...
The use of NetID accounts is limited to non-privileged user activities such as accessing email, file shares, web browsers, workstations, and nonprivileged access application access. These accounts will not be granted administrative privileges on hosts or used to authenticate services or applications to Active Directory.
Active Directory:
389:
Privileged Accounts
All users who have elevated access to a system or service will have a secondary account used solely for tasks that require greater administrative access. These accounts will be created and maintained in the OU Admin in Active Directory and can only be acted on by Domain Admins. In 389 these accounts are stored in the OU People and access is restricted to System Admins.
...