Sign in to follow this  
Followers 0
Andries

Change administrator name

80 posts in this topic

Is it possible that I change the "administrator" name/account (who has automatically created in a unattend file) renamed in "admin"?

I must change this after every unattended installation (for exclusive applications) but I would like that automatically if it is possible.

0

Share this post


Link to post
Share on other sites

Rename administrator account

Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options

Description

Determines whether a different account name will be associated with the security identifier (SID) for the account "Administrator." By associating the Administrator SID with another account, you will no longer have an account named "Adminstrator," which is often a point of attack by hackers.

Microsoft Group Policy Reference

Hope that helps

Roger

0

Share this post


Link to post
Share on other sites

Use something like this for general good practices. Get netuser.exe and renuser.exe, drop the file(s) into the system32 folder however you like (I use $OEM$\$$\System32 during setup) and run a batch file like this from RunOnce:

@echo offecho Renaming/Creating Accountsnet user guest {s2J234OPH}renuser guest notguestnet localgroup guests notguest /deleterenuser Administrator adminnet user /add Administrator /active:no /passwordchg:no /passwordreq:yesnetuser Administrator /pwnexp:ynet user Administrator {s2J234OPH}net localgroup users Administrator /delete

This way it will do this after setup, but before the first user logs in. It will rename the guest account and remove it from the guests group (If you install the .Net framework later it will put it back there FYI). It will also rename the administrators account to soemthing else and create a dummy Administrators account while removing the dummy account from the users group.

For what you wanted to do you could use the following from RunOnce (assuming you drop renuser.exe into the system32 folder during install):

@echo offecho Renaming Administrator Accountrenuser Administrator admin

Cheers

Edited by Jotnar
0

Share this post


Link to post
Share on other sites

Jotnar thanx a bunch been lookin for this since a while

0

Share this post


Link to post
Share on other sites
...

netuser Administrator /pwnexp:y

...

I've been looking for something to do this for a while, with no luck. I can't get this to work either: this switch generates the "help" screen (where it is not listed), and does not check that box. Anyone have it working?

0

Share this post


Link to post
Share on other sites

Strange and unusual...it works in Windows 2000 (which I have at work) but not in XP (which I have at home). Hmmm... It would seem Google is my friend tonight :) Try the one Here. This one works for me on Windows XP. You would think Microsoft would give you a way to do this through the command line...sigh

edit...maybe I linked to the wrong netuser.exe before? I could've sworn thats where I downloaded it from last week. Too many **** files named netuser.exe.

edit 2...It was the wrong link. They have 2 files called netuser.exe on their site. Original post now fixed.

Cheers

0

Share this post


Link to post
Share on other sites

Cool! They both look like good tools, but are not at all the same.

Thanks!

0

Share this post


Link to post
Share on other sites

Thanks!

I worked with Windows XP and it's working.

everybody, thanks!

0

Share this post


Link to post
Share on other sites

Woot! This will help with me heaps. I hate having to rename the admin and guest accounts every time I install (kinda defeats my unattended idea).

Again, thanks.

Edit: One question, can you rename the administrator and guest accounts at the T-12 minute mark via RunOnceEx or MUST this be done from RunOnce just before user login?

0

Share this post


Link to post
Share on other sites

@RaveRod

I honestly don't know. I was playing it safe since i'm not quite sure when those accounts get created.

@enuffsaid

your welcome!

Cheers

0

Share this post


Link to post
Share on other sites

Well, I tried it and it worked.

One thing though, the new administrator account won't show up on the logon screen (just like if you happen to add another account). To rectify this, you must import the registry tweak to show the administrator account on the logon screen with cmdlines.txt.

The guest account was renamed, the guests group was removed and the administrator account was renamed. Worked fine without a hitch. Thanks again for this find.

Edit: For reference, here is the UserSetup.cmd file I used (this file can be added to the cmdlines.txt file):

@echo off
%systemdrive%\MSA\Utilities\renuser.exe guest disablednet localgroup guests disabled /delete
set /P newadmin="Enter a new administrator name: "%systemdrive%\MSA\Utilities\renuser.exe administrator %newadmin%
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList" /v %newadmin% /t REG_DWORD /d 00000001 /f

Change the paths to renuser.exe ofcourse.

0

Share this post


Link to post
Share on other sites

Edit2: Here's one for ya, if you add that registry tweak from cmdlines.txt, the username won't show up on the Welcome Screen until you reboot, twice! That's what I've had to do on my 4 test using VMWare. Can anyone shed some light on that problem?

0

Share this post


Link to post
Share on other sites

whoops another problem.

:)

Could you tell me how I can delete the relation "user"

I have create a account with the name "general"

Windows XP created automatic a relation with "Users"

But I would delete this relation and will create a relation with "Administrors"

How can I do that?

0

Share this post


Link to post
Share on other sites

Do you mean that the account you create is added to the "Users" group?

Try this script:

Dim UM:Set UM = CreateObject("UserManager.Server")
'Add Guest user account to a 'Users' local groupUM.Users("Guest").AddToLocalGroup "Users"
'Remove account from the groupUM.Users("Guest").RemoveFromLocalGroup "Users"

or

If the group is a local group perform the following:

net localgroup <group name> <user> /delete

If the group is part of a domain user

C:\> net group <group name> <user> /delete /domain

Hope that helps...

Regards,

eNuffSaid

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.