Jump to content

Welcome to MSFN Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message will be removed once you have signed in.
Login to Account Create an Account


Photo

Change administrator name

- - - - -

  • Please log in to reply
79 replies to this topic

#1
Andries

Andries

    Newbie

  • Member
  • 36 posts
  • Joined 26-April 04
Is it possible that I change the "administrator" name/account (who has automatically created in a unattend file) renamed in "admin"?

I must change this after every unattended installation (for exclusive applications) but I would like that automatically if it is possible.

My English is very bad but I hope you can understand me.


How to remove advertisement from MSFN

#2
rdalling

rdalling

    Member

  • Member
  • PipPip
  • 152 posts
  • Joined 29-March 04
Rename administrator account
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options

Description
Determines whether a different account name will be associated with the security identifier (SID) for the account "Administrator." By associating the Administrator SID with another account, you will no longer have an account named "Adminstrator," which is often a point of attack by hackers.

Microsoft Group Policy Reference


Hope that helps
Roger

#3
Jotnar

Jotnar

    Member

  • Member
  • PipPip
  • 186 posts
  • Joined 09-January 04
Use something like this for general good practices. Get netuser.exe and renuser.exe, drop the file(s) into the system32 folder however you like (I use $OEM$\$$\System32 during setup) and run a batch file like this from RunOnce:

@echo off
echo Renaming/Creating Accounts
net user guest {s2J234OPH}
renuser guest notguest
net localgroup guests notguest /delete
renuser Administrator admin
net user /add Administrator /active:no /passwordchg:no /passwordreq:yes
netuser Administrator /pwnexp:y
net user Administrator {s2J234OPH}
net localgroup users Administrator /delete

This way it will do this after setup, but before the first user logs in. It will rename the guest account and remove it from the guests group (If you install the .Net framework later it will put it back there FYI). It will also rename the administrators account to soemthing else and create a dummy Administrators account while removing the dummy account from the users group.

For what you wanted to do you could use the following from RunOnce (assuming you drop renuser.exe into the system32 folder during install):

@echo off
echo Renaming Administrator Account
renuser Administrator admin

Cheers

Edited by Jotnar, 19 July 2005 - 07:18 AM.


#4
gmx

gmx

    Member

  • Member
  • PipPip
  • 171 posts
  • Joined 09-November 03
Jotnar thanx a bunch been lookin for this since a while

#5
GreenMachine

GreenMachine

    ineXPlicable

  • Developer
  • 3,062 posts
  • Joined 22-August 03

...
netuser Administrator /pwnexp:y
...

I've been looking for something to do this for a while, with no luck. I can't get this to work either: this switch generates the "help" screen (where it is not listed), and does not check that box. Anyone have it working?

#6
Jotnar

Jotnar

    Member

  • Member
  • PipPip
  • 186 posts
  • Joined 09-January 04
Strange and unusual...it works in Windows 2000 (which I have at work) but not in XP (which I have at home). Hmmm... It would seem Google is my friend tonight :) Try the one Here. This one works for me on Windows XP. You would think Microsoft would give you a way to do this through the command line...sigh

edit...maybe I linked to the wrong netuser.exe before? I could've sworn thats where I downloaded it from last week. Too many **** files named netuser.exe.

edit 2...It was the wrong link. They have 2 files called netuser.exe on their site. Original post now fixed.

Cheers

#7
GreenMachine

GreenMachine

    ineXPlicable

  • Developer
  • 3,062 posts
  • Joined 22-August 03
Cool! They both look like good tools, but are not at all the same.

Thanks!

#8
Andries

Andries

    Newbie

  • Member
  • 36 posts
  • Joined 26-April 04
Thanks!

I worked with Windows XP and it's working.
everybody, thanks!

My English is very bad but I hope you can understand me.

#9
Denney

Denney

    *shrug*

  • Member
  • PipPipPipPip
  • 685 posts
  • Joined 11-September 03
Woot! This will help with me heaps. I hate having to rename the admin and guest accounts every time I install (kinda defeats my unattended idea).

Again, thanks.

Edit: One question, can you rename the administrator and guest accounts at the T-12 minute mark via RunOnceEx or MUST this be done from RunOnce just before user login?

