...
(Can a user have two admin accounts..i.e. user moves department.. new a_ would help to remove questions about what access was manitainedlingers from the old job)
Vendor Account
A vendor account can be requested for a vendor only after a contract is in place. The account will follow the naming convention as established in the Privileged Access Standard and is limited to non-privileged user activities such as using the University VPN. These accounts will be created and maintained in the OU Generic in Active Directory, and in People for 389.
...
Departmental accounts will not be granted administrative privileges on any system and should not be used to authenticate services or applications to Active Directory or LDAP 389.
Generic Accounts
A generic account is an account sponsored by an active University faculty or staff member and used by an individual not formally affiliated with the University.
...
Generic accounts will not be granted administrative privileges to any system and should not be used to authenticate services or applications to Active Directory or LDAP 389.
Event Access Accounts
An event access account is an account that is shared by a group to access department resources for a short predefined period of time.
...
Event access account will not be granted administrative privileges to any system and should not be used to authenticate services or applications to Active Directory or LDAP 389.
(Should we put specific password requirements on these accounts?)