_PC [mailto:g...@enter.it] Sent: Friday, October 28, 2011 6:46 AM To: NT System Admin Issues Subject: R: About network admin password Where from did you setup a send text to the phone? Guido Elia HELPPC -Messaggio originale- Da: David Lum [mailto:david@nwea.org] Inviato: venerdì 28 ottobre 2011 15.28 A: NT System Admin Issues Oggetto: RE: About network admin password At %nightjob% a couple users at clients have DA accounts so they can occasionally install software on their SBS servers (usually with vendors onsite and I am unavailable), and I have event log monitoring set up to send a text to my phone whenever that account us used. It's a compromise we live with that beats alternatives. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, October 27, 2011 7:05 AM To: NT System Admin Issues Subject: Re: About network admin password On Thu, Oct 27, 2011 at 9:57 AM, HELP_PC g...@enter.it wrote: How can I may be sure that another people don't try to get access as admin if they know the password.Track every logon ? Track every log on, and immediately log the details to a system they don't have access to. (If you only log locally, they can modify the log records.) Possibly less intensive is to not simply give them the password. Instead, give them a record of the password under opaque seal. Periodically audit the seal to make sure it hasn't been broken. If they need some access normally: Create a separate account, with separate credentials. Grant that account the least privilege they need to do their job. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: About network admin password
Monitoring software: Hostmonitor from www.ks-soft.net Alerting allows you to specify an SMTP server so I just enter in my Netfirms mail info (same info I use to connect Outlook) smtp server name: Email Address: yourem...@yourdomain.com Outgoing Mail Server (SMTP): smtp.yourdomain.com (SMTP port: 587); Account/User Name: yourem...@yourdomain.com; Password: Your WebMail Password. Same settings are available in Hostmonitor (and most other monitoring apps I am sure). As Hostmonitor lets my specify a primary and backup SMTP server the primary SMTP is my IT Garage stiff, secondary is my personal e-mail account. Dave -Original Message- From: HELP_PC [mailto:g...@enter.it] Sent: Friday, October 28, 2011 9:49 AM To: NT System Admin Issues Subject: R: About network admin password Win7 and Server 2008 do the job but which software do you use for server 2003 ? Guido Elia HELPPC -Messaggio originale- Da: David Lum [mailto:david@nwea.org] Inviato: venerdì 28 ottobre 2011 18.20 A: NT System Admin Issues Oggetto: RE: About network admin password The monitoring software I use can send messages via SMTP, so one of the checks is to watch event logs for specific UserID's and then send it to my call phone's e-mail address. I also finally got smart and stopped using my clients local e-mail server as the SMTP relay too, kind of hard to get e-mail server down messages when you are relying on the monitored e-mail server to send a message out :-) -Original Message- From: HELP_PC [mailto:g...@enter.it] Sent: Friday, October 28, 2011 6:46 AM To: NT System Admin Issues Subject: R: About network admin password Where from did you setup a send text to the phone? Guido Elia HELPPC -Messaggio originale- Da: David Lum [mailto:david@nwea.org] Inviato: venerdì 28 ottobre 2011 15.28 A: NT System Admin Issues Oggetto: RE: About network admin password At %nightjob% a couple users at clients have DA accounts so they can occasionally install software on their SBS servers (usually with vendors onsite and I am unavailable), and I have event log monitoring set up to send a text to my phone whenever that account us used. It's a compromise we live with that beats alternatives. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, October 27, 2011 7:05 AM To: NT System Admin Issues Subject: Re: About network admin password On Thu, Oct 27, 2011 at 9:57 AM, HELP_PC g...@enter.it wrote: How can I may be sure that another people don't try to get access as admin if they know the password.Track every logon ? Track every log on, and immediately log the details to a system they don't have access to. (If you only log locally, they can modify the log records.) Possibly less intensive is to not simply give them the password. Instead, give them a record of the password under opaque seal. Periodically audit the seal to make sure it hasn't been broken. If they need some access normally: Create a separate account, with separate credentials. Grant that account the least privilege they need to do their job. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana
Re: About network admin password
