Changing built in Administrator account
I'd like to change the built in Administrator accounts on our servers. What implications would I run into? Will this change automatically change the permissions that were assigned to Administrator and also reflect the name change (ie, folder perms and such), or will I have to manually go thru each folder to change access?
Software/Hardware used:
Software/Hardware used:
ASKED:
November 25, 2008 8:02 PM
UPDATED:
November 26, 2008 4:50 PM
Answer Wiki:
Here is a <a href="http://www.derkeiler.com/pdf/Newsgroups/microsoft.public.windows.server.security/2006-09/msg00047.pdf">good guide </a>for you.
<a href="http://www.microsoft.com/technet/security/guidance/serversecurity/tcg/tcgch05n.mspx">Here is another one</a> you may find helpful.
================
Great guides Technochic! Just take note that renaming the administrator account is simply security by obscurity. As one of the guides mentioned, it is easy to find out what the administrator account is renamed to since it retains the SID of 500.
Checkout this <a href="http://support.microsoft.com/kb/814777">MS KB 814777</a>
To see all answers submitted to the Answer Wiki: View Answer History.
What exactly is your purpose for changing this? I really cannot think of an advantage to doing so? What is it you are ultimately trying to achieve?
to secure the servers, we will be going through a security audit and I’ve read that it’s best practice to rename the built in administrator account. would that be only better suited before the server is in full production?
Hi,
I’d agree with Labnuke that this is just “security through obscurity” , not a best (not even good) practice.
Good luck,
Petko