Search questions and share your knowledge with the world here on Questionpoint.
Home > Backup and Recovery Interview Questions > How do I explain Domain Admin privileges to a non-...

:: Categories ::

Interview Question in Backup and Recovery


 

Interview Question :: How do I explain Domain Admin privileges to a non-IT person


My direct boss, who has others above them, somewhat freaked out yesterday when they noticed I could access any drive, directory, file and email box on the company domain. I was showing them a demo as they were asking about obtaining information for possible legal matters. The conversation then went into me trying to explain why I had these abilities (they started conversation, not me), with a breakdown on admin, domain admin and enterprise admin privs.

I felt it was a discredit to my integrity, explaining that all admins have these rights and it's part of how they do their job. They were worried about financial files, president/VP data, their data, etc. Wasn't the answer they were looking for, and it made me feel like my new job was in jeopordy.

I am the sole admin for about 80 users, and growing. I deal with remote users; everything from file/directory access permissions, to managing users/pc's, backup, sql, etc.

How do I explain my job without losing my job?
Answers to "How do I explain Domain Admin privileges to a non-IT person"
RE: How do I explain Domain Admin privileges to a non-IT person?

WHo unlocks the file cabinets when the keys get lost?



How will they get problems with these files fixed unless someone has permission to fix the problems?



It's a standard job; point them to windows Admin information
 
Vote for this answer ::  
RE: How do I explain Domain Admin privileges to a non-IT person?

You can explain to him that these rights are necessary for you to perform your day-to-day duties. New users need to be added by admins. A new printer needs to be added by an admin. If you needed to restore a file from the backup, you need to be an admin. And so on, and so on.



If they still don't go for that, as a compromise, set up a new account as a domain admin, and use that account only when you need to perform admin duties. I know it is a pain in the rear, but sometimes you just have to complicate things to make the people that control your life at work happy.
 
Vote for this answer ::  
RE: How do I explain Domain Admin privileges to a non-IT person?

lock them out for 1 day to show them who is boss!!! LOL



NON IT Babble.. I am like the janitor, I have the keys to all the offices so that I can clean up any mess that some one makes with their PC.

That is why they are paying you so much money, YOU will be the one called at 2 am with a PC problem and not them!



To correct the glitches you need to go where the problem is in the system and that you can not do your job properly with out this access.
 
Vote for this answer ::  
RE: How do I explain Domain Admin privileges to a non-IT person?

They are right to have concerns.



What you do is acknowledge that, and work with the execs and IT managers to fortunate, and then implement a policy for access.



What may end up happening is that you end up keeping access, but a formal policy of audit trails is implemented, along with a formal policy for reviewing there is no improper access.



This is essentially akin to the accounting principle that one person should not be in charge of all the accounts - it has been known since the Renaissance that this is a financial security hole.



Probably most of this is covered, if you take certain certification courses. so you can start by committing to take continuous certification training, at the company's expense of course. That should give people a good feeling to start, and then make it easy to simultaneously research and discuss the policies above.



Yiou should also plan on how you are going to hire additional peole. as you are close or at the limit where more are needed. Make sure you have policies that will apply to new hires, who may be more or less senior then you.
 
Vote for this answer ::  
Update Alert Setting

Top Tags



- Sharepoint Developer Interview Questions - Java Interview Questions - J2EE Interview Questions - ASP.NET Interview Questions - MOSS 2007 Interview Questions - WPF Interview Questions - Microsoft CRM Interview Questions - Technical Interview Questions for Programmers
Home | Terms Of Service | Contact Us | Site Blog | Investors | Advertise With Us | Disclaimer | Privacy Policy | Questionpoint Widget
© Questionpoint 2008 User-posted content, unless source quoted, is licensed under a Creative Commons Public Domain License