Types of Accounts and their Uses
All user accounts in Active Directory and 389 can only be created by ITS automatic provisioning infrastructure or by the Identity and Access Management Group.
...
When possible, password must be unique with a minimum length must be of 20 characters.
If available, the account and password must be stored in the approved University Controlled Password Manager.
...
Departmental accounts will not be granted administrative privileges on any system and must not be used to authenticate services or applications to Active Directory or LDAP 389.
...
Guest Access Account
A generic account is an account sponsored by an active University faculty or staff member and used to grant individual access. These accounts, although may be used by an individual, do not guarantee any singular person is using the account.
These accounts are intended for use to access such things as wikis, file shares , and research computing. They are created and maintained in the OU Generic in Active Directory and in the People OU for 389.
...
| Type of Account | Used to gain Privileged Access | Password Storage | Password | Used to authenticate a service or application for Directory Services |
|---|---|---|---|---|
| NetID Account | No | User's discretion to keep the password private and secure | Personal | No |
| Administrative Account | Yes | Enterprise Password Management solution | Personal | No |
| Vendor Account | No | User's discretion to keep the password private and secure | Personal | No |
| Privileged Vendor Account | Yes | Enterprise Password Management solution | Personal | No |
| Service Account | Yes | Enterprise Password Management solution | non-Personal | Yes |
| Departmental Account | No | User's discretion to keep the password private and secure | non-Personal | No |
| Generic Account | No | User's discretion to keep the password private and secure | Personal | No |
| Event Access Account | No | User's discretion to keep the password private and secure | non-Personal | No |
...