Solved

How to delete builtin user account from active directory

Posted on 2014-10-08
23
141 Views
Last Modified: 2014-10-10
I have some users accounts that are disabled and not sure who created them  but we need to delete them from AD for the auditors. Is there a way to delete these from AD. The server is 2008 R2
These accounts are have like bogus names to them not like administrator or anything like that..
0
Comment
Question by:vmich
  • 12
  • 6
  • 3
  • +1
23 Comments
 
LVL 21

Expert Comment

by:Larry Struckmeyer MVP
Comment Utility
Please give one or more examples of the "like bogus names".  And what is the auditors objections to "built in accounts"?
0
 

Author Comment

by:vmich
Comment Utility
it test
krbtgt

No clue what they were ever used for..
0
 

Author Comment

by:vmich
Comment Utility
Also the accounts are listed under the disabled accounts
0
 
LVL 21

Expert Comment

by:Larry Struckmeyer MVP
Comment Utility
Those would not appear to be built in accounts.  If disabled, and you have a system state backup I believe they can be removed.  Disabled accounts have no use and would only be reactivated if the users returned to duty.  

Maybe check their group memberships and see if you can trace down what they might have been used for.
0
 

Author Comment

by:vmich
Comment Utility
When I try to delete them it keeps telling me that builtin accounts cannot be deleted. Even tired via adsiedit but no go..
0
 
LVL 46

Expert Comment

by:noxcho
Comment Utility
Built in accounts do not have such names. System or Administrator are built in accounts.
0
 

Author Comment

by:vmich
Comment Utility
I know that that's why I don't understand why it is saying I can delete them because they are built in accounts
0
 
LVL 21

Expert Comment

by:Larry Struckmeyer MVP
Comment Utility
Can you move them?
0
 

Author Comment

by:vmich
Comment Utility
yes it lets me move them....
0
 
LVL 13

Expert Comment

by:Gabriel Clifton
Comment Utility
Do not delete krbtgt, http://windowsitpro.com/security/q-what-krbtgt-account-used-active-directory-ad-environment
I think the account is disabled by default. Just need to worry about it test.
0
 

Author Comment

by:vmich
Comment Utility
Awesome find thanks..
Just need to figure out how to delete the it test account...
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 13

Expert Comment

by:Gabriel Clifton
Comment Utility
Does the IT Test account have any additional information with it like description or user logon name? I have found that you can rename a builtin account.
0
 

Author Comment

by:vmich
Comment Utility
No it does not have any description with it but for the login in it says it@xxxxxxxx
where the x'x are is their domain name...
0
 
LVL 13

Expert Comment

by:Gabriel Clifton
Comment Utility
Are you able to go into the properties of the account, go to security, add yourself and give yourself full control, then delete.
0
 
LVL 13

Accepted Solution

by:
Gabriel Clifton earned 500 total points
Comment Utility
Here is a find. A list of all true AD builtin accounts and their SIDs. Check this and see if it was another account renamed / repurposed. http://support.microsoft.com/kb/243330
0
 

Author Comment

by:vmich
Comment Utility
You got it right again...
It has the beginning sid number for the administrator account so that is why I can delete it. I guess some one renamed it to it test at some point..
Thanks for all your info..
0
 

Author Comment

by:vmich
Comment Utility
I've requested that this question be closed as follows:

Accepted answer: 0 points for vmich's comment #a40368390

for the following reason:

account was an administrator account before found via sid...
0
 

Author Comment

by:vmich
Comment Utility
Sorry I clicked on my own instead of yours Clifton for the solution...
How do I change that?
0
 
LVL 13

Expert Comment

by:Gabriel Clifton
Comment Utility
Object, Author states clicked on wrong comment to accept as solution.
0
 

Author Comment

by:vmich
Comment Utility
Yes I just sent the moderator the same so that I can resolve this..
Sorry for my screw up
0
 
LVL 13

Expert Comment

by:Gabriel Clifton
Comment Utility
No problem, it happens.
0
 

Author Closing Comment

by:vmich
Comment Utility
account was an administrator account before found via sid...
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Join & Write a Comment

Recently, I was asked to look into SCCM 2007 by my employer, having a degree of experience of earlier versions of SMS and some previous SCCM knowledge I didn't expect the procedure to involve to much time. I read a number of guides concerning it…
I had a question today where the user wanted to know how to delete an SSL Certificate, so I thought that I would quickly add this How to! Article for your reference. WHY WOULD YOU WANT TO DELETE A CERTIFICATE? 1. If an incorrect certificate was …
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now