So, how do you get 'circuit down' messages? On Fri, Oct 28, 2011 at 09:20, David Lum david@nwea.org wrote: The monitoring software I use can send messages via SMTP, so one of the checks is to watch event logs for specific UserID's and then send it to my call phone's e-mail address. I also finally got smart and stopped using my clients local e-mail server as the SMTP relay too, kind of hard to get e-mail server down messages when you are relying on the monitored e-mail server to send a message out :-) -Original Message- From: HELP_PC [mailto:g...@enter.it] Sent: Friday, October 28, 2011 6:46 AM To: NT System Admin Issues Subject: R: About network admin password Where from did you setup a send text to the phone? Guido Elia HELPPC -Messaggio originale- Da: David Lum [mailto:david@nwea.org] Inviato: venerdì 28 ottobre 2011 15.28 A: NT System Admin Issues Oggetto: RE: About network admin password At %nightjob% a couple users at clients have DA accounts so they can occasionally install software on their SBS servers (usually with vendors onsite and I am unavailable), and I have event log monitoring set up to send a text to my phone whenever that account us used. It's a compromise we live with that beats alternatives. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, October 27, 2011 7:05 AM To: NT System Admin Issues Subject: Re: About network admin password On Thu, Oct 27, 2011 at 9:57 AM, HELP_PC g...@enter.it wrote: How can I may be sure that another people don't try to get access as admin if they know the password.Track every logon ? Track every log on, and immediately log the details to a system they don't have access to. (If you only log locally, they can modify the log records.) Possibly less intensive is to not simply give them the password. Instead, give them a record of the password under opaque seal. Periodically audit the seal to make sure it hasn't been broken. If they need some access normally: Create a separate account, with separate credentials. Grant that account the least privilege they need to do their job. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: About network admin password
From-the-outside monitoring of our links - mxtoolbox.com for example. Sean Rector, MCSE -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, October 28, 2011 2:21 PM To: NT System Admin Issues Subject: Re: About network admin password So, how do you get 'circuit down' messages? On Fri, Oct 28, 2011 at 09:20, David Lum david@nwea.org wrote: The monitoring software I use can send messages via SMTP, so one of the checks is to watch event logs for specific UserID's and then send it to my call phone's e-mail address. I also finally got smart and stopped using my clients local e-mail server as the SMTP relay too, kind of hard to get e-mail server down messages when you are relying on the monitored e-mail server to send a message out :-) -Original Message- From: HELP_PC [mailto:g...@enter.it] Sent: Friday, October 28, 2011 6:46 AM To: NT System Admin Issues Subject: R: About network admin password Where from did you setup a send text to the phone? Guido Elia HELPPC -Messaggio originale- Da: David Lum [mailto:david@nwea.org] Inviato: venerdì 28 ottobre 2011 15.28 A: NT System Admin Issues Oggetto: RE: About network admin password At %nightjob% a couple users at clients have DA accounts so they can occasionally install software on their SBS servers (usually with vendors onsite and I am unavailable), and I have event log monitoring set up to send a text to my phone whenever that account us used. It's a compromise we live with that beats alternatives. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, October 27, 2011 7:05 AM To: NT System Admin Issues Subject: Re: About network admin password On Thu, Oct 27, 2011 at 9:57 AM, HELP_PC g...@enter.it wrote: How can I may be sure that another people don't try to get access as admin if they know the password.Track every logon ? Track every log on, and immediately log the details to a system they don't have access to. (If you only log locally, they can modify the log records.) Possibly less intensive is to not simply give them the password. Instead, give them a record of the password under opaque seal. Periodically audit the seal to make sure it hasn't been broken. If they need some access normally: Create a separate account, with separate credentials. Grant that account the least privilege they need to do their job. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin Information Technology Manager Virginia Opera Association E-Mail: sean.rec...@vaopera.org Phone:(757) 213-4548 (direct line) {+} Tickets and Subscriptions On Sale Now! Aida | Hansel And Gretel | Orphée | The Mikado Visit us online at www.VaOpera.org or call 1-866-OPERA-VA Experience the Beauty, Power Passion of Virginia Opera. This e-mail and any attached files are confidential and intended solely for the intended recipient(s). Unless otherwise specified, persons unnamed as recipients may not read, distribute, copy or alter this e-mail. Any views or opinions expressed in this e-mail belong to the author and may not necessarily represent those of Virginia Opera. Although precautions have been taken to ensure no viruses are present, Virginia Opera cannot accept responsibility for any loss or damage that may arise from the use of this e-mail or attachments
RE: About network admin password
I don't, but the circuit is not managed by me :-) -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, October 28, 2011 11:21 AM To: NT System Admin Issues Subject: Re: About network admin password So, how do you get 'circuit down' messages? On Fri, Oct 28, 2011 at 09:20, David Lum david@nwea.org wrote: The monitoring software I use can send messages via SMTP, so one of the checks is to watch event logs for specific UserID's and then send it to my call phone's e-mail address. I also finally got smart and stopped using my clients local e-mail server as the SMTP relay too, kind of hard to get e-mail server down messages when you are relying on the monitored e-mail server to send a message out :-) -Original Message- From: HELP_PC [mailto:g...@enter.it] Sent: Friday, October 28, 2011 6:46 AM To: NT System Admin Issues Subject: R: About network admin password Where from did you setup a send text to the phone? Guido Elia HELPPC -Messaggio originale- Da: David Lum [mailto:david@nwea.org] Inviato: venerdì 28 ottobre 2011 15.28 A: NT System Admin Issues Oggetto: RE: About network admin password At %nightjob% a couple users at clients have DA accounts so they can occasionally install software on their SBS servers (usually with vendors onsite and I am unavailable), and I have event log monitoring set up to send a text to my phone whenever that account us used. It's a compromise we live with that beats alternatives. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, October 27, 2011 7:05 AM To: NT System Admin Issues Subject: Re: About network admin password On Thu, Oct 27, 2011 at 9:57 AM, HELP_PC g...@enter.it wrote: How can I may be sure that another people don't try to get access as admin if they know the password.Track every logon ? Track every log on, and immediately log the details to a system they don't have access to. (If you only log locally, they can modify the log records.) Possibly less intensive is to not simply give them the password. Instead, give them a record of the password under opaque seal. Periodically audit the seal to make sure it hasn't been broken. If they need some access normally: Create a separate account, with separate credentials. Grant that account the least privilege they need to do their job. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: About network admin password
I send mine directly to my SMS gateway, bypassing our mail server. SMS is pretty much the only thing that works at my cabin anyway, so this is preferred for me. All my important alerts go that route. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, October 28, 2011 1:21 PM To: NT System Admin Issues Subject: Re: About network admin password So, how do you get 'circuit down' messages? On Fri, Oct 28, 2011 at 09:20, David Lum david@nwea.org wrote: The monitoring software I use can send messages via SMTP, so one of the checks is to watch event logs for specific UserID's and then send it to my call phone's e-mail address. I also finally got smart and stopped using my clients local e-mail server as the SMTP relay too, kind of hard to get e-mail server down messages when you are relying on the monitored e-mail server to send a message out :-) -Original Message- From: HELP_PC [mailto:g...@enter.it] Sent: Friday, October 28, 2011 6:46 AM To: NT System Admin Issues Subject: R: About network admin password Where from did you setup a send text to the phone? Guido Elia HELPPC -Messaggio originale- Da: David Lum [mailto:david@nwea.org] Inviato: venerdì 28 ottobre 2011 15.28 A: NT System Admin Issues Oggetto: RE: About network admin password At %nightjob% a couple users at clients have DA accounts so they can occasionally install software on their SBS servers (usually with vendors onsite and I am unavailable), and I have event log monitoring set up to send a text to my phone whenever that account us used. It's a compromise we live with that beats alternatives. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, October 27, 2011 7:05 AM To: NT System Admin Issues Subject: Re: About network admin password On Thu, Oct 27, 2011 at 9:57 AM, HELP_PC g...@enter.it wrote: How can I may be sure that another people don't try to get access as admin if they know the password.Track every logon ? Track every log on, and immediately log the details to a system they don't have access to. (If you only log locally, they can modify the log records.) Possibly less intensive is to not simply give them the password. Instead, give them a record of the password under opaque seal. Periodically audit the seal to make sure it hasn't been broken. If they need some access normally: Create a separate account, with separate credentials. Grant that account the least privilege they need to do their job. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: About network admin password
2011/10/27 HELP_PC g...@enter.it wrote: That is the point. The password should be in a sealed envelope. But unless I resign or GDF wants access, and I am the only person responsible for the network can I ask to be notified if the envelope Is unsealed? You can, but you do not have the right to unless you are the person indicated officially as the custodian and keeper of records concerning passwords (in the documento programmatico sulla sicurezza), the company does not have an obligation towards any user/administrator to this respect. Basically, the system was not designed with function and business continuity in mind. You can try to tweak the system by obtaining that the company voluntarily complies to your request, which puts you more or less in a safe harbour. From that point onwards I would definitely accept the suggestions that have been offered by others in this thread. May I note that this thread is very local to Italy, others in the list do not even get the point of your request. There are not enough Italians in this list to help you out. I think you should address Italian resources to understand what you can do or not. Start googling from here: http://www.google.com/search?q=Documento+Programmatico+sulla+Sicurezza -- Best, Roberto Grippi roberto.gri...@gmail.com mobile +39 331 221.03.27 office +39 091 50.83.823 2011/10/27 HELP_PC g...@enter.it ** That is the point. The password should be in a sealed envelope. But unless I resign or GDF wants access, and I am the only person responsible for the network can I ask to be notified if the envelope Is unsealed? ** ** ** ** *Guido Elia*** *HELPPC*** -- *Da:* Roberto Grippi [mailto:roberto.gri...@gmail.com] *Inviato:* mercoledì 26 ottobre 2011 21.39 *A:* ** NT System Admin Issues** *Oggetto:* Re: About network admin password ** ** Under Italian law any company *must* record in sealed envelopes ALL passwords, be it users or administrators, without any regards whether they are internal or external. This obligation is intended to document the entire company network, and allow GdF (the local IRS) to avoid answers that amount to denial of access like sorry, cannot remember my password ..., and finally avoid the need of a complete seizure of company computers for the sake of fiscal investigation *in lieu *of access by properly instructed law enforcer to force access to the company network. HTH Best, Roberto Grippi 2011/10/26 HELP_PC g...@enter.it Should an external network admin release to the boss the password ? Should he get a warranty that no other access the network as admin if he didn't leave the job with the company ? - ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
R: About network admin password
Really the problem is another. How can I may be sure that another people don't try to get access as admin if they know the password.Track every logon ? Inizio: Roberto Grippi [roberto.gri...@gmail.com] Inviato: giovedì 27 ottobre 2011 10.45 Fine: NT System Admin Issues Oggetto: Re: About network admin password 2011/10/27 HELP_PC g...@enter.itmailto:g...@enter.it wrote: That is the point. The password should be in a sealed envelope. But unless I resign or GDF wants access, and I am the only person responsible for the network can I ask to be notified if the envelope Is unsealed? You can, but you do not have the right to unless you are the person indicated officially as the custodian and keeper of records concerning passwords (in the documento programmatico sulla sicurezza), the company does not have an obligation towards any user/administrator to this respect. Basically, the system was not designed with function and business continuity in mind. You can try to tweak the system by obtaining that the company voluntarily complies to your request, which puts you more or less in a safe harbour. From that point onwards I would definitely accept the suggestions that have been offered by others in this thread. May I note that this thread is very local to Italy, others in the list do not even get the point of your request. There are not enough Italians in this list to help you out. I think you should address Italian resources to understand what you can do or not. Start googling from here: http://www.google.com/search?q=Documento+Programmatico+sulla+Sicurezza -- Best, Roberto Grippi roberto.gri...@gmail.commailto:roberto.gri...@gmail.com mobile +39 331 221.03.27 office +39 091 50.83.823 2011/10/27 HELP_PC g...@enter.itmailto:g...@enter.it That is the point. The password should be in a sealed envelope. But unless I resign or GDF wants access, and I am the only person responsible for the network can I ask to be notified if the envelope Is unsealed? Guido Elia HELPPC Da: Roberto Grippi [mailto:roberto.gri...@gmail.commailto:roberto.gri...@gmail.com] Inviato: mercoledì 26 ottobre 2011 21.39 A: NT System Admin Issues Oggetto: Re: About network admin password Under Italian law any company must record in sealed envelopes ALL passwords, be it users or administrators, without any regards whether they are internal or external. This obligation is intended to document the entire company network, and allow GdF (the local IRS) to avoid answers that amount to denial of access like sorry, cannot remember my password ..., and finally avoid the need of a complete seizure of company computers for the sake of fiscal investigation in lieu of access by properly instructed law enforcer to force access to the company network. HTH Best, Roberto Grippi 2011/10/26 HELP_PC g...@enter.itmailto:g...@enter.it Should an external network admin release to the boss the password ? Should he get a warranty that no other access the network as admin if he didn't leave the job with the company ? - ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: About network admin password
