Solved

How to delete builtin user account from active directory

Posted on 2014-10-08
23
171 Views
Last Modified: 2014-10-10
I have some users accounts that are disabled and not sure who created them  but we need to delete them from AD for the auditors. Is there a way to delete these from AD. The server is 2008 R2
These accounts are have like bogus names to them not like administrator or anything like that..
0
Comment
Question by:vmich
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 12
  • 6
  • 3
  • +1
23 Comments
 
LVL 22

Expert Comment

by:Larry Struckmeyer MVP
ID: 40368211
Please give one or more examples of the "like bogus names".  And what is the auditors objections to "built in accounts"?
0
 
LVL 1

Author Comment

by:vmich
ID: 40368215
it test
krbtgt

No clue what they were ever used for..
0
 
LVL 1

Author Comment

by:vmich
ID: 40368216
Also the accounts are listed under the disabled accounts
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 22

Expert Comment

by:Larry Struckmeyer MVP
ID: 40368221
Those would not appear to be built in accounts.  If disabled, and you have a system state backup I believe they can be removed.  Disabled accounts have no use and would only be reactivated if the users returned to duty.  

Maybe check their group memberships and see if you can trace down what they might have been used for.
0
 
LVL 1

Author Comment

by:vmich
ID: 40368232
When I try to delete them it keeps telling me that builtin accounts cannot be deleted. