The Administrator Accounts Security Planning Guide


Download this Solution Accelerator

Click here to download The Administrator Accounts Security Planning Guide from the Microsoft Download Center.

About This Solution Accelerator

An important aspect of your network security is the management of users and groups that have administrative access to the local account database on stand-alone computers and domain member computers, and to the Active Directory directory service on your domain controllers. There are primarily two kinds of attackers that you should guard against:

  • Malicious individuals who obtain administrative-level access to member servers or domain controllers, could breach the security of your entire network. These individuals might be unauthorized users who have obtained administrative passwords, or legitimate administrators who are coerced or disgruntled.
  • Users who are granted administrative access. These individuals might inadvertently cause problems because they fail to understand the ramifications of configuration changes.

Unauthorized or unknowledgeable people who have administrator privileges can maliciously or accidentally damage your organization if they copy or delete confidential data, spread viruses, or disable your network. It is vitally important to properly manage the users and groups that have administrative control over the servers and domain controllers in your network.

The default Windows Server 2003 security settings are sufficient to secure local and Active Directory accounts against many types of threats. However, you must strengthen some of the default settings for administrative accounts to enhance the level of security of your network, and this guide will help you with that task.

Adherence to the principles and best practices in this guide can help reduce the risk of unauthorized users who gain administrative access to domain controllers, member servers, and Active Directory. The security of administrator accounts is an important initiative for organizations that seek to fully secure their network assets.

Included in the Download

The Administrator Accounts Planning Security Guide includes the following components

  • The Administrator Accounts Security Planning Guide.pdf

In More Detail

This guide includes:

Chapter 1: Introduction

This chapter provides an executive summary and overview and suggests the recommended audience for the guide. It also provides an overview of the chapters in this guide.

Chapter 2: The Approach to Making Administrator Accounts More Secure

This chapter provides an overview of the administrative user accounts and groups that you can use to log on to a computer or domain and describes the principles to apply when planning to secure administrator accounts.

Chapter 3: Guidelines for Making Administrator Accounts More Secure

This chapter describes some best practice guidelines to follow when securing administrative accounts. These guidelines follow the principles that the previous chapter discussed.

Chapter 4: Summary

This chapter summarizes the guidance provided and addresses the problems that can occur when you apply this guidance. It also provides links to further reading materials that you might find useful

Related Resources

See other Solution Accelerators that focus on security at the Security Solution Accelerators site on Microsoft TechNet.

Community and Feedback

  • The Microsoft Solutions for Security and Compliance (MSSC) team would appreciate your thoughts about this and other security solutions.
  • Have an opinion? Let us know on the Security Solutions Blog for the IT Professional.
  • Or e-mail your feedback to the following address: We respond often to feedback that is sent to this mailbox.
  • If you’ve used a Solution Accelerator within your organization, please share your experience with us by completing this short survey (less than ten minutes long).

About Solution Accelerators

Solution Accelerators are authoritative resources that help IT pros plan, deliver, operate, and manage IT systems that address real-world scenarios. Solution Accelerators provide free, prescriptive guidance and automation to accelerate cross-product integration, core infrastructure development, and other enhancements.

Sign Up to receive the Solution Accelerator Notifications newsletter so that you can stay informed about new Solution Accelerator releases and updates. The newsletter covers such areas of interest as

  • Communication & Collaboration
  • Security, Data Protection, & Recovery
  • Deployment
  • Operations & Management

Download This Accelerator

Click here to download The Administrator Accounts Security Planning Guide from the Microsoft Download Center.