On Thu, Oct 27, 2011 at 9:57 AM, HELP_PC g...@enter.it wrote: How can I may be sure that another people don't try to get access as admin if they know the password.Track every logon ? Track every log on, and immediately log the details to a system they don't have access to. (If you only log locally, they can modify the log records.) Possibly less intensive is to not simply give them the password. Instead, give them a record of the password under opaque seal. Periodically audit the seal to make sure it hasn't been broken. If they need some access normally: Create a separate account, with separate credentials. Grant that account the least privilege they need to do their job. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
R: About network admin password
Could be fine Guido Elia HELPPC -Messaggio originale- Da: Ben Scott [mailto:mailvor...@gmail.com] Inviato: giovedì 27 ottobre 2011 16.05 A: NT System Admin Issues Oggetto: Re: About network admin password On Thu, Oct 27, 2011 at 9:57 AM, HELP_PC g...@enter.it wrote: How can I may be sure that another people don't try to get access as admin if they know the password.Track every logon ? Track every log on, and immediately log the details to a system they don't have access to. (If you only log locally, they can modify the log records.) Possibly less intensive is to not simply give them the password. Instead, give them a record of the password under opaque seal. Periodically audit the seal to make sure it hasn't been broken. If they need some access normally: Create a separate account, with separate credentials. Grant that account the least privilege they need to do their job. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
I: About network admin password
Reposted Inizio: HELP_PC Inviato: mercoledì 26 ottobre 2011 10.00 Fine: NT System Admin Issues Oggetto: About network admin password Should an external network admin release to the boss the password of the server ? Should he get a warranty that no other access the network as admin if he didn't leave the job with the company ? TIA ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: I: About network admin password
Not sure what your asking here. On Wed, Oct 26, 2011 at 9:47 AM, HELP_PC g...@enter.it wrote: Reposted -- *Inizio:* HELP_PC *Inviato:* mercoledì 26 ottobre 2011 10.00 *Fine:* NT System Admin Issues *Oggetto:* About network admin password Should an external network admin release to the boss the password of the server ? Should he get a warranty that no other access the network as admin if he didn't leave the job with the company ? TIA ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: About network admin password
If I'm unterstanding you, a client of yours is asking for the admin password for his system. Yes. If it is the sole administrator account, then yes, he has a right to it. Sounds like you might be disengaging from a messy client, though. You should generate a signed checklist and go through things with him, the last one being changing the administrator password, (not necessarily giving it to him). If the password isn't changed, you have less of a defense of being able to access that network. On Wed, Oct 26, 2011 at 4:00 AM, HELP_PC g...@enter.it wrote: Should an external network admin release to the boss the password ? Should he get a warranty that no other access the network as admin if he didn't leave the job with the company ? TIA ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: I: About network admin password
If I'm understanding your question correctly, then I'd say yes. However, whether you're employed externally or internally shouldn't matter. If you want a measure of security, give the admin password to the manager inside a sealed envelope, and then if you have reason to believe that the admin password has been used without notification or sufficient reason, then you can ask to see the envelope to see if the seal has been broken. This gives assurance to the manager that if you're unavailable that they can still get at the system, and gives you assurance that they won't unnecessarily perform admin functions, or at least that if they do that you can show that there's a reasonable chance that it wasn't you that FUBARed something. Kurt On Wed, Oct 26, 2011 at 06:47, HELP_PC g...@enter.it wrote: Reposted Inizio: HELP_PC Inviato: mercoledì 26 ottobre 2011 10.00 Fine: NT System Admin Issues Oggetto: About network admin password Should an external network admin release to the boss the password of the server ? Should he get a warranty that no other access the network as admin if he didn't leave the job with the company ? TIA ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: About network admin password
