[Freeipa-users] Pro/Con on Admin accounts
Ash Alam
aalam at paperlesspost.com
Fri Apr 17 16:11:24 UTC 2015
Hello
I wanted to get some input on what your approach is for admin accounts. In
the past i approached it where you have a user `John Doe` he has a normal
user account for everyday tasks (wifi, anything that talks ldap). He also
has an admin account for when he needs to administer ipa, active directory
etc.
There are few groups of thought around this. Mine being that admin
permissions should not be granted to accounts that are not specifically
create to administer ipa/ad. I have worked at places where admin and user
accounts were one in the same and others where they were separated.
Currently i have an opportunity to start fresh and wanted to get some input
as to what the best approach would be. Freeipa and its developers are
security conscious and its built around security so getting your though on
this would be great.
Thank You
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150417/a86d4208/attachment.htm>
More information about the Freeipa-users
mailing list