Jump to content

Renaming the Administrator Account


Recommended Posts

OK THE FOLLOWING HAS BEEN TESTED AND WORKING!!!

HOW TO:

Renaming the god-mode Administrator account and Unattended Vista install.

You only need to do this once!

Do the following in the order shown!!!

First:

Click Start >> Run and type 'MMC' and Enter

Click File >> Add/Remove Snap-in...

In the left Window, scroll down and

double-click Security Configuration and Analysis

double-click Security Templates

Click OK

Second:

Create a new Security Template by:

Expand Security Templates

Right-click on default path (should be "%userprofile%\Documents\Security\Templates)

Click New Template...

Type "unattend.inf"

Hit Enter

Create a new database by:

Right-click Security Configuration and Analysis

Click Open Database...

Type "unattend.sdb" This directory is %userprofile%\Documents\Security\Database

Hit Enter

Type "unattend.inf" This directory is %userprofile%\Documents\Security\Templates

Hit Enter

Third:

Enter new Security changes:

Expand Security Templates >> %userprofile%\Documents\Security\Templates >> unattend >> Local Policies >> Security Options

Double-click Accounts: Administrator account status

Tic the box "Define this policy setting in the template"

Radio "Enabled"

Click OK

Double-click Accounts: Rename administrator account

Tic the box "Define this policy setting in the template"

Enter new Administrator name

Hit Enter

Make any other changes you wish:

UAC: Admin Approval Mode... = FilterAdministratorToken Should be disabled

UAC: Behavior of the elevation prompt for admin... = ConsentPromptBehaviorAdmin

UAC: Behavior of the elevation prompt for standard... = ConsentPromptBehaviorUser

UAC: Run all administrators in Admin Approval Mode = EnableLUA Should be enabled (Adversely affects Std Users!)

Close MMC

You don't have to save console settings if you don't want to, but you must save changes to template!

Remember, your new database and template should now reside in %userprofile%\Documents\Security\Database and

%userprofile%\Documents\Security\Templates respectively. Be sure to save the template changes.

Now you must edit INSTALL.WIM!

Mount INSTALL.WIM

imagex /mountrw x:\sources\INSTALL.wim 1 x:\temp "1" depends on your own image file

Copy the CONTENTS (ie; Database and Templates folders) of %userprofile%\Documents\Security folder to x:\temp\Windows\Security

Unmount and commit INSTALL.WIM

imagex /unmount /commit x:\temp

The above should be done before any unattend programs such as vLite and VistaUA.

Also, a pre-existing database file named SECEDIT.SDB exists in INSTALL.WIM. This is fine and you should not overwrite, delete or otherwise alter

this file!

HERE YOU MAY USE VLITE, VISTAUA, CUSTOMIZATIONS, ETC >>>>>>>>>>>>

WITH NO NEED FOR THE ABOVE REGISTRY TWEAKS

Add the following to setupcomplete.cmd (in \sources\$oem$\$$\setup\scripts\):

CMD /C secedit /configure /db %systemroot%\security\database\unattend.sdb /cfg %systemroot%\security\templates\unattend.inf /log %systemroot%\security\logs\unattend.log /overwrite /quiet

Add/Change the following to your PRE-EXISTING autounattend.xml !!!!PRE-EXISTING!!!!

If you already have an oobesystem pass in your autounattend, just add the items within.

<settings pass="oobeSystem">

<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<UserAccounts>

<AdministratorPassword>

<Value>"YOUR ADMINISTRATOR PASSWORD HERE"</Value>

</AdministratorPassword>

</UserAccounts>

<AutoLogon>

<Enabled>true</Enabled>

<LogonCount>3</LogonCount>

<Username>"YOUR RENAMED ADMINISTRATOR ACCOUNT HERE"</Username>

<Password>

<Value>"YOUR ADMINISTRATOR PASSWORD"</Value>

<PlainText>true</PlainText>

</Password>

</AutoLogon>

</component>

</settings>

NOTE: YOU DO NOT HAVE TO AUTOLOGON TO THE RENAMED GOD ACCOUNT, BUT THEN WHAT'S THE SENSE OF DOING ALL OF THIS?

If you have a better, faster and/or easier way of doing this, then I just wasted my time.

Brought to you by razormoon

Edited by razormoon
Link to comment
Share on other sites


I'm thinking that instead of injecting security folders into wim, one can conceivably store them in $OEM$\$$\Security. Much faster and easier. Also conceivable is that one can run the secedit command from AuditUser pass, no?

Link to comment
Share on other sites

If you have a better, faster and/or easier way of doing this, then I just wasted my time.

Brought to you by razormoon

I tried several ways to do it (mainly with 3rd party tools and scripts) and arrived at the same secedit method.

During Vista deployment, the built-in administrator account is always renamed "administrator" or localized equivalent (administrateur in french), that's why one have to execute secedit after deployment.

I will try to use the SetupComplete.cmd file.

Razormoon> you should wrap your text in code tags to preserve your formatting with spaces/tabs.

Thanks for sharing your input! :thumbup

Largo.

Link to comment
Share on other sites

I will try to use the SetupComplete.cmd file.

Razormoon> you should wrap your text in code tags to preserve your formatting with spaces/tabs.

Thanks for sharing your input! :thumbup

Largo.

Honest to goodness, I usually wrap my code. Thanks for reminding me! :)

The SetupComplete method works like a charm.

Link to comment
Share on other sites

  • 1 month later...

Can someone help me?

I've followed this guide a few times but always get the same problem?

On first boot up, it can't log in. So I click ok and enter the password and still cannot log in.

The name I changed admin to appears right on the log in screen.

<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<settings pass="windowsPE">
<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SetupUILanguage>
<UILanguage>en-US</UILanguage>
</SetupUILanguage>
<InputLocale>00040408</InputLocale>
<UserLocale>en-US</UserLocale>
<UILanguage>en-US</UILanguage>
<SystemLocale>en-US</SystemLocale>
</component>
<component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<UserData>
<FullName>Charles Watson</FullName>
<AcceptEula>true</AcceptEula>
</UserData>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<AutoLogon>
<Password>
<Value>......</Value>
<PlainText>true</PlainText>
</Password>
<Enabled>true</Enabled>
<LogonCount>3</LogonCount>
<Username>Charles</Username>
</AutoLogon>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>1</ProtectYourPC>
<SkipMachineOOBE>true</SkipMachineOOBE>
<SkipUserOOBE>true</SkipUserOOBE>
</OOBE>
<TimeZone>Eastern Standard Time</TimeZone>
<UserAccounts>
<AdministratorPassword>
<Value>......</Value>
</AdministratorPassword>
</UserAccounts>
</component>
</settings>
<settings pass="specialize">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<ComputerName>charles-pc</ComputerName>
</component>
<component name="Microsoft-Windows-Security-Licensing-SLC-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SkipAutoActivation>true</SkipAutoActivation>
</component>
</settings>
<cpi:offlineImage cpi:source="wim:D:/System/Vista/6001.16659.070916-1443_x86fre_Client_en-us-FB1CFRE_EN_DVD/sources/install.wim#Windows Vista ULTIMATE" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
</unattend>

Link to comment
Share on other sites

Are you sure you have defined your security policies in \Windows\Security? Checked all the necessary options? If so, did you inject into install.wim and made a call to secedit from setupcomplete.cmd? I've heard of some users having trouble with the setupcomplete.cmd method. What you can do is move that call from the setupcomplete.cmd and put it in your autounattend.xml as such in <settings pass="specialize">:

        
<component name="Microsoft-Windows-Deployment" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Order>1</Order>
<Path>CMD /C secedit /configure /db %systemroot%\security\database\unattend.sdb /cfg %systemroot%\security\templates\unattend.inf /log %systemroot%\security\logs\unattend.log /overwrite /quiet</Path>
</RunSynchronousCommand>
</RunSynchronous>
</component>

In the meantime, I'll just edit the above to make the call from autounatted.xml as opposed to setupcomplete.cmd.

EDIT: THE ABOVE DOES NOT WORK FOR ME SO REVERTING ORIGINAL POST TO SETUPCOMPLETE.CMD

Edited by razormoon
Link to comment
Share on other sites

  • 1 month later...

Hi razormon, I've folowed your guide up to the part where I mount the Install.wim...

I can't seem to find that "x\temp" folder you referenced, I'm assuming the "x" is the the drive path or systemdrive... I've searched all my drives and there's no "temp", must I create it myself or what? I just need to drop those files I've created, the only thing that shows on the install.wim is "components" and "Packages"

please advise

nevermind, I've figured it out... but there's still one prob though, I don't have the "setupcomplete.cmd" file, is it really necessary, how do I create it?

Edited by oidicle
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...