Solved

After renaming Local Admin Account, cannot run NETDOM renamecomputer anymore

Posted on 2011-09-27
2
876 Views
Last Modified: 2012-08-13
Hi Experts,

I can successfully run the following command to rename a Windows XP that's domain's member:

NETDOM renamecomputer pc01 /newname:dekstop01 /userD:domain\administrator /passwordD:1234 /userO:administrator /passwordO:1234

But if I use GPO to rename admin account to localadmin and run again the command above this time changing /userO:administrator to /userO:localadmin, the command does not complete and returns the following error:

"Logon failure: the user has not been granted the requested logon type at this computer"

I think there might be some local policies at the windows xp that are related to administrator account nominally and, then, when renaming it, it screws things up. Does it make any sense?

It it does, do you guys know how to correct the system policies? All domain's computers have local admin renamed, so the answer "rename local admin account back to administrator" is not an acceptable answer due to company's security policies.
0
Comment
Question by:garconer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 10

Accepted Solution

by:
abhijitwaikar earned 500 total points
ID: 36714140
Try below on XP machine which has localadmin account before renaming :
Error: Logon failure: the user has not been granted the requested logon type at this computer

Download the following and install it Windows Server 2003 Resource Kit Tools
http://go.microsoft.com/fwlink/?LinkId=4544 

after installation is complete, click on: Start, All Programs, Windows Resource Kit Tools, Command Shell then enter the following commands. (Attention: they are case sensitive.)

net user guest /active:yes
ntrights +r SeNetworkLogonRight -u Guest
ntrights -r SeDenyNetworkLogonRight -u Guest

The first command enables network access for Guest, the two subsequent ones change two different policies to allow network access for Guest.

Regards,
Abhijit Waikar.
0
 

Author Closing Comment

by:garconer
ID: 36714160
That's it! Thanks for your help
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question