It’s not designed to solve the privilege problem. JEA is considered an administration tool, not a solution for least privilege. These endpoints can also be constrained to restrict what users are able to do on the remote device. The connecting user doesn’t need to know the password for the administrator account. But when users connect to a remote server using PowerShell Just Enough Administration (JEA), the endpoint can be constrained so that only a handful of cmdlets, functions, or even command parameters can be run on the remote – server regardless of the privileges held by the user.Īlternatively, standard users can connect to PowerShell remote endpoints and run commands in the context of a local administrator. When users log in to servers using Remote Desktop, they can do anything that their privileges allow, which often means ‘everything’ because they have an account with local or domain admin rights. ![]() ![]() Users can be granted more granular access to perform administrative tasks on PowerShell endpoints. However, utilizing privileged access management solutions like BeyondTrust Endpoint Privilege Management provides IT staff with a deeper set of capabilities, outside and including windows server management. There are several reasons why PowerShell is a preferred method for managing Windows Server. PowerShell provides a secure way to manage Windows Servers. There’s nothing wrong with Remote Desktop per se but it’s not the most secure or scalable way to manage Windows. Fast forward fifteen years, and while pcAnywhere isn’t around anymore, Remote Desktop is still used as the primary means of administering Windows Server in many organizations. ![]() When I started working in IT, it was common for IT staff to use Remote Desktop, WinVNC, or Symantec pcAnywhere for remote server administration.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |