Find renamed builtin local administrator
Hi
Built in local administrator account is renamed and all the description is cleared. In this case how can we find the Built in local administrator accout which is renamed
quick answer highly appreciated.
Built in local administrator account is renamed and all the description is cleared. In this case how can we find the Built in local administrator accout which is renamed
quick answer highly appreciated.
Martin_J_Parker
Use the command "net localgroup administrators" to find which local users have administrator privilege.
Hi,
please check that Blog at
http://blogs.technet.com/b/heyscriptingguy/archive/2005/07/22/how-can-i-determine-if-the-local-administrator-account-has-been-renamed-on-a-computer.aspx
you will find everything what you need.
You can use PsGetSID to receive SIDs
http://technet.microsoft.com/en-us/sysinternals/bb897417
Regards,
Krzysztof
please check that Blog at
http://blogs.technet.com/b/heyscriptingguy/archive/2005/07/22/how-can-i-determine-if-the-local-administrator-account-has-been-renamed-on-a-computer.aspx
you will find everything what you need.
You can use PsGetSID to receive SIDs
http://technet.microsoft.com/en-us/sysinternals/bb897417
Regards,
Krzysztof
ASKER
Hi Martin_J_Parker,
Thank you.
we can get the who are all in local admin group, from them we need to find the renamed bulit in local administrator
Thank you.
we can get the who are all in local admin group, from them we need to find the renamed bulit in local administrator
Its like iSiek states...
You need to find a SID that begins with S-1-5- and end with -500
That is the SID of the local admin...
That will tell you what the account name is of the builtin admin.
You need to find a SID that begins with S-1-5- and end with -500
That is the SID of the local admin...
That will tell you what the account name is of the builtin admin.
ASKER
Hi
I need to check it on 2000, 2003 and 2008 servers.
I need to check it on 2000, 2003 and 2008 servers.
If you use script specified on that page you can do that using
strComputer variable. Place there name for a server which you want to examine and that's all
You can also use text file with computers but you need to rebuilt script a little bit. Procedure for reading hosts from file at MS page at
http://technet.microsoft.com/en-us/library/ee692821.aspx
Krzysztof
strComputer variable. Place there name for a server which you want to examine and that's all
You can also use text file with computers but you need to rebuilt script a little bit. Procedure for reading hosts from file at MS page at
http://technet.microsoft.com/en-us/library/ee692821.aspx
Krzysztof
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Its not 100 % solution