If you have an account like contoso\sharepoint-farm in your IIS be aware that you can run locally appcmd command and obtain the password in clear text. Message: never use powerfull accounts in IIS. There are some people that use Domain Admin accounts there.
No comments:
Post a Comment