Directory applications are utilized to centrally manage the high number of computers, user accounts, printers, servers, etc. While using the directory service, privileged accounts are used to execute the operation of components and network services within the network infrastructures. These privileged accounts have wide authorizations on all the components within the directory service. One of the objectives of cyber-attacks on such systems is to obtain the passwords of such accounts. Thus, a model is designed and presented in this study in order to enable the privileged accounts to be controlled, managed, and followed at minimum cost. This application model enabled the determination of passwords of privileged user accounts in accordance with the fundamental IT security principles, establishment of stronger passwords, clarification of the limits of duties of IT personnel, a decrease in their work load, and an increase in the awareness of managers about IT security. (C) 2019 Elsevier Ltd. All rights reserved.