Solved

After renaming Local Admin Account, cannot run NETDOM renamecomputer anymore

Posted on 2011-09-27
2
878 Views
Last Modified: 2012-08-13
Hi Experts,

I can successfully run the following command to rename a Windows XP that's domain's member:

NETDOM renamecomputer pc01 /newname:dekstop01 /userD:domain\administrator /passwordD:1234 /userO:administrator /passwordO:1234

But if I use GPO to rename admin account to localadmin and run again the command above this time changing /userO:administrator to /userO:localadmin, the command does not complete and returns the following error:

"Logon failure: the user has not been granted the requested logon type at this computer"

I think there might be some local policies at the windows xp that are related to administrator account nominally and, then, when renaming it, it screws things up. Does it make any sense?

It it does, do you guys know how to correct the system policies? All domain's computers have local admin renamed, so the answer "rename local admin account back to administrator" is not an acceptable answer due to company's security policies.
0
Comment
Question by:garconer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 10

Accepted Solution

by:
abhijitwaikar earned 500 total points
ID: 36714140
Try below on XP machine which has localadmin account before renaming :
Error: Logon failure: the user has not been granted the requested logon type at this computer

Download the following and install it Windows Server 2003 Resource Kit Tools
http://go.microsoft.com/fwlink/?LinkId=4544 

after installation is complete, click on: Start, All Programs, Windows Resource Kit Tools, Command Shell then enter the following commands. (Attention: they are case sensitive.)

net user guest /active:yes
ntrights +r SeNetworkLogonRight -u Guest
ntrights -r SeDenyNetworkLogonRight -u Guest

The first command enables network access for Guest, the two subsequent ones change two different policies to allow network access for Guest.

Regards,
Abhijit Waikar.
0
 

Author Closing Comment

by:garconer
ID: 36714160
That's it! Thanks for your help
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question