PDA

View Full Version : Help desk and Passwords security

lnewman
Oct 6, 2006, 10:22 AM
We have are in the process of implementing and enforcing strong passwords at our company.
From a help desk point of view we are trying to come up with the best method and most secure method of supporting our users.

When a user logs a help desk request it is in most cases necessary for the help desk personnel to login under the users profile to correct the problem.

The help desk personnel have domain admin rights and could reset the users password, but we would prefer not to do this time.

We could have the user input there password into the help desk ticket but we prefer not to do this either.

We use remote deskop and netmeeting remotley manage the users desktop.

Does anyone have a better sugestion to manage users desktops from a help desk perspective? How do you obtain the users password securely if you need to be logged in uner the users profile to resolve the problem such as setting up their email under their profile.
Curlyben
Oct 6, 2006, 10:53 AM
Remote access such as PCanywhere?
NeedKarma
Oct 6, 2006, 11:06 AM
We used Microsoft SMS: http://www.microsoft.com/technet/prodtechnol/sms/sms2/proddocs/admhelp/sms2hl10.mspx?mfr=true

More here: http://www.microsoft.com/technet/prodtechnol/sms/sms2003/techfaq/tfaq08.mspx
Curlyben
Oct 6, 2006, 01:12 PM
Now that my daughter's in bed I can continue with what I was referring to earlier.
To add to NK's links, there are a lot of remote tools that can be used.
I use Dameware (http://www.dameware.com/) for access and find it works a treat.

At least this way you don't need to worry about having the users password and you can still have admin rights to their machines.
lnewman
Oct 6, 2006, 01:23 PM
So with Dameware it is possible to login with the "users account" with out haviong their password?
Curlyben
Oct 6, 2006, 02:03 PM
As with all remote apps you connect as yourself while the user is logged in and access their desktop as if youwhere them.
The users desktop must be unlocked otherwise you still run into the password issue.

The main advantage of using remote access apps is that you can interact with the affected machine while the user explains to you the problem in real time.
Gareth Lynham
Oct 10, 2006, 07:30 AM
It is not clear if you are trying to help people inside or outside your company! I would help if I knew if it was inside or outside.
lnewman
Oct 10, 2006, 08:30 AM
We are on a single Windows 2000 domain. I am helping users within the domain internally.
Thanks.