Re: Renaming the local Administrator account on Windows XP Pro

From: Torgeir Bakken \(MVP\) (Torgeir.Bakken-spam_at_hydro.com)
Date: 10/28/04 

Date: Thu, 28 Oct 2004 22:27:10 +0200

John Recknagel wrote:

> I would like to know if someone knows of a method to automate the renaming of
> the local Administrator account with a randomly generated name. I know how to
> create a random password with the following command:
> net user Administrator /random
>
> This will generate a random strong password for the local Administrator
> account. Is there such a thing for the user account name? Is there third
> party software available that will accomplish this task?
Hi

You can do this with a VBScript (a .vbs file).

The script below will generate a 15 characters long random user name
with characters from 4 different categories, and then rename the local
administrator account (it also will handle the cases where the old
name is not "Administrator").

'--------------------8<----------------------
'
' Description: Script that renames the builtin administrator
' account to a random generated name
'
' Author: Torgeir Bakken
' Date: 2004-10-28
'

' obtain current administrator name regardless of name
sOldUser = GetAdministratorName

' create new user name, 15 characters long
'It will contains characters from all of the following four categories:
'English upper case characters (A..Z)
'English lower case characters (a..z)
'Base 10 digits (0..9)
'Following non-alphanumeric characters: ()&$%#
sNewUser = GenRandomName(15)

Set oWshNet = CreateObject("WScript.Network")

' get computer name for local computer
sComputerName = oWshNet.ComputerName
' If you want to do it on a remote computer, disable the line
' above and enable the line below
'sComputerName = "SomeComputer"

Set oComputer = GetObject("WinNT://" & sComputerName)

' Turn off internal error handling
On Error Resume Next
' connect to user object
Set oUser = GetObject("WinNT://" & sComputerName & "/" & sOldUser & ",user")

' rename user
Set oNewUser = oComputer.MoveHere(oUser.ADsPath, sNewUser)

If Err.Number <> 0 Then
   WScript.Echo "Failed to rename administrator user " & sOldUser
Else
   WScript.Echo "Administrator user is renamed to " & sNewUser
End If

On Error Goto 0

Function GetAdministratorName
        Dim sUserSID, oWshNetwork, oUserAccount

        Set oWshNetwork = CreateObject("WScript.Network")
        Set oUserAccounts = GetObject( _
             "winmgmts://" & oWshNetwork.ComputerName & "/root/cimv2") _
             .ExecQuery("Select Name, SID from Win32_UserAccount" _
           & " WHERE Domain = '" & oWshNetwork.ComputerName & "'")

        On Error Resume Next
        For Each oUserAccount In oUserAccounts
          If Left(oUserAccount.SID, 9) = "S-1-5-21-" And _
             Right(oUserAccount.SID, 4) = "-500" Then
            GetAdministratorName = oUserAccount.Name
            Exit For
          End if
        Next
End Function

Function GenRandomName(iLen)
   Randomize
   Do
     sRS = ""
     For iPos = 1 To iLen
       iChar = Int((69 * Rnd) + 1)
       sRS = sRS & Mid("AEIOUBCDFGHJKLMNPQRSTVWXYZ" _
          & "aeioubcdfghjklmnpqrstvwxyz0123456789()&!$#%", iChar, 1)
     Next
   Loop Until REtest("[A-Z]", sRS) And REtest("[a-z]", sRS) _
     And REtest("\d", sRS) And REtest("[\(\)&\$%#]", sRS)

   GenRandomName = sRS
End Function

Function REtest(patrn, strng)
   Dim oRegEx, retVal ' Create variable.
   Set oRegEx = New RegExp ' Create regular expression.
   oRegEx.Pattern = patrn ' Set pattern.
   oRegEx.IgnoreCase = False ' Set case sensitivity.
   REtest = oRegEx.Test(strng) ' Execute the search test.
End Function

'--------------------8<----------------------

WSH 5.6 documentation (local help file) can be downloaded from here
if you haven't got it already:
http://msdn.microsoft.com/downloads/list/webdev.asp 

-- 
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/scriptcenter/default.mspx

Relevant Pages

  • Re: SP failing with access denied error message
    ... created another account on this PC, with administrator ... The app event viewer has: ... >torgeir, Microsoft MVP Scripting and WMI, Porsgrunn ...
    (microsoft.public.windowsxp.setup_deployment)
  • Re: Map network drive using SYSTEM account?
    ... I map to a specific account with user name and password using the IP address ... administrator. ... > torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway ...
    (microsoft.public.win2000.cmdprompt.admin)
  • Re: Disabled regedit
    ... > administrator. ... I am in an admin account and also if I go to onother user ... The Parasite Fight Quick Fix Protocol ... -- torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway Administration scripting examples and an ONLINE version of the 1328 page Scripting Guide: ...
    (microsoft.public.windowsxp.general)
  • Re: Renaming the local Administrator account on Windows XP Pro
    ... >> the local Administrator account with a randomly generated name. ... >> This will generate a random strong password for the local Administrator ... > The script below will generate a 15 characters long random user name ... > with characters from 4 different categories, ...
    (microsoft.public.windowsxp.security_admin)
  • Change Adminstrator Account
    ... Password is 15 characters long. ... In the details pane, right-click Administrator, and then click Properties. ... On the Account tab, in the User logon name box, type the new name. ...
    (microsoft.public.windows.server.sbs)