• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 272
  • Last Modified:

Changing Administrator password

I recently became the network admin for our company and find it is necessary & urgent to change the Administrator password for our Windows2000 servers.  The problem is there is no documentation regarding what programs have been installed using this password; whether any may be affected by the change; or if the workstations will be affected.  After searching the net for info, I am at a loss because of the conflicting info--some say go ahead there will be no further changes needed--some say there may be programs that are affected and will not run.  Any help regarding Administrator password changing would be appreciated.
1 Solution
I have an Windows2000 server,
I changed the Administrator password several times, and had no problem with any program, neither any of the workstations, I also uninstalled several programs....
I believe you will not have any problem changing password.
You should not have any problem changing the admin account password. Most server apps that need a user account such as backup exec allow you to create a new account specific to the application during the install. You could just change it and if s**t hits the fan, change it back and correct the problems.
agreed there, change it - and see if it breaks anything, if so, not the programs and go check which appicatoins / services are running under administrator - some programs default to using the administrator account to run services, this is not necessarily a good thing, but if done will most likely require some changes for those services...

most of the implications can be taken care of within the service manager. just take note of everything you change / make a full backup as u go to make this change
Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

Hi mmmarcel, before you change the admin passord, make sure you consult first with all the application owner in your server. I work before as an admin for a win2K server. I found that certain application cannot run if you change the admin password, esspecially backup program such as Veritas as the admin password is set in the program so that backup/restoration can proceed without user interactive.
To be safe, run a full backup on your server first before you try to change the admin password. If anything go wrong, at least you can restore back your system from the backup. The key is to identify which applications that need admin priviledge to run and make sure you change the admin password for the application too when you change your admin password.
Good luck.
Dave HoweSoftware and Hardware EngineerCommented:
Backup software is a good example of software that depends on a priviledged password to run; usually, this is stored per job, so it is easy enough to fix
Services can often run as admin or an admin clone - check autostart services; ideally, make a new admin clone for any currently running as admin, give it a *hard* password (say 16 randomly generated characters) and move the services to run under that account.
Finally check other machines - other priviledged users on other machines may have shares that rely on the admin password; again, probably best that these don't use the admin password anyhow, as remote machines have no business linking as admin unless they are part of the same domain - in which case their password will change in sync.

As a passing thought - if this is a standalone or AD domain controller, there will only be one set of passwords, but if it is a member server it may well have two - local and domain.
Just change the admin password. The rediculous security of programs running under 'administrator' never check for change of password, they just run as the 'administrator'.

Problems arise when you play with the permissions of the administrator, but that is not what you are doing here. Changing the password will have zero effect on the running of your programs.
I agree that there should be no issue, and that you ought to just do the change and see what breaks.  Sometimes an app. will be defined, even in a .bat, to login with ID and password even in clear text. As this is not necessary, and as it is also a clear breach in security, it is advisable to identify such applications and remove them from dis-service, so the quicker you start taking control here the better.
mmmarcelAuthor Commented:
Thanks to everyone who posted their suggestions. Practically everyone gave the same - go ahead and change it; so I did this weekend & so far everything is fine!
To be fair, will accept first comment posted(friend002) as an acceptable answer.

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now