Nexus is widely used across campus, currently with about 2500 computers, and so a lot of people are involved in its support. Since the beginning, we established a convention where !userids had departmental/faculty privileges, and !!accounts had system-wide privileges.
Early Windows 2000 required !!accounts for many operations, and this lead to a natural proliferation of admin accounts, with varyingly accurate descriptive names, and this was seen as a security risk, especially during the months when Windows breakins were happenning at an alarming rate on campus (although there was only one breakin actually on nexus).
Nexus sufferred a break-in over the Christmas holidays in 2003. Although we strongly believe it was through a Windows vulnerability - likely RPC, we also realized the risk of a weak password, or unauthorized account grew with the number of privileged users.
We also established techniques whereby almost all operations (such as joining the domain and adding antivirus features) could be accomplished with less privileged accounts.
Nexus (through ceberus) immediately detects the creation of any new !!accounts. Several people have suggested such accounts be disabled immediately upon discovery unless pre-staged, this would add extra security in the event of a script-kiddie breakin. At the time of writing, this has not been discussed at large yet.
If you have any questions about the need for !!accounts, or are in need of creating one, please contact erick@uwaterloo.ca