For what I think Im reading: Yes, the IT director or whoever you report to should have a list of all passwords: Domain Admin, service accounts, local admin, etc. They should be recorded and ideally kept in a safe. Failing that, the head of the department should at least have a soft copy of the information. If you get hit by a bus, have a family emergency, get sick, etc. these passwords and your documentation should be available. That being said, no one should access the network using the admin passwords, etc. without your knowledge. Effective communication is the key here, when it comes to something like this then having at the very least an email of understanding would document it. From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] Sent: Wednesday, October 26, 2011 11:09 AM To: NT System Admin Issues Subject: RE: About network admin password Im afraid something is getting lost in translation here. In English, these questions dont quite make sense. I want to help, but Im not quite sure what youre asking. John Hornbuckle, MSMIS, PMP MIS Department Taylor County School District www.taylor.k12.fl.us _ Inizio: HELP_PC Inviato: mercoledì 26 ottobre 2011 10.00 Fine: NT System Admin Issues Oggetto: About network admin password Should an external network admin release to the boss the password of the server ? Should he get a warranty that no other access the network as admin if he didn't leave the job with the company ? TIA ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: About network admin password
Under Italian law any company *must* record in sealed envelopes ALL passwords, be it users or administrators, without any regards whether they are internal or external. This obligation is intended to document the entire company network, and allow GdF (the local IRS) to avoid answers that amount to denial of access like sorry, cannot remember my password ..., and finally avoid the need of a complete seizure of company computers for the sake of fiscal investigation *in lieu *of access by properly instructed law enforcer to force access to the company network. HTH Best, Roberto Grippi 2011/10/26 HELP_PC g...@enter.it Should an external network admin release to the boss the password ? Should he get a warranty that no other access the network as admin if he didn't leave the job with the company ? - ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: About network admin password
I would say it would depend. Previous $dayjob$ each Admin (DA or local) had their own password and only shared access to the Enterprise password that was kept sealed and changed after each use. Any DA could change any other password and get access but doing so would leave an audit trail. Current $dayjob$ has things a lot different DA and Enterprise Admin passwords are kept in a software repository kept on site with any admin being able to get into the password safe but doing so will send out alerts to the Security staff and IT administration staff. If they see you just looking around you get called in and questioned about your access. If you go in get a specific password and get out they don't question it nearly as much if you notify one of the administrator's afterwards of the reason you went into the safe they don't question it at all. Jon On Wed, Oct 26, 2011 at 3:38 PM, Roberto Grippi roberto.gri...@gmail.comwrote: Under Italian law any company *must* record in sealed envelopes ALL passwords, be it users or administrators, without any regards whether they are internal or external. This obligation is intended to document the entire company network, and allow GdF (the local IRS) to avoid answers that amount to denial of access like sorry, cannot remember my password ..., and finally avoid the need of a complete seizure of company computers for the sake of fiscal investigation *in lieu *of access by properly instructed law enforcer to force access to the company network. HTH Best, Roberto Grippi 2011/10/26 HELP_PC g...@enter.it Should an external network admin release to the boss the password ? Should he get a warranty that no other access the network as admin if he didn't leave the job with the company ? - ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: About network admin password
