Progamatically review local users, find default (built in) administrator, change the username, then change the password
Posted on 2003-03-07
Regarding administrator accounts on local machines that are part of a mixed NT/2000 domain.
Currenty I am pushing an VB program using SMS that simply uses cusrmgr to rename the local administrator then changes the password. I have some concerns though.
1) I am cannot verify that "Administrator" is the built in administrator - i.e. someone renames it.
2) There is no error checking, I have no idea if I am successfull or not.
3) Some instances of renameing are occuring, but the password remains the older password.
I would like to do the following:
1) List all users in the "Local Administrators" group for each client computer
2) Find the built in admin (read that it can be id with sid ending in 500, but this is not always true)
3) Change the username of the built in administrator
4) Change the password of the built in administrator
5) Handle/report errors
6) Write a file of all users in "Local Administrators" group.
Any help would be appriciated.