Choosing admin account for SBS 2008

Bert2005
Bert2005 used Ask the Experts™
on
Hi experts,

When I ran SBS 2003, my default Admin account that I used was:

Username: Administrator
Passwd: *******9

I could log into the server using my domain admin account:

Username: xxxxxx
Passwd: *******8

There may have been a built-in Administrator account.

Now with SBS 2008, it is asking for an admin account. It is a little different, so I am confused.

The window asks for a first name, last name, user name and passwords:

Do I put my name and my username which will be the same I used before? Or do I put something like SBS for first name and Administrator for second name and then put Administrator for user name with a different password than mine? I did try that and it wouldn't allow Administrator, because it matched the built-in username which it won't allow me to use anyway. I am completely confused. What I want to do is log in with:

Username: Administrator
Passwd: xxxxxxx9

I know I can log onto the server using my account as I did with SBS 2003, but it will be a different profile.

So, for now, I chose:

Username: admin
Passwd: xxxxxxx8

Am I making too much of this? What would be best practices. I know I should probably have an admin account and run under a account with non-admin privileges.

Thanks in advance.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
well to be honest..
if you are working on the server it doesn't really matter as you only should be working on the server if you really have to. and never just normally   that's what you have clients for.
So I would create 3 accounts..
administrator... (change the password later if you can't create it..
admin (an account for you to do admin with)
normal (your normal user account)
the Administrator is only to be used in emergencies..
the admin is for administration on the server
the normal is for client stuff like day to day work..
if you want to use your client to manage some of the things like users etc. you can delegate rights in the AD and install some of the management tools on your client.
IT Project Leader
Commented:
Hello,

I would rename the built-in administrator account, which is possible through Group Policy. Everyone out there, including hackers, knows the Windows super-user account is 'Administrator'. That account is the key to the castle. Two people, max, should know that password. The administrator rename and password (or how to access the password) should be documented in the server's recovery plan.

Where I work as an IT admin, we all have normal Active Directory accounts for our day-to-day computing tasks. For the administrative stuff we have a '-adm' account, where '-adm' is appended to our normal user name. Example, my normal login would be firebar, which is where I would spend most of my time in, on Windows. To do administrative tasks, I would log on as firebar-adm, which is a separate account for that purpose.

Author

Commented:
Thanks guys. I generally remote into the server from my desktop when I need to. These are all good practices. Part of my question was that SBS 2008 is just slightly different when it asks you for an admin account.

It basically uses the same window that it uses to make user accounts in SBS 2003, e.g.

John Smith
username: jsmith
passwd: xxxxx

It was just a bit different. So, it suggested giving it a first name of SBS and a last name of Administrator (see there it is already different: giving the admin account (the second account that p-nuts suggested), a name. So when you go to log in, it says. SBSAdministrator (Contuso\admin), etc. So, that was my basic question.

Thanks again.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial