Most cyber security companies suggest taking a proactive stance when it comes to file security. One of the most important passwords in a company that deals with networked computers is the CRM administrator password. With this password, a hacker could get into every computer file accessible by the administrator as well as reroute or give access to remote computers that would allow theft to occur perpetually. Changing the administrator password every six months is essential to keeping the system secured. Changing the password isn’t hard but it may result in a few system wide side effects that will have to be dealt with after the change.
How to Change the CRM Admin Password
CRM doesn’t come with a unique administrator password system so the password is actually part of the Server Suite. To change the password for the administrator account, follow these steps:
- Select the “Start” button and then type “Administrative Tools” in the search bar and open the link. This will open a new window with a list of options.
- Click on “Group Policy Management.”
- From here, click on “Group Policy Management Editor.”
- Next, choose “Computer Configuration” and “Preferences.”
- This will bring you to the “Control Panel,” option, so click on it.
- Here you will see “Local Users and Groups.” Right-click this option to bring up the next menu you need.
- Choose “New - Local User” and “Update.” This may not seem intuitive but it is the easiest way to update the password.
- Type the word “Administrator” into the “User name” box and enter a new password in the “Password” area. Enter the same password in the “Confirm Password” box and save it. This will overwrite the existing Administrator account and create a new one in its place.
- Once you have saved this new information the system must be restarted for the changes to take effect.
Password Security Considerations
The administrator password allows access to the most powerful programs and most secure areas of the network. If this password becomes compromised, the amount of damage done to the network and the monetary liability of the company can be catastrophic in scale. If the security system is breached, a hacker could potentially steal all of the information on the network, prevent access to any of the files on network servers, or plant keystroke loggers and other identity theft applications in the system.
Hackers aren’t the only threat, though. If a remotely enabled machine is able to get into the administrator permissions sections then the user can manipulate information that is otherwise considered secure. A breach of security, even on the smallest level, can destroy customer confidence and cause a loss of business.
The administrator password should be changed periodically; a set schedule of twice a year is usually acceptable for small businesses and low to medium security operations. Large corporations and companies that deal with high security operations should change their administrator passwords every month.
If there is a change in administrative staffing, a demotion, transfer, termination or other situation in which a person with the administrative password is no longer authorized to access the administrator permissions then a password change should be performed immediately to ensure the integrity of the system. In fact, it should be done before that former employee even leaves the building.
Minor Troubleshooting Issues
In Windows Vista with Service Pack 1 you either need to download and install Service Pack 2 or the Remote Server Administrative Tools (RSAT) from Microsoft.com to be able to access the Group Policy Manager. Otherwise, you will get the “Permissions” error and be unable to make the change.
The first time a user tries to re-enter the CRM database after the administrator has changed the password, it will ask for the user name and password. This is because the system has been reset and all of the passwords that were used by authorized users were tied to the old administrator password. The system cannot use the old cached information because the administrator has been recreated and has different identification information. Once the user has logged in and verified the account with his or her password this new information will be saved to the cache and used for future log in sessions. This will happen every time the administrator password is changed, so if you are part of a team you should be sure to communicate the new password with your co-workers.
“Download Details - Microsoft Download Center - Microsoft Dynamics CRM 3.0 Using Articles.” Web. 27 July 2011. https://www.microsoft.com/download/en/details.aspx?id=26236
“Group Policy Preferences: Getting Started.” Microsoft TechNet: Resources for IT Professionals. Web. 27 July 2011. https://technet.microsoft.com/en-us/library/cc731892(WS.10).aspx
Image courtesy of Sean MacEntee @ FlickR, https://www.flickr.com/photos/smemon/4746911330/
Screenshots taken by author