TechNet Home > TechNet Security > Library > Server Security

The Administrator Accounts Security Planning Guide

Chapter 1 -Introduction

Updated: June 30, 2005

Executive Summary

Because of their inherent permissions and power, the administrator accounts on computers that run the Microsoft® Windows Server™ 2003 operating system are both the most useful and potentially the most dangerous accounts on your computer. Any other accounts to which you grant the equivalent of administrator privileges present the same high risks.

This guide will be an indispensable resource when you plan strategies to secure administrator-level accounts in Microsoft Windows NT®–based operating systems such as Windows Server 2003 and Windows® XP. It addresses the problem of intruders who acquire administrator account credentials and then use them to compromise the network. The main goal of this guide is to provide prescriptive guidance in terms of the steps you can take to secure your local and domain-based administrator-level accounts and groups. This guidance is based on Microsoft Security Center of Excellence (SCoE) experience in customer environments and represents Microsoft best practices.

Overview

An important aspect of your network security is the management of users and groups that have administrative access to the local account database on stand-alone computers and domain member computers, and to the Active Directory® directory service on your domain controllers. There are primarily two kinds of attackers that you should guard against:

•	Malicious individuals who obtain administrative-level access to member servers or domain controllers, could breach the security of your entire network. These individuals might be unauthorized users who have obtained administrative passwords, or legitimate administrators who are coerced or disgruntled.
•	Users who are granted administrative access. These individuals might inadvertently cause problems because they fail to understand the ramifications of configuration changes.

Unauthorized or unknowledgeable people who have administrator privileges can maliciously or accidentally damage your organization if they copy or delete confidential data, spread viruses, or disable your network. It is vitally important to properly manage the users and groups that have administrative control over the servers and domain controllers in your network.

The default Windows Server 2003 security settings are sufficient to secure local and Active Directory accounts against many types of threats. However, you must strengthen some of the default settings for administrative accounts to enhance the level of security of your network, and this guide will help you with that task.

Adherence to the principles and best practices in this guide can help reduce the risk of unauthorized users who gain administrative access to domain controllers, member servers, and Active Directory. The security of administrator accounts is an important initiative for organizations that seek to fully secure their network assets.

Who Should Read This Guide

The intended primary audience for this guide is consultants, security specialists, systems architects, and IT professionals who are responsible for the planning stages of application or infrastructure development and the deployment of Windows Server 2003. These roles include some common job descriptions:

•	Architects and planners who drive the architecture efforts for the clients in their organizations
•	IT security specialists who provide security across the platforms within their organizations
•	Enterprise architects who manage the entire enterprise rather than any one specific network
•	IT managers whose responsibility it is to determine what technology should be used to solve certain business problems
•	Business analysts and business decision makers (BDMs) who have critical business objectives and requirements that depend on client support
•	Consultants from both Microsoft Services and partners who need detailed resources of relevant and useful information for enterprise customers and partners

Although written primarily for these roles, the Administrator Accounts Security Planning Guide can also be helpful to IT generalists in medium and large organizations, and the Infrastructure, Operations, and Security team roles identified in the Microsoft Operations Framework (MOF) Team Model. For more information about MOF, see the Microsoft Operations Framework home page at www.microsoft.com/technet/itsolutions/cits/mo/mof/default.mspx.

Top of page

Planning Guide Overview

This guide includes:

Chapter 1: Introduction

This chapter provides an executive summary and overview and suggests the recommended audience for the guide. It also provides an overview of the chapters in this guide.

Chapter 2: The Approach to Making Administrator Accounts More Secure

This chapter provides an overview of the administrative user accounts and groups that you can use to log on to a computer or domain and describes the principles to apply when planning to secure administrator accounts.

Chapter 3: Guidelines for Making Administrator Accounts More Secure

This chapter describes some best practice guidelines to follow when securing administrative accounts. These guidelines follow the principles that the previous chapter discussed.

Chapter 4: Summary

This chapter summarizes the guidance provided and addresses the problems that can occur when you apply this guidance. It also provides links to further reading materials that you might find useful.