Change NT Administrator Password

Posted on 2005-04-18
Last Modified: 2010-04-10

Due to a securtity breach I need to change the administrator password.

Are there any major issues I need to be aware of?

I have checked all service accounts and made them good. I have a few SQL DB's that have domain/administrator as the owner. What will happen to these?

How is user manager/server manager controlled? I need to make sure these cant be accessed from client machines with the NT tools installed.

My plan is to disable the account and create a new one and put that in domain admins. This way I can set it all back if eveything starts to crash around my ears!

I'll split points to anyone who can give me any decent suggestions.

Thanks Experts!

Question by:yvsupport
    LVL 5

    Assisted Solution

    1.) You can't disable the administrator account, you can rename the administrator account, but not disable it.
    2.) I would change my SQL accounts to use a dedicated service account instead of Administrator, for instances just like this.
    3.) If you decide to keep the Admin as the DB account the services will need to be restarted.
    4.) Verify that the Admin account isn't logged in somewhere in the network, it can't lock the account out, but if it continues to try to refresh with a bad password your security logs will fill up.
    5.) I would suggest creating another account that has equivalent permissions as Admin and use it primarily.

    LVL 13

    Accepted Solution

    It shouldnt cause a problem if change the administrators password.  The only problem you will run into are scheduled tasks, If you setup a username and passwords for some scheduled tasks (ex. Backups)  you will have to reset the username/password or it will not run.

    Any Services that required you to enter a username/password will not startup unless you go to the service and click properties and reset the administrators password.

    If you want to make a new administrator account.  I would just right click the existing administrator account and click copy and create a new one, that way they are members of all the same groups.  Once again any folder that you have gave permissions to just the Administrator Account will have to be changed to the Administrators group or the new administrator account.  Any of the scheduled tasks/ services will also have to be changed as mentioned above.

    The administrator account cannot be deleted so you will diable it.  If you notice anything not working due to permissions which are using the administrator account you can always enable the account and everyting will work fine again.
    LVL 9

    Assisted Solution

    Hi yvsupport,

     Agree with 2hype, changing the admin password should only have an effect on accounts that are using the old password, like shares etc. But that gives you an idea on who might have comprimised the system.

    LVL 8

    Assisted Solution


    actually that wont affect shares at all. the administrator profile will not change at all. only change will be what you type in for the administrator password when prompted. all other aspects of the server will remain unchanged.
    just dont forget your new password :)

    the SQL databases will not be affected. this is profile based, designed to allow such security changes.

    user/server manager can only be used by someone with administrator privelidges. changing the password would effectively deny access to all who do not know the active password.

    creating another account and placing it in the administrators group should only be done for accountability. if someone other than yourself truly needs local administrator privelidges, then this is the correct practice. with his own admin account you can track access through the logfiles.

    hope this helps :)
    LVL 8

    Assisted Solution


    incase of a breach i would first and immediatley remove the server from the network, then scan and assess damage. spyware scanners alone will not suffice for sensitive data. incase of a remote attack from the internet.... the kernel needs to be inspected too, run a system repair to insure a root hack was not performed as these will not show as a virus or spyware. (root hack is terminology used when someone modifies the core of the computer instead of simply installing a backdoor or virus)

    right before it was placed back on the network i would then change the administrator password and any other that are high security (power users, backup operators....)
    LVL 3

    Expert Comment

    Older backup programs often need to know a password to perform a successful backup job.  Look into this before you go too many days without a good backup

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    What is IRC? IRC (Internet Relay Chat) is a form of communication between multiple users. It is available freely to anyone with inernet access. IRC is a great way to communicate with others e.g. There is an IRC channel for Ubuntu Linux, which is fo…
    PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    8 Experts available now in Live!

    Get 1:1 Help Now