A security warning on Domain Controllers

Spread the love

I ran across a post on TechNet today with questions on what security holes could be opened to administrators to SCOM; I wanted to point out one of the largest items that may not be immediately apparent.

This applies specifically to Domain Controllers, but once someone has access there its pretty much a free-for-all to your domain.

If your SCOM agent runs as local system on the Domain Controllers and scripts launched from the agent could potentially have Domain Administrator Level access to the AD infrastructure.

More on the Local-System and Domain interaction here: http://social.technet.microsoft.com/Forums/windowsserver/en-US/652e82f1-fdb6-46b7-b90e-c62fb37d583a/system-account-in-domain-controller?forum=winserverDS

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload the CAPTCHA.