A crazy idea? 0 (Zero) Admin Model in your production environment? Personally, I don’t think is crazy. First thing to check when running a security audit, is the number of privileged users. Remember that a privileged user is a member of either Enterprise Admins, Domain Admins or Administrators group. The fact is that more members these groups have, the less […]
Category: Delegation Model
The AD Delegation Model will help us organize and secure our directory. This is done based on standard best practices and security guidance. Main goal is to provide a stable service, while maintaining security.
The model itself is built in top of some, well known recommendations, like Least Privileged Access, Segregation of Duties and 0 Admin model, just to name some.
Least Privileged Access
Why 7 if we can do it with 3 Least privileged access is to have nothing more than the permissions you need to complete your task. Every time I get to a new customer, and I need administrative access to the environment, I just get Domain Admin. We could justify this action by going into my background… The years of […]
Active Directory Paradigm
Active Directory Paradigm Blog Merriam-Webster defines Paradigm as “an outstandingly clear or typical example or archetype. Regard science as the paradigm of true knowledge”. And this is exactly what Active Directory Paradigm blog is about. Of course this is not the ultimate AD post, but in my humble opinion, is a very good approach on how to design, implement & […]