There are many threads in this Forum about Admin passwords or Admin accounts being changed by the network Administrator and then only known to them. While the overwhelming majortiy of Administrators are honest hard working professionals, there are the small few who are willing to play havoc with a business that is not theirs. Inlight of this I have made a few simple rules for dealing with these hostile nonprofessionals and their removal.
Please feel free to add any significant and/or realistic suggestions to this thread. Parts of this can also relate to having your only Administrator die and take the Administrator account details with them.
1. ALWAYS make sure you have a Domain Administrator user account and password available to you BEFORE removing them.
2. NEVER give them notice. Immediate dismissal is the only option (personal opinion only)
3. Physically escort them from the premises
4. NEVER let them touch ANY machine after they have been told of their termination.
5. Change ALL Administrator passwords IMMEDIATELY.
6. Look for any backdoor accounts they may have created and disable them. (I say disable because you may identify an account incorrectly and if something stops working it is easier to enable an account than create a new one for the service or application)
You must be logged in to reply to this topic.
Create a free account today to participate in forum conversations, comment on posts and more.