Changing Admin password every 45 days?

[Mark]

Our new security policy states that we must change our Administrator
passwords every 45 days. What if any reprocussions can I expect in relation
to AD/Services etc? Will this affect the GC etc?


Thank you

 

[David Brandt [MSFT]]

That shouldn't affect logging on with the Administrator account (for you
personally etc) and the gc shouldn't be affected either. If services have
been specified to logon with that account, and the pw entered in the service
logon properties window, these will need to be updated to the new pw as
well.

--
David Brandt
Microsoft Corporation

This posting is provided "AS IS" with no warranties, and confers no rights.
Please do not send e-mail directly to this alias. This alias is for
newsgroup purposes only.

 

[Cary Shultz [A.D. MVP]]

Further to what David stated, please beware of using the Administrator
account credentials for services when faced with this situation ( changing
the password every 45 days ). You are possibly creating a whole slew of
problems for yourself that can easily be avoided.

I might suggest creating another user account and making sure that this
account has similar "abilities" ( maybe simply adding this account to the
'Domain Admins' group will take care of it?? Depends on what you are using
this account to do ). My boss often uses the Administrator account for many
'services'. If you are familiar with the McAfee A/V VirusScan ver 4.51
software then you will know that an option is to use a mirror server ( to
collect and hold all of the updates ) and that you will need to configure
your other servers and clients to do the 'Auto Updates' as well as the Scan.
You will need to supply a user account and password for your WIN2000 and
WINXP clients. Using the Administrator account would cause a whole lotta
work for you every 45 days as you would need to touch each and every machine
in your environment in your situation!

HTH,

Cary