#10
enuffsaid

enuffsaid

    Friend of MSFN

  • Member
  • PipPipPipPipPip
  • 866 posts
  • Joined 26-December 03
removed

#11
Jotnar

Jotnar

    Member

  • Member
  • PipPip
  • 186 posts
  • Joined 09-January 04
@RaveRod

I honestly don't know. I was playing it safe since i'm not quite sure when those accounts get created.

@enuffsaid
your welcome!

Cheers

#12
Denney

Denney

    *shrug*

  • Member
  • PipPipPipPip
  • 685 posts
  • Joined 11-September 03
Well, I tried it and it worked.

One thing though, the new administrator account won't show up on the logon screen (just like if you happen to add another account). To rectify this, you must import the registry tweak to show the administrator account on the logon screen with cmdlines.txt.

The guest account was renamed, the guests group was removed and the administrator account was renamed. Worked fine without a hitch. Thanks again for this find.

Edit: For reference, here is the UserSetup.cmd file I used (this file can be added to the cmdlines.txt file):

@echo off

%systemdrive%\MSA\Utilities\renuser.exe guest disabled
net localgroup guests disabled /delete

set /P newadmin="Enter a new administrator name: "
%systemdrive%\MSA\Utilities\renuser.exe administrator %newadmin%

reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList" /v %newadmin% /t REG_DWORD /d 00000001 /f

Change the paths to renuser.exe ofcourse.

#13
Denney

Denney

    *shrug*

  • Member
  • PipPipPipPip
  • 685 posts
  • Joined 11-September 03
Edit2: Here's one for ya, if you add that registry tweak from cmdlines.txt, the username won't show up on the Welcome Screen until you reboot, twice! That's what I've had to do on my 4 test using VMWare. Can anyone shed some light on that problem?

#14
Andries

Andries

    Newbie

  • Member
  • 36 posts
  • Joined 26-April 04
whoops another problem.
:)
Could you tell me how I can delete the relation "user"

I have create a account with the name "general"
Windows XP created automatic a relation with "Users"
But I would delete this relation and will create a relation with "Administrors"

How can I do that?

My English is very bad but I hope you can understand me.

#15
enuffsaid

enuffsaid

    Friend of MSFN

  • Member
  • PipPipPipPipPip
  • 866 posts
  • Joined 26-December 03
Do you mean that the account you create is added to the "Users" group?

Try this script:

Dim UM:Set UM = CreateObject("UserManager.Server")

'Add Guest user account to a 'Users' local group
UM.Users("Guest").AddToLocalGroup "Users"

'Remove account from the group
UM.Users("Guest").RemoveFromLocalGroup "Users"

or

If the group is a local group perform the following:
net localgroup <group name> <user> /delete

If the group is part of a domain user
C:\> net group <group name> <user> /delete /domain

Hope that helps...
Regards,
eNuffSaid

#16
Andries

Andries

    Newbie

  • Member
  • 36 posts
  • Joined 26-April 04
Yes! Great! It works...

I have got the dutch windows XP PRO version.
And I try to remove "users" but it is "gebruikers" :)

But It works! Thank you!

My English is very bad but I hope you can understand me.

#17
Andries

Andries

    Newbie

  • Member
  • 36 posts
  • Joined 26-April 04
ehhh.... the followed problem do I no have:

The password from the administrator is now un-encrypted in the batch file.
net user Administrator {password}

But is it possible that I make a batchfile with a encrypted password?

My English is very bad but I hope you can understand me.

#18
Jotnar

Jotnar

    Member

  • Member
  • PipPip
  • 186 posts
  • Joined 09-January 04
Well...if you're talking about the real administrator account you can have that encrypted in your answer file (winnt.sif) by using setupmgr.exe (Located on your XP disc in \SUPPORT\TOOLS\DEPLOY.CAB). This way you don't have to set the administrator password in a batch file in plain text.

Cheers

#19
Andries

Andries

    Newbie

  • Member
  • 36 posts
  • Joined 26-April 04
I have already try that!
But if I copy the encrypted text into

net user administrator "encrypted text"
or
net user administrator encrypted text
(without quotes)

the Password is wrong.

