Solved

Domain Administrator Account renamed. Can't find it anymore

Posted on 2011-09-25
9
1,073 Views
Last Modified: 2016-09-20
Hi Experts,

Some Company's administrator renamed the default Domain Account ADMINISTRATOR. I cannot find it anymore. There anre many users being member of Domain Admins so I can't tell which one is the default administrator.

How can I find the default domain admin account?

Tks!

Rodrigo Garcone
0
Comment
Question by:garconer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 10

Expert Comment

by:SuperTaco
ID: 36596796
Try to look at schema and enterprise admin groups.  
0
 

Author Comment

by:garconer
ID: 36596971
Someone messed up every admin group. Schema and Enterprise has just domain admins group as a member.

I was thinking about if there is a commom SID for every domain administrator account so I can find it using ldp.
0
 
LVL 22

Expert Comment

by:chakko
ID: 36597053
I would check the Profile location on some servers.  When the 'Administrator' account logged on to the server it should have created the profile folder named 'Adminstrator' (for example).

Renaminng the Account in AD will not result in the user profile folder being renamed,  That folder should still be named Administrator.
When you find a suitable server just logon with the other Admin accounts and check the 'Administrator' profile folder.  When have that folder as your profile location folder then you found your original Administrator account.

If you don't have too many 'Admins' then it shouldn't be too much trial-and-error work to find it.

0
PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 36597241
Yes you should be able to find the default admininstrator account by the objectsid attribute

http://support.microsoft.com/kb/243330

SID: S-1-5-21domain-500
Name: Administrator
Description: A user account for the system administrator. By default, it is the only user account that is

so it will have S-1-5-21 {domain identifier} - 500{rid}

That is the same in every domain, see screenshot from my built-in admin account in my lab

Thanks

Mike
builtinAdmin.jpg
0
 

Author Closing Comment

by:garconer
ID: 36597455
That answer proofs why mkline71 is the #1 in active directory session. His answers are always perfect!

Tks very much!
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36598943
Not always perfect....I'm still learning everyday too...but glad to help :)
0
 

Expert Comment

by:hitchineris
ID: 41807578
I am unable to find the administrator account in my domain.  I followed Mike Kline's adfind solution above but queried for sam account name given the SID. Please see attached screen shot.
0
 

Expert Comment

by:hitchineris
ID: 41807606
0
 

Expert Comment

by:hitchineris
ID: 41807649
I just figured out that I was not using my domain in the SID.  I reran the command and found the Administrator account, which had been renamed and removed from the Administrators group.  Thanks for pointing me in the right direction!
0

Featured Post

Get HTML5 Certified

Want to be a web developer? You'll need to know HTML. Prepare for HTML5 certification by enrolling in July's Course of the Month! It's free for Premium Members, Team Accounts, and Qualified Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question