• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 645
  • Last Modified:

Taking over an SBS 2011 standard server / domain - can I change the administrator password?

I am taking over an SBS 2011 standard server and related network for 5 users. I disabled the previous tech's domain account.  I saw there are some mail enabled contacts for the techs from that firm. For now, I edited the emails for them to point to me (I am thinking there are reports that may be going to those addresses?).

Can I change the domain administrator account password?  OR I thought that the administrator account is used in some apps / stored elsewhere and changing the password will break things? Or am I mistaken?

How do I make sure all the reports (SBS, Dell OMSA, etc.) don't go to them anymore?

3 Solutions
Daniel HelgenbergerCommented:
Really quite hard to tell! If the previous tech did a clean job, then changing the domain admin account password has no effect on other services (it really should be that way!)
But, if this password is 'stored' and used for instance with this account for some services, then this will break these.
You really don't know until you change it. The best would be to talk to the old tech; but in case this is not possible:
Change it, identify any broken services and then change it back to the old PW. Then fix the services (I know, easier said then done).

The way I see it it is your job to get things right there!
If you are in the process then I also recommend setting up an email distribution group like admin@yourcompany.com. Put your account there and forward the mail from the old tech to that mail group, if possible (you can even do this if they go outside your domain; but this is a different question). This way you learn from the incoming reports the services you need to change (to admin@yourcompany.com).
BeGentleWithMe-INeedHelpAuthor Commented:
thanks!  some questions -

how would you identify services thata break?  The event log? print the list of services now, chang the password, reboot and then see what services aren't running vs. what were running earlier?  But both won't catch services that don't run all the time.

Go through the list of services and set them to the new password (most services dont' use administrator account right?  they use local system?

you say 'change it back to the old PW'.  change the service? or the administrator account?  and what if you don't know the administrator account now (part of why you want to change it, part so its different from old tech has).
Cris HannaCommented:
Are you talking about the true "Administrator" account? or the SBS Admin account that is created during the install process.   By default, the Administrator is supposed to be disabled as a security precaution.    If you're talking account created during install, if you change the password in the SBS console and it shouldn't be an issue
Gary ColtharpSr. Systems EngineerCommented:
As CrisHanna stated, Administrator should be disabled but I know this doesnt happen on a migration. Open services.msc and  look at the credentials column for all services and make sure none are using Administrator for logon. If they are not, then disable the account.

Make yourself a new Network Administrator account with a strong password and you should be golden.


Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now