Jon - what software repository are you using? On Wed, Oct 26, 2011 at 7:13 PM, Jon Harris jk.har...@gmail.com wrote: I would say it would depend. Previous $dayjob$ each Admin (DA or local) had their own password and only shared access to the Enterprise password that was kept sealed and changed after each use. Any DA could change any other password and get access but doing so would leave an audit trail. Current $dayjob$ has things a lot different DA and Enterprise Admin passwords are kept in a software repository kept on site with any admin being able to get into the password safe but doing so will send out alerts to the Security staff and IT administration staff. If they see you just looking around you get called in and questioned about your access. If you go in get a specific password and get out they don't question it nearly as much if you notify one of the administrator's afterwards of the reason you went into the safe they don't question it at all. Jon On Wed, Oct 26, 2011 at 3:38 PM, Roberto Grippi roberto.gri...@gmail.comwrote: Under Italian law any company *must* record in sealed envelopes ALL passwords, be it users or administrators, without any regards whether they are internal or external. This obligation is intended to document the entire company network, and allow GdF (the local IRS) to avoid answers that amount to denial of access like sorry, cannot remember my password ..., and finally avoid the need of a complete seizure of company computers for the sake of fiscal investigation *in lieu *of access by properly instructed law enforcer to force access to the company network. HTH Best, Roberto Grippi 2011/10/26 HELP_PC g...@enter.it Should an external network admin release to the boss the password ? Should he get a warranty that no other access the network as admin if he didn't leave the job with the company ? - ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: About network admin password
ManageEngine Password Manger Pro is what the link is going to. They seem to like it a lot here. Jon On Wed, Oct 26, 2011 at 7:34 PM, Kevin Lundy klu...@gmail.com wrote: Jon - what software repository are you using? On Wed, Oct 26, 2011 at 7:13 PM, Jon Harris jk.har...@gmail.com wrote: I would say it would depend. Previous $dayjob$ each Admin (DA or local) had their own password and only shared access to the Enterprise password that was kept sealed and changed after each use. Any DA could change any other password and get access but doing so would leave an audit trail. Current $dayjob$ has things a lot different DA and Enterprise Admin passwords are kept in a software repository kept on site with any admin being able to get into the password safe but doing so will send out alerts to the Security staff and IT administration staff. If they see you just looking around you get called in and questioned about your access. If you go in get a specific password and get out they don't question it nearly as much if you notify one of the administrator's afterwards of the reason you went into the safe they don't question it at all. Jon On Wed, Oct 26, 2011 at 3:38 PM, Roberto Grippi roberto.gri...@gmail.com wrote: Under Italian law any company *must* record in sealed envelopes ALL passwords, be it users or administrators, without any regards whether they are internal or external. This obligation is intended to document the entire company network, and allow GdF (the local IRS) to avoid answers that amount to denial of access like sorry, cannot remember my password ..., and finally avoid the need of a complete seizure of company computers for the sake of fiscal investigation *in lieu *of access by properly instructed law enforcer to force access to the company network. HTH Best, Roberto Grippi 2011/10/26 HELP_PC g...@enter.it Should an external network admin release to the boss the password ? Should he get a warranty that no other access the network as admin if he didn't leave the job with the company ? - ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
R: About network admin password
That is the point. The password should be in a sealed envelope. But unless I resign or GDF wants access, and I am the only person responsible for the network can I ask to be notified if the envelope Is unsealed? Guido Elia HELPPC Da: Roberto Grippi [mailto:roberto.gri...@gmail.com] Inviato: mercoledì 26 ottobre 2011 21.39 A: NT System Admin Issues Oggetto: Re: About network admin password Under Italian law any company must record in sealed envelopes ALL passwords, be it users or administrators, without any regards whether they are internal or external. This obligation is intended to document the entire company network, and allow GdF (the local IRS) to avoid answers that amount to denial of access like sorry, cannot remember my password ..., and finally avoid the need of a complete seizure of company computers for the sake of fiscal investigation in lieu of access by properly instructed law enforcer to force access to the company network. HTH Best, Roberto Grippi 2011/10/26 HELP_PC g...@enter.itmailto:g...@enter.it Should an external network admin release to the boss the password ? Should he get a warranty that no other access the network as admin if he didn't leave the job with the company ? - ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin