Administrator Role Separation
GPTKB entity
Statements (18)
Predicate | Object |
---|---|
gptkbp:instanceOf |
gptkb:security
|
gptkbp:appliesTo |
gptkb:Active_Directory
Microsoft Identity Manager |
gptkbp:category |
access control
identity management |
gptkbp:enables |
delegation of administrative tasks
|
gptkbp:enforcedBy |
least privilege principle
|
https://www.w3.org/2000/01/rdf-schema#label |
Administrator Role Separation
|
gptkbp:prevention |
single administrator from having full control
|
gptkbp:purpose |
reduce risk of privilege misuse
separate administrative duties |
gptkbp:relatedTo |
role-based access control
separation of duties |
gptkbp:requires |
multiple administrator accounts
|
gptkbp:supportedBy |
gptkb:Active_Directory_Domain_Services
Microsoft Identity Manager 2016 |
gptkbp:bfsParent |
gptkb:Read-Only_Domain_Controller_(RODC)
|
gptkbp:bfsLayer |
8
|