What's the best account to be used?

[Guest]

Hi,
I just wanna know what is the best account to be used on my
workstation?,domain user login, user local login or local admin. By the way
I'm holding a position same as a junior tech support.

 

[Tom Willett]

Well, are you in a domain? Stands to reason you would want a domain user
login.
As a member of your *senior* tech support.

| Hi,
| I just wanna know what is the best account to be used on my
| workstation?,domain user login, user local login or local admin. By the
way
| I'm holding a position same as a junior tech support.

 

[Guest]

Yes, we are on domain, my point is i have read from microsoft resources and
it said that it is preferable to login on domain user account than logging as
a local admin due to threats/viruses will capitalize your previledge and
could do more damage.

 

[Lanwench [MVP - Exchange]]

Yes, we are on domain, my point is i have read from microsoft
resources and it said that it is preferable to login on domain user
account than logging as a local admin due to threats/viruses will
capitalize your previledge and could do more damage.

I think you may be confusing local accounts, and the local admin account
specifically, with local admin *permissions* - which can be held by a domain
account.
Users should not have administrative (or power user) rights using their
domain accounts, and users should not have local workstation accounts at
all.
The local Administrator account should have a good password set on it (which
users do not know).
Tech support staff will at times need administrative rights to workstations,
but this can be accomplished by domain group membership (e.g., a domain
group called LocalAdmin can belong to the workstation group Administrators).

Even admins/techs should operate their computers using regular user rights
as a matter of course, and have a separate account they use for tech
support/troubleshooting.

Hope this helps.