Re: Renaming the local Administrator account on Windows XP Pro

From: John Recknagel (Recknagel_at_discussions.microsoft.com)
Date: 10/28/04 

Date: Thu, 28 Oct 2004 14:09:03 -0700

"Torgeir Bakken (MVP)" wrote:

> John Recknagel wrote:
>
> > I would like to know if someone knows of a method to automate the renaming of
> > the local Administrator account with a randomly generated name. I know how to
> > create a random password with the following command:
> > net user Administrator /random
> >
> > This will generate a random strong password for the local Administrator
> > account. Is there such a thing for the user account name? Is there third
> > party software available that will accomplish this task?
> Hi
>
> You can do this with a VBScript (a .vbs file).
>
> The script below will generate a 15 characters long random user name
> with characters from 4 different categories, and then rename the local
> administrator account (it also will handle the cases where the old
> name is not "Administrator").
>
>
> '--------------------8<----------------------
> '
> ' Description: Script that renames the builtin administrator
> ' account to a random generated name
> '
> ' Author: Torgeir Bakken
> ' Date: 2004-10-28
> '
>
> ' obtain current administrator name regardless of name
> sOldUser = GetAdministratorName
>
> ' create new user name, 15 characters long
> 'It will contains characters from all of the following four categories:
> 'English upper case characters (A..Z)
> 'English lower case characters (a..z)
> 'Base 10 digits (0..9)
> 'Following non-alphanumeric characters: ()&$%#
> sNewUser = GenRandomName(15)
>
>
> Set oWshNet = CreateObject("WScript.Network")
>
> ' get computer name for local computer
> sComputerName = oWshNet.ComputerName
> ' If you want to do it on a remote computer, disable the line
> ' above and enable the line below
> 'sComputerName = "SomeComputer"
>
> Set oComputer = GetObject("WinNT://" & sComputerName)
>
> ' Turn off internal error handling
> On Error Resume Next
> ' connect to user object
> Set oUser = GetObject("WinNT://" & sComputerName & "/" & sOldUser & ",user")
>
> ' rename user
> Set oNewUser = oComputer.MoveHere(oUser.ADsPath, sNewUser)
>
> If Err.Number <> 0 Then
> WScript.Echo "Failed to rename administrator user " & sOldUser
> Else
> WScript.Echo "Administrator user is renamed to " & sNewUser
> End If
>
> On Error Goto 0
>
>
> Function GetAdministratorName
> Dim sUserSID, oWshNetwork, oUserAccount
>
> Set oWshNetwork = CreateObject("WScript.Network")
> Set oUserAccounts = GetObject( _
> "winmgmts://" & oWshNetwork.ComputerName & "/root/cimv2") _
> .ExecQuery("Select Name, SID from Win32_UserAccount" _
> & " WHERE Domain = '" & oWshNetwork.ComputerName & "'")
>
> On Error Resume Next
> For Each oUserAccount In oUserAccounts
> If Left(oUserAccount.SID, 9) = "S-1-5-21-" And _
> Right(oUserAccount.SID, 4) = "-500" Then
> GetAdministratorName = oUserAccount.Name
> Exit For
> End if
> Next
> End Function
>
> Function GenRandomName(iLen)
> Randomize
> Do
> sRS = ""
> For iPos = 1 To iLen
> iChar = Int((69 * Rnd) + 1)
> sRS = sRS & Mid("AEIOUBCDFGHJKLMNPQRSTVWXYZ" _
> & "aeioubcdfghjklmnpqrstvwxyz0123456789()&!$#%", iChar, 1)
> Next
> Loop Until REtest("[A-Z]", sRS) And REtest("[a-z]", sRS) _
> And REtest("\d", sRS) And REtest("[\(\)&\$%#]", sRS)
>
> GenRandomName = sRS
> End Function
>
> Function REtest(patrn, strng)
> Dim oRegEx, retVal ' Create variable.
> Set oRegEx = New RegExp ' Create regular expression.
> oRegEx.Pattern = patrn ' Set pattern.
> oRegEx.IgnoreCase = False ' Set case sensitivity.
> REtest = oRegEx.Test(strng) ' Execute the search test.
> End Function
>
> '--------------------8<----------------------
>
>
> WSH 5.6 documentation (local help file) can be downloaded from here
> if you haven't got it already:
> http://msdn.microsoft.com/downloads/list/webdev.asp
>
> --
> torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
> Administration scripting examples and an ONLINE version of
> the 1328 page Scripting Guide:
> http://www.microsoft.com/technet/scriptcenter/default.mspx
>

It worked!! Thanks!! Place this in a GPO as a Startup script and BAM!! All
local Administrator accounts are changed!! Thanks again!

Relevant Pages

  • Re: Windows local Admin Password
    ... You could do it in a computer startup script that runs ... As long as the Administrator account name is "Administrator", ... Set oWshNet = CreateObject ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Password change script using group policy
    ... local administrator user name and password periodically and doing all ... manually requires lot of time so we can one script to do that while ... Option Explicit: Dim Named, sNewAdminName, sPasswrdAdmin ...
    (microsoft.public.scripting.vbscript)
  • Re: Possible security issue??
    ... Does it work when the built in local administrator account is used which is ... Are there and errors/warnings in the logs that you can ...
    (microsoft.public.win2000.security)
  • Re: Remove Administrator Account from Administrators Group
    ... renaming the administrator account is not really ... rename the local Administrator account. ... A major element of our group policy is that it ...
    (microsoft.public.windows.group_policy)
  • Re: Log on problems on Domain workstations
    ... I have tried a blank password on the administrator account both in safe ... mode and in normal mode. ... evidently they set the local administrator password to the same as the ...
    (microsoft.public.windowsxp.security_admin)
Quantcast