Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Finance | Project Operations, Human Resources, ... / Off boarding members o...
Finance | Project Operations, Human Resources, ...
Unanswered

Off boarding members of sysadmin team

(0) ShareShare
ReportReport
Posted on by HarryDesh 67

hi

We are concerned that most members of our ax support team have access to Sysadmin login and password.  This is an issue since these members can continue to access Production even after they are off boarded unless axadmin password is reset. Resetting axadmin password is risky since it might break integrations etc. 

Our plan is to implement the following

1) Create a user called say 'AXAdminNonProd', add it in PROD but do not enable it. 

2) Deploy all lower environments as AXAdminNonProd, so that this user is automatically enabled after refresh from PROD.

3) Restrict AXAdmin password to select few members. One of these people will be responsible for setting up batch jobs. Support team to provide screenshots when a new batch job is being setup in PROD. 

4) Reset AXAdminNonProd password whenever a member of support team is off boarded.

 

Any other suggestion?

regards

  • Martin Dráb Profile Picture
    Martin Dráb 231,782 Most Valuable Professional on at
    RE: Off boarding members of sysadmin team

    And don't use admin account for non-admin activities, such us integration. Not only it complicates password changes, but more importantly you're giving integration processes very dangerous permissions.

  • André Arnaud de Calavon Profile Picture
    André Arnaud de Cal... 292,916 Super User 2025 Season 1 on at
    RE: Off boarding members of sysadmin team

    Hi Harry,

    At least make sure that the axadmin account has no direct access from outside your network. Then you are able to block the normal user accounts and prevent abuse of this account. And indeed limit the number of users which has knowledge of the admin account.

  • Ludwig Reinhard Profile Picture
    Ludwig Reinhard Microsoft Employee on at
    RE: Off boarding members of sysadmin team

    Hello HarryDesh,

    Are these ax support team people in-house persons or externals?

    If they are internals and need to support all of your application related questions and issues they might need system admin rights even in prod.

    How many people do have those rights?

    Best regards,

    Ludwig

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Daivat Vartak – Community Spotlight

We are honored to recognize Daivat Vartak as our March 2025 Community…

Announcing Our 2025 Season 1 Super Users!

A new season of Super Users has arrived, and we are so grateful for the daily…

Kudos to the February Top 10 Community Stars!

Thanks for all your good work in the Community!

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 292,916 Super User 2025 Season 1

#2
Martin Dráb Profile Picture

Martin Dráb 231,782 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156 Moderator

Leaderboard

Featured topics

End-of-life Announcement for Microsoft Dynamics GP

Product updates

Dynamics 365 release plans