We are using SQL Server 7 and one of it's features is the ability to email alerts to operators when automated processes fail or experience problems.
The concern is that this requires an account to be created on the Exchange server for SS7 to be able to send the email. This account requires (from my understanding) to be a 'domain user' and a 'local administrator'.
This causes a security hole as the domain administrators have the ability to rest the password on this domain account and thereby gain administrator access to several servers (running NT4) that they are not supposed to be able to access.
Is anyone aware of a work-around for this problem or any other way of accessing the exchange server without allowing external administrators the ability to access secured servers? [sig][/sig]
The concern is that this requires an account to be created on the Exchange server for SS7 to be able to send the email. This account requires (from my understanding) to be a 'domain user' and a 'local administrator'.
This causes a security hole as the domain administrators have the ability to rest the password on this domain account and thereby gain administrator access to several servers (running NT4) that they are not supposed to be able to access.
Is anyone aware of a work-around for this problem or any other way of accessing the exchange server without allowing external administrators the ability to access secured servers? [sig][/sig]
