General discussion

Locked

Admin account

By Curious_George ·
How can determine which name in the local admins list is the built-in local admin account on a workstation if all other admin
accounts are copies of the original account and have identical
descriptions? Deleting all others until error message about not
deleting built-in accounts is not acceptable. It can be from the
command line or GUI.

Additionally, I may need to rename this account from the
command line, as I have found a collage of diverse local admin
accounts across the workstations on a domain. I want to script a
NAME CHANGE routine for only the built in local admin account
on these NT 4.0 workstations, so all local admin accounts can
be uniform.

Addusers.exe only deletes or adds accounts, does NOT
rename, so please don't suggest it.

Let's see who's really good!

This conversation is currently closed to new comments.

10 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Admin account

by calves In reply to Admin account

Are you gonna have enough points for all this questions?
Just curious...

Collapse -

Admin account

by Curious_George In reply to Admin account

I'm thinkin' i will even if the answer is non-related

Collapse -

Admin account

by lanpinger In reply to Admin account

* In "User Manager for Domains" go into
"User Properties"
* Put a check in
"Account Disabled" then click "OK"
* If NT lets you disable the account, then it is not the true Admin Account.
* If you get the error message:

USER MANAGER FOR DOMAINS
The following error occurred changing the properties of the user xxxxxxx:
Cannot perform this operation on built-in accounts.
OK

then you've found it. Click "OK"

Good luck,
Lanpinger

Collapse -

Admin account

by Curious_George In reply to Admin account

Works but not in a script that can be run from a remote localation, hitting all workstations.

Collapse -

Admin account

by FractalAdmin In reply to Admin account

Let's see who's really good... at asking questions that have already been answered? And offering ridiculous amounts of points for same? Get off, stop clogging things up, some people here are actually trying to better themselves, not show off. OK, you've figured out how to get lots of points. Well done - now go away...

Collapse -

Admin account

by Curious_George In reply to Admin account

Ok, I'll clog up everyone else's rating with 2000 points each even though none came up with an acceptable solution, but at least they cordially tried, and I won't bother clogging up your points you supercilious churl.

Collapse -

Admin account

by guy In reply to Admin account

Each account has a SID (Security Identifyier) the last three numbers are called the RID (Relative Identifier)

The original administrator's account has a RID of 500. So logon as the account you suspect, fire up REGEDIT (Run Regedit) check out theHKey Users, expand to reveal the last three number if they are 500 then you have cracked it.

You may also be able to solve the problem by changing the permission on the SAM in the registry so that Administrators have full control, drill down andsee if you can match a name with a RID of 500. Remember to reset the permissions afterwards!

Collapse -

Admin account

by Curious_George In reply to Admin account

I figured out how to accomplish this task remotely in a batch format and you are on the right track. BTW - It is easier to give yourself system rights than to change and reset the reg. Excellent suggestion just the same!

Collapse -

Admin account

by Linuxian In reply to Admin account

Check the permissions on C:\WINNT\Profiles\Administrator. The original Administrator owns this folder and should be listed as the first user with access to the directory. The name of the directory stays the same no matter what you call the Administrator account but the name of the administrator associated with the folder will change when it is edited in user manager. I’m not aware of any way to rename an account with a script.

I have over 5000 workstations that need their local accounts realigned (Prev admin was, well, ya know). So I have been working on a problem similar to yours for a while as well.

Collapse -

Admin account

by Curious_George In reply to Admin account

I believe I have figured out this problem, so I can script a domain wide local admin rename. I already have a password change script I wrote, that I can modifiy to include this item. Feel free to contact me if you want to use any of my domain scripts. dastew@kodak.com

Back to Windows Forum
10 total posts (Page 1 of 1)  

Related Discussions

Related Forums