?
Solved

After renaming Local Admin Account, cannot run NETDOM renamecomputer anymore

Posted on 2011-09-27
2
Medium Priority
?
881 Views
Last Modified: 2012-08-13
Hi Experts,

I can successfully run the following command to rename a Windows XP that's domain's member:

NETDOM renamecomputer pc01 /newname:dekstop01 /userD:domain\administrator /passwordD:1234 /userO:administrator /passwordO:1234

But if I use GPO to rename admin account to localadmin and run again the command above this time changing /userO:administrator to /userO:localadmin, the command does not complete and returns the following error:

"Logon failure: the user has not been granted the requested logon type at this computer"

I think there might be some local policies at the windows xp that are related to administrator account nominally and, then, when renaming it, it screws things up. Does it make any sense?

It it does, do you guys know how to correct the system policies? All domain's computers have local admin renamed, so the answer "rename local admin account back to administrator" is not an acceptable answer due to company's security policies.
0
Comment
Question by:garconer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 10

Accepted Solution

by:
abhijitwaikar earned 2000 total points
ID: 36714140
Try below on XP machine which has localadmin account before renaming :
Error: Logon failure: the user has not been granted the requested logon type at this computer

Download the following and install it Windows Server 2003 Resource Kit Tools
http://go.microsoft.com/fwlink/?LinkId=4544 

after installation is complete, click on: Start, All Programs, Windows Resource Kit Tools, Command Shell then enter the following commands. (Attention: they are case sensitive.)

net user guest /active:yes
ntrights +r SeNetworkLogonRight -u Guest
ntrights -r SeDenyNetworkLogonRight -u Guest

The first command enables network access for Guest, the two subsequent ones change two different policies to allow network access for Guest.

Regards,
Abhijit Waikar.
0
 

Author Closing Comment

by:garconer
ID: 36714160
That's it! Thanks for your help
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question