It is too easy for attackers to obtain Domain Admins account credentials, what can we do to reduce opportunities for malicious users to get access, while increasing our control and awareness of the environment? What is the best solution that could help our organization control administrator access and protect resources?