• Announcements

    • xper

      MSFN Sponsorship and AdBlockers!   07/10/2016

      Dear members, MSFN is made available via subscriptions, donations and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, become a site sponsor and ads will be disabled automatically and by subscribing you get other sponsor benefits.
Sign in to follow this  
Followers 0
Andries

Change administrator name

80 posts in this topic

Is it possible that I change the "administrator" name/account (who has automatically created in a unattend file) renamed in "admin"?

I must change this after every unattended installation (for exclusive applications) but I would like that automatically if it is possible.

0

Share this post


Link to post
Share on other sites

Rename administrator account

Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options

Description

Determines whether a different account name will be associated with the security identifier (SID) for the account "Administrator." By associating the Administrator SID with another account, you will no longer have an account named "Adminstrator," which is often a point of attack by hackers.

Microsoft Group Policy Reference

Hope that helps

Roger

0

Share this post


Link to post
Share on other sites

Use something like this for general good practices. Get netuser.exe and renuser.exe, drop the file(s) into the system32 folder however you like (I use $OEM$\$$\System32 during setup) and run a batch file like this from RunOnce:

@echo offecho Renaming/Creating Accountsnet user guest {s2J234OPH}renuser guest notguestnet localgroup guests notguest /deleterenuser Administrator adminnet user /add Administrator /active:no /passwordchg:no /passwordreq:yesnetuser Administrator /pwnexp:ynet user Administrator {s2J234OPH}net localgroup users Administrator /delete

This way it will do this after setup, but before the first user logs in. It will rename the guest account and remove it from the guests group (If you install the .Net framework later it will put it back there FYI). It will also rename the administrators account to soemthing else and create a dummy Administrators account while removing the dummy account from the users group.

For what you wanted to do you could use the following from RunOnce (assuming you drop renuser.exe into the system32 folder during install):

@echo offecho Renaming Administrator Accountrenuser Administrator admin

Cheers

Edited by Jotnar
0

Share this post


Link to post
Share on other sites

Jotnar thanx a bunch been lookin for this since a while

0

Share this post


Link to post
Share on other sites
...

netuser Administrator /pwnexp:y

...

I've been looking for something to do this for a while, with no luck. I can't get this to work either: this switch generates the "help" screen (where it is not listed), and does not check that box. Anyone have it working?

0

Share this post


Link to post
Share on other sites

Strange and unusual...it works in Windows 2000 (which I have at work) but not in XP (which I have at home). Hmmm... It would seem Google is my friend tonight :) Try the one Here. This one works for me on Windows XP. You would think Microsoft would give you a way to do this through the command line...sigh

edit...maybe I linked to the wrong netuser.exe before? I could've sworn thats where I downloaded it from last week. Too many **** files named netuser.exe.

edit 2...It was the wrong link. They have 2 files called netuser.exe on their site. Original post now fixed.

Cheers

0

Share this post


Link to post
Share on other sites

Cool! They both look like good tools, but are not at all the same.

Thanks!

0

Share this post


Link to post
Share on other sites

Thanks!

I worked with Windows XP and it's working.

everybody, thanks!

0

Share this post


Link to post
Share on other sites

Woot! This will help with me heaps. I hate having to rename the admin and guest accounts every time I install (kinda defeats my unattended idea).

Again, thanks.

Edit: One question, can you rename the administrator and guest accounts at the T-12 minute mark via RunOnceEx or MUST this be done from RunOnce just before user login?

0

Share this post


Link to post
Share on other sites

@RaveRod

I honestly don't know. I was playing it safe since i'm not quite sure when those accounts get created.

@enuffsaid

your welcome!

Cheers

0

Share this post


Link to post
Share on other sites

Well, I tried it and it worked.

One thing though, the new administrator account won't show up on the logon screen (just like if you happen to add another account). To rectify this, you must import the registry tweak to show the administrator account on the logon screen with cmdlines.txt.

The guest account was renamed, the guests group was removed and the administrator account was renamed. Worked fine without a hitch. Thanks again for this find.

Edit: For reference, here is the UserSetup.cmd file I used (this file can be added to the cmdlines.txt file):

@echo off
%systemdrive%\MSA\Utilities\renuser.exe guest disablednet localgroup guests disabled /delete
set /P newadmin="Enter a new administrator name: "%systemdrive%\MSA\Utilities\renuser.exe administrator %newadmin%
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList" /v %newadmin% /t REG_DWORD /d 00000001 /f

Change the paths to renuser.exe ofcourse.

0

Share this post


Link to post
Share on other sites

Edit2: Here's one for ya, if you add that registry tweak from cmdlines.txt, the username won't show up on the Welcome Screen until you reboot, twice! That's what I've had to do on my 4 test using VMWare. Can anyone shed some light on that problem?

0

Share this post


Link to post
Share on other sites

whoops another problem.

:)

Could you tell me how I can delete the relation "user"

I have create a account with the name "general"

Windows XP created automatic a relation with "Users"

But I would delete this relation and will create a relation with "Administrors"

How can I do that?

0

Share this post


Link to post
Share on other sites

Do you mean that the account you create is added to the "Users" group?

Try this script:

Dim UM:Set UM = CreateObject("UserManager.Server")
'Add Guest user account to a 'Users' local groupUM.Users("Guest").AddToLocalGroup "Users"
'Remove account from the groupUM.Users("Guest").RemoveFromLocalGroup "Users"

or

If the group is a local group perform the following:

net localgroup <group name> <user> /delete

If the group is part of a domain user

C:\> net group <group name> <user> /delete /domain

Hope that helps...

Regards,

eNuffSaid

0

Share this post


Link to post
Share on other sites

Yes! Great! It works...

I have got the dutch windows XP PRO version.

And I try to remove "users" but it is "gebruikers" :)

But It works! Thank you!

0

Share this post


Link to post
Share on other sites

ehhh.... the followed problem do I no have:

The password from the administrator is now un-encrypted in the batch file.

net user Administrator {password}

But is it possible that I make a batchfile with a encrypted password?

0

Share this post


Link to post
Share on other sites

Well...if you're talking about the real administrator account you can have that encrypted in your answer file (winnt.sif) by using setupmgr.exe (Located on your XP disc in \SUPPORT\TOOLS\DEPLOY.CAB). This way you don't have to set the administrator password in a batch file in plain text.

Cheers

0

Share this post


Link to post
Share on other sites

I have already try that!

But if I copy the encrypted text into

net user administrator "encrypted text"

or

net user administrator encrypted text

(without quotes)

the Password is wrong.

(I mean, I must type the complete encrypted text and that's not my hobby)

0

Share this post


Link to post
Share on other sites

If you already have it in the answer file why are you changing the password in a batch file? The encrypted password will only work in the answer file (winnt.sif) during setup. Just set that password to what you want then and you shouldn't have to change it later.

Cheers

0

Share this post


Link to post
Share on other sites

Yes, I know.

But I would add a new user with an encrypted password.

And the user is created in a batch file after the installation. :)

0

Share this post


Link to post
Share on other sites

I tried to remove the Guest while in windows and its not working.

"Cannot perform operation on built-in accounts"

Even more funny - my windows xp pro is pretty hacked up right now by all kinda worms and friendly hackers :) so i don't have workstation service started??? not even present in the services list but i'm browsing the net how is this possible???

LoooL thats a first one for me :rolleyes:

BTW is this run on GUIRunOnce or RunOnceEx(wich i don't know much) or is it the same thing?

0

Share this post


Link to post
Share on other sites

@wolfshade

I don't think you can remove the built in accounts (Guest and Administrator), you can only rename them.

As an addendum, here is a somewhat more secure way to do the whole thing:

Get netuser.exe, renuser.exe, sdelete.exe, and copypwd.exe. Run copypwd on a machine where your renamed (and passworded) guest and fake adminstrator account are already setup like so:

CopyPwd DUMP >copypwd.txt

The file copypwd.txt now contains all the accounts that where on the machine in the format

accountname:reallylongpasswordhash

Delete all but the two for the renamed guest and the fake administrator account.

Now drop all the files you downloaded including the copypwd.txt you just made into the system32 folder however you like (I use $OEM$\$$\System32 during setup) and run a batch file like this (from whatever part of setup you want, t-13, runonce...etc)

@echo off
echo Renaming/Creating Accounts
renuser guest notguest
net localgroup guests notguest /delete
renuser Administrator admin
net user /add Administrator /active:no /passwordchg:no /passwordreq:yes
netuser Administrator /pwnexp:y
net localgroup users Administrator /delete
copypwd set
sdelete -p 7 %windir%\system32\copypwd.txt
del /F /Q %windir%\system32\copypwd.exe
del /F /Q %windir%\system32\renuser.exe
del /F /Q %windir%\system32\netuser.exe

This will rename the guest account, remove it from the guest group and set a password on the guest account (If you install the .Net framework later it will put it back there FYI). It will also rename the administrators account to something else and create a dummy Administrators account while removing the dummy account from the users group. This way (using copypwd) you're not showing the passwords in plaintext, just the password hashes which I don't really mind since they are disabled accounts anyway.

Cheers

Edited by Jotnar
0

Share this post


Link to post
Share on other sites

try using CUsrMgr (search in this board)...

CUsrMgr -u "Guest" -r "notGuest" -dlg "Guests" -p
CUsrMgr -u "Administrator" -r "admin" +s MustChangePassword
net user /add "Administrator" /active:no /passwordchg:no /passwordreq:yes times:
CUsrMgr -u "Administrator" -dlg "Users" -p +s PasswordNeverExpires

this will 1.rename built-in Guest to notGuest, remove from Guests localgroup, and set a randowm password.

2.rename built-in Administrator to admin, ask him change password on next logon

3.add dummy Administrator, remove it from Users localgroup, set a random pwd, pwd never expires

i set encrypted pwd in winnt.sif for built-in administrator.

0

Share this post


Link to post
Share on other sites

I'd use it if I didn't have to pay for the resource kit to get it :)

Cheers

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.