(I mean, I must type the complete encrypted text and that's not my hobby)

My English is very bad but I hope you can understand me.

#20
Jotnar

Jotnar

    Member

  • Member
  • PipPip
  • 186 posts
  • Joined 09-January 04
If you already have it in the answer file why are you changing the password in a batch file? The encrypted password will only work in the answer file (winnt.sif) during setup. Just set that password to what you want then and you shouldn't have to change it later.

Cheers

#21
Andries

Andries

    Newbie

  • Member
  • 36 posts
  • Joined 26-April 04
Yes, I know.
But I would add a new user with an encrypted password.
And the user is created in a batch file after the installation. :)

My English is very bad but I hope you can understand me.

#22
wolfshade

wolfshade

    Member

  • Member
  • PipPip
  • 163 posts
  • Joined 27-May 04
I tried to remove the Guest while in windows and its not working.
"Cannot perform operation on built-in accounts"

Even more funny - my windows xp pro is pretty hacked up right now by all kinda worms and friendly hackers :) so i don't have workstation service started??? not even present in the services list but i'm browsing the net how is this possible???
LoooL thats a first one for me :rolleyes:

BTW is this run on GUIRunOnce or RunOnceEx(wich i don't know much) or is it the same thing?

#23
Jotnar

Jotnar

    Member

  • Member
  • PipPip
  • 186 posts
  • Joined 09-January 04
@wolfshade

I don't think you can remove the built in accounts (Guest and Administrator), you can only rename them.


As an addendum, here is a somewhat more secure way to do the whole thing:

Get netuser.exe, renuser.exe, sdelete.exe, and copypwd.exe. Run copypwd on a machine where your renamed (and passworded) guest and fake adminstrator account are already setup like so:
CopyPwd DUMP >copypwd.txt
The file copypwd.txt now contains all the accounts that where on the machine in the format
accountname:reallylongpasswordhash
Delete all but the two for the renamed guest and the fake administrator account.

Now drop all the files you downloaded including the copypwd.txt you just made into the system32 folder however you like (I use $OEM$\$$\System32 during setup) and run a batch file like this (from whatever part of setup you want, t-13, runonce...etc)

@echo off
echo Renaming/Creating Accounts
renuser guest notguest
net localgroup guests notguest /delete
renuser Administrator admin
net user /add Administrator /active:no /passwordchg:no /passwordreq:yes
netuser Administrator /pwnexp:y
net localgroup users Administrator /delete
copypwd set
sdelete -p 7 %windir%\system32\copypwd.txt
del /F /Q %windir%\system32\copypwd.exe
del /F /Q %windir%\system32\renuser.exe
del /F /Q %windir%\system32\netuser.exe

This will rename the guest account, remove it from the guest group and set a password on the guest account (If you install the .Net framework later it will put it back there FYI). It will also rename the administrators account to something else and create a dummy Administrators account while removing the dummy account from the users group. This way (using copypwd) you're not showing the passwords in plaintext, just the password hashes which I don't really mind since they are disabled accounts anyway.

Cheers

Edited by Jotnar, 19 July 2005 - 07:19 AM.


#24
Guest_zippy_*

Guest_zippy_*
  • Guests
  • Joined --
try using CUsrMgr (search in this board)...
CUsrMgr -u "Guest" -r "notGuest" -dlg "Guests" -p
CUsrMgr -u "Administrator" -r "admin" +s MustChangePassword
net user /add "Administrator" /active:no /passwordchg:no /passwordreq:yes times:
CUsrMgr -u "Administrator" -dlg "Users" -p +s PasswordNeverExpires
this will 1.rename built-in Guest to notGuest, remove from Guests localgroup, and set a randowm password.
2.rename built-in Administrator to admin, ask him change password on next logon
3.add dummy Administrator, remove it from Users localgroup, set a random pwd, pwd never expires

i set encrypted pwd in winnt.sif for built-in administrator.

#25
Jotnar

Jotnar

    Member

  • Member
  • PipPip
  • 186 posts
  • Joined 09-January 04
I'd use it if I didn't have to pay for the resource kit to get it :)


Cheers




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users



How to remove advertisement from MSFN