Solved

Domain Administrator Account renamed. Can't find it anymore

Posted on 2011-09-25
9
1,041 Views
Last Modified: 2016-09-20
Hi Experts,

Some Company's administrator renamed the default Domain Account ADMINISTRATOR. I cannot find it anymore. There anre many users being member of Domain Admins so I can't tell which one is the default administrator.

How can I find the default domain admin account?

Tks!

Rodrigo Garcone
0
Comment
Question by:garconer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 10

Expert Comment

by:SuperTaco
ID: 36596796
Try to look at schema and enterprise admin groups.  
0
 

Author Comment

by:garconer
ID: 36596971
Someone messed up every admin group. Schema and Enterprise has just domain admins group as a member.

I was thinking about if there is a commom SID for every domain administrator account so I can find it using ldp.
0
 
LVL 22

Expert Comment

by:chakko
ID: 36597053
I would check the Profile location on some servers.  When the 'Administrator' account logged on to the server it should have created the profile folder named 'Adminstrator' (for example).

Renaminng the Account in AD will not result in the user profile folder being renamed,  That folder should still be named Administrator.
When you find a suitable server just logon with the other Admin accounts and check the 'Administrator' profile folder.  When have that folder as your profile location folder then you found your original Administrator account.

If you don't have too many 'Admins' then it shouldn't be too much trial-and-error work to find it.

0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 36597241
Yes you should be able to find the default admininstrator account by the objectsid attribute

http://support.microsoft.com/kb/243330

SID: S-1-5-21domain-500
Name: Administrator
Description: A user account for the system administrator. By default, it is the only user account that is

so it will have S-1-5-21 {domain identifier} - 500{rid}

That is the same in every domain, see screenshot from my built-in admin account in my lab

Thanks

Mike
builtinAdmin.jpg
0
 

Author Closing Comment

by:garconer
ID: 36597455
That answer proofs why mkline71 is the #1 in active directory session. His answers are always perfect!

Tks very much!
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36598943
Not always perfect....I'm still learning everyday too...but glad to help :)
0
 

Expert Comment

by:hitchineris
ID: 41807578
I am unable to find the administrator account in my domain.  I followed Mike Kline's adfind solution above but queried for sam account name given the SID. Please see attached screen shot.
0
 

Expert Comment

by:hitchineris
ID: 41807606
0
 

Expert Comment

by:hitchineris
ID: 41807649
I just figured out that I was not using my domain in the SID.  I reran the command and found the Administrator account, which had been renamed and removed from the Administrators group.  Thanks for pointing me in the right direction!
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article runs through the process of deploying a single EXE application selectively to a group of user.
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question