?
Solved

Event ID 1053 - Server 2003

Posted on 2007-03-27
6
Medium Priority
?
231 Views
Last Modified: 2010-04-18
As a recommended security measure I have changed the Administrator logon name to XXXXX, but since doing this I am getting an Event error in the Application log saying Event ID: 1053 Cannot determine the User or Computer name, Group Policy Aborting.

Unfortunately it doesn't say which computer or user it is complaining about, but it only started doing it after I changed the Admin login name.

Is there any way to find out which computer or user it is complaining about.

what is the correct process to change the login name of the Administrator to something else.

0
Comment
Question by:Steveh24
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 70

Expert Comment

by:KCTS
ID: 18804004
To change the name of the Administrator account see http://support.microsoft.com/kb/816109
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 18804079
Steveh24,

Have you checked for any services running under the admin account?

Regards,

James
0
 

Author Comment

by:Steveh24
ID: 18815175
KCTS - This is the document I followed in the first instance, which has resulted in the problem I have now.

A friend of mine who is a System Administrator has told me to approach this in a different way, so I have deleted the GPO that I created and put everything back the way it was, then I changed the Administrator password to something very long and complicated, as I won't be using this account to administer the system, then I created a new user account and made it a member of all the groups that the Administrator account belongs to with a reasonably complex password that I can remember.

This should in theory make the sysytem a little more secure as the Administrator password is unlikely to be broken and the account I created for admin purposes does not have a SID address ending in 500, so is less likely to be a target for hackers.

Thanks for everyones input, but looks like I solved it myself.

0
 

Author Comment

by:Steveh24
ID: 18815183
I also forgot to mention that since implementing the measures in my previous post the errors in the Application log have now ceased.
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 19304485
PAQed with points refunded (125)

Computer101
EE Admin
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question