Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: Domain Admin Access...

  1. #1
    Senior Member
    Join Date
    May 2004
    Posts
    140

    Question Domain Admin Access...

    I work for a bank and we have a guy who is in our Operations department. He runs some software called Fundtech. This software requres domain admin access. I was running some reports and found that he had domain admin access and asked the network Manager about it. He said they tried messing with file permmisions and everything they could and couldnt get it to run without the Domain admin access.
    There has to be a registry entry or something i can change? can you gusy help me with this? what can i do to detrmine what needs to change? I am the new (no experiance) security admin and this is a problem in my eyes.

    Thanks, J
    Romans 7:14-20
    14 We know that the law is spiritual; but I am unspiritual, sold as a slave to sin. 15 I do not understand what I do. For what I want to do I do not do, but what I hate I do. 16 And if I do what I do not want to do, I agree that the law is good. 17 As it is, it is no longer I myself who do it, but it is sin living in me. 18 I know that nothing good lives in me, that is, in my sinful nature. For I have the desire to do what is good, but I cannot carry it out.

  2. #2
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Did anyone try calling them and asking their Tech staff?

    Try here
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  3. #3
    Senior Member
    Join Date
    May 2004
    Posts
    140
    tigershark, they say they did, yes and its just somehting they dont know how to fix? i dont know that i beleive that...
    Romans 7:14-20
    14 We know that the law is spiritual; but I am unspiritual, sold as a slave to sin. 15 I do not understand what I do. For what I want to do I do not do, but what I hate I do. 16 And if I do what I do not want to do, I agree that the law is good. 17 As it is, it is no longer I myself who do it, but it is sin living in me. 18 I know that nothing good lives in me, that is, in my sinful nature. For I have the desire to do what is good, but I cannot carry it out.

  4. #4
    Senior Member
    Join Date
    Mar 2004
    Location
    Colorado
    Posts
    421
    Have you spent time with the program?
    What / Where does the program read/write to or from?

    What could it possible do that requires "domain" admin to run..??

    I have seen a few software packages that use local admin to cause less problems for
    lazy admins.

    What platform are you running?

    Does something run as a service?

    Does it write to AD or system files?

    Its just so hard to see a vendor selling such nonsense...

  5. #5
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,785
    call the vender yourself and find out the scoop, what have you got to loose. they probably have an old version of the software they dont want to pay to update. if your responsibe for what happens there you better find out and get them to state in writing that they have been told/warned about it because if something does go wrong it's you they'll blame...what do they know about security
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  6. #6
    Senior Member
    Join Date
    May 2004
    Posts
    140
    Ill call the vendor monday morning.. thanks guys
    Romans 7:14-20
    14 We know that the law is spiritual; but I am unspiritual, sold as a slave to sin. 15 I do not understand what I do. For what I want to do I do not do, but what I hate I do. 16 And if I do what I do not want to do, I agree that the law is good. 17 As it is, it is no longer I myself who do it, but it is sin living in me. 18 I know that nothing good lives in me, that is, in my sinful nature. For I have the desire to do what is good, but I cannot carry it out.

  7. #7
    Member
    Join Date
    Dec 2003
    Posts
    59
    We have a Veritas Backup Solution that requires domain admin access..no getting around it.

  8. #8
    Senior Member
    Join Date
    May 2004
    Posts
    140
    but that is just a service acount right? where as this is a persons account.
    Romans 7:14-20
    14 We know that the law is spiritual; but I am unspiritual, sold as a slave to sin. 15 I do not understand what I do. For what I want to do I do not do, but what I hate I do. 16 And if I do what I do not want to do, I agree that the law is good. 17 As it is, it is no longer I myself who do it, but it is sin living in me. 18 I know that nothing good lives in me, that is, in my sinful nature. For I have the desire to do what is good, but I cannot carry it out.

  9. #9
    Senior Member
    Join Date
    Feb 2002
    Posts
    130
    We have a Veritas Backup Solution that requires domain admin access..no getting around it.
    Well if you want to back up all the files you do kinda need to have access to them first

  10. #10
    Senior Member
    Join Date
    Jun 2004
    Posts
    460
    if you wanted to, you could disable interactive logon, so then the program can only use the access to what it needs on the network and the privalages won't be abused as easily, that is what we do when we use symntec ghost.
    [gloworange]find / -name \"*your_base*\" -exec chown us:us {} \\;[/gloworange] [glowpurple]Trust No One[/glowpurple][shadow] Use Hardened Gentoo [/shadow]
    CATAPULTAM HABEO. NISI PECUNIAM OMNEM MIHI DABIS, AD CAPUT TUUM SAXUM IMMANE MITTAM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •