Re: debug in windows XP Proffessional

From: Roger Abell [MVP] (mvpNOSPAM@asu.edu)
Date: 09/15/02 

From: "Roger Abell [MVP]" <mvpNOSPAM@asu.edu>
Date: Sun, 15 Sep 2002 08:05:33 -0700

"shrinu jonna (india)" <jshrinu@hotmail.com> wrote
> Hello Sir,
>
> This is SHRINU from Visakhapatnam(Andhara Pradesh) in
> India. While I was working on Windows XP Proffesional,I
> found a major Debug in adminstrative account.
> I discussed it with some network adminstrators who has
> passed the MCSE examinations.
>
>
> I have upgraded the Windows XP Proffessional from
> Windows 98SE which has one user and it is password
> protected.
> After installation of Windows XP Proffesional,I have
> installed some other softwares in my machine.
> Now the adminstrator account is Shrinu(Windows 98SE
> user) and it is password protected.
>
> HOW TO FIND THE DEBUG:
> step1: I logged as default adminstrator(Shrinu).
> step2: In the CONTROLPANEL click on the COMPUTERMANAGEMENT
> step3: In the COMPUTERMANAGEMENT, expand the SYSTEMTOOLS.
> step4: In the SYSTEMTOOLS, agian expand the LOCALUSERS &
> GROUPS.
> step5: In this click on the USERS folder.
> step6: Then there are two adminstrator accounts, one is
> BUILT-IN Adminstrator& Shrinu Adminstrator accounts.
> step7: First I deleted the BUILT-IN Adminstrator account
> through (press the mouse righthand button on that
> adminstrator account and then select the delete
> option).
> step8: Then it shows one message ("THE FOLLOWING ERROR
> OCCURED WHILE ATTEMPTING TO DELETE THE USER
> ADMINSTRATOR:" ACCESED DENIED) I pressed OK button.
> step9: And then I deleted the next and last Adminstrator
> account(Shrinu which I was currently working).
> Again it shows the error message same like above.
> step10: Now I have no Adminstrator accounts.
>
> TROUBLES I HAVE FACED:
>
> Restarted the system and I logged as limited account
> because of there are no administrator accounts in my
> system.
> Now I can't install any new softwares and uninstall the
> old softwares which were there in my system.
> I tried to install and uninstall through "Run As..."
> program(It will come by pressing the mouse righthand
> button on any install/uninstall exe files).
>
> Details of "Run As..." program:
>
> In the "Run As..." window I selected the radio button
> of adminstrator.
> In the user name box only one adminstrator is there
> with name "Adminstrator" and there is no other adminstrator
> (Shrinu).
> In the Password box I typed the correct password of
> both the adminstrator account.
> But it shows the error message like
> UNABLE TO LOGON :
> LOGON FAILURE : UNKNOWN USER OR BAD PASSWORD
>
> I tried to "SYSTEM RESTORE",but it is saying as
> "YOU MUST LOGIN AS ADMINSTRATOR"
>
> QUESTIONS :
> 1. How can I enter into adminstrator account to
> install/uninstall softwares.
> 2. How can the administrator can delete his own account
> while he was working currently on it.
> 3. As per your choices we can delete all administrator
> accounts,if so how can we enter into the
> system as an administrator.
>
> PREVENTING THIS DEBUG & SUGGESSIONS:
> 1. You should not give the option to delete the
> BUILT-IN ADMINISTRATOR account.
> 2. If there is one & last administrator,then you should
> not give the option to delete the current
> administrator.
>
> This is the major Debug I was found.So if you consider as
> it is real Debug send a mail to the following address.
>

Since it is not possible to delete the built-in Administrator
account, the one that is initially named Administrator but
may be renamed, it would seem that your issue revolves
around whether you do or do not actually know the
password of the built-in Administrator account.

Since an account has a name and password that are only used
to authenticate an identity (such as a person), and after that the
account's identitiy is represented by a SID within a token built
during the login, and since this token also at that time stores all
needed information about that identity's permissions and rights,
the actual account name and password are no longer used after
the logon event completes. Thus, it is possible for your account
to delete the information that would be needed for it to log in
the next time, and still not have an impact on the then current
login sessions (which depends wholely on the user token). 

--
Roger Abell
MS MVP (Security, Windows), MCDBA,  MCSE both
Associate Expert - Windows XP ExpertZone
http://www.microsoft.com/windowsxp/expertzone
Quantcast