Educause Security Discussion mailing list archives
Re: Self Provisioned AD Domain Guest Accounts
From: "Schumacher, Adam J." <adamschumacher () CREIGHTON EDU>
Date: Sat, 28 Jul 2012 23:59:45 +0000
We require guests who need an account in AD to be sponsored by a staff or faculty member. There is a web application where the sponsor can log in and enter information about the guest. The guest account is then automatically provisioned and then de-provisioned after a set amount of time. ::Adam
-----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jim Pardonek Sent: Tuesday, July 24, 2012 11:07 To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Self Provisioned AD Domain Guest Accounts Good Morning, We have a need to be able to provide a guest presenter with temporary credentials that would allow them to log in to a classroom podium PC that is on AD. (so the whole CTRL ALT DEL, username and password thing). The problem I am trying to solve is that there is virtually zero support staff available at times to hand the guest the id and password. Does anyone know of or has implemented an automated way (Kiosk?) to be able to have the guest provide something they know to an application and have that app send them the ID and password? Because of the risks of not knowing who the user might be, we are not willing to have the PC autologon. Thanks, Jim James Pardonek, CISSP, CEH Information Security Officer Loyola University Chicago 1032 W. Sheridan Road | Chicago, IL 60660 (: (773) 508-6086
Current thread:
- Self Provisioned AD Domain Guest Accounts Jim Pardonek (Jul 24)
- Re: Self Provisioned AD Domain Guest Accounts Schumacher, Adam J. (Jul 28)