Hi
We've been using Biztalk for the last 7 years, in that time we only have two NT accounts one for production and one for non production. The password has never been changed in all of that time.
So now our auditing team is asking us to change the password (which worries me) but I'm also being asked to make sure I'm following Microsoft documented best practices on NT accounts.
Is their a best practice document somewhere? Is it OK to have just two accounts, or do I need to have seperate accounts for say IIS app pools, host instances, SSO etc? If sepeate accounts - for what reason?
Ideally I want to just to change password and leave the rest alone, but I have to try to convince our auditing teams!
Thanks