"Best practice" for administering users' accounts

H

Heinrich Moser

Hi!

Scenario: You are administrator in a small Windows network.

Problem: Sometimes you need to log on as a specific user on that
user's PC, because you need to configure something (that the user
cannot do himself) or fix a problem that only occurs in his account,
etc. Ideally, this should be done while the user is not there so that
you don't disturb his work.

Unfortunately, Windows does not allow an administrator to log on as
another user without knowing his password, so what is the
"recommended" way of solving this problem?

- Ask all users to give you their passwords and store them in a safe
place?

- Do your maintainance work in the evening and ask the user to stay
logged in on his PC when leaving?

- Reset the user's password and tell him to change it back afterwards?

- Something else? Somehow, all of the above options have their
drawbacks and none is really satisfying...

Greetings,
Heinzi
 
A

Allan

Heinrich Moser said:
Hi!

Scenario: You are administrator in a small Windows network.

Problem: Sometimes you need to log on as a specific user on that
user's PC, because you need to configure something (that the user
cannot do himself) or fix a problem that only occurs in his account,
etc. Ideally, this should be done while the user is not there so that
you don't disturb his work.

Unfortunately, Windows does not allow an administrator to log on as
another user without knowing his password, so what is the
"recommended" way of solving this problem?

- Ask all users to give you their passwords and store them in a safe
place?

- Do your maintainance work in the evening and ask the user to stay
logged in on his PC when leaving?

- Reset the user's password and tell him to change it back afterwards?

- Something else? Somehow, all of the above options have their
drawbacks and none is really satisfying...

Greetings,
Heinzi
Click to expand...
Override (reset) their password ; they probably don't change it frequently
enough anyway. Storing their passwords adds a new security risk so that is
the worst choice of all.
 
L

Leythos

- Reset the user's password and tell him to change it back afterwards?
Click to expand...

And then change it to another password, mark it as much change next
login, then tell the person the password.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
(e-mail address removed) (remove 999 for proper email address)
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

administrator password 4
User accounts 2
user accounts 5
no users, no administrative password 1
Changing HKCU registry permissions for other user, as Admin. 0
Unlocking a locked logon as an administrator 2
Can an admin unlock a pc without logging the user off? 1
Password expiration notice for remote users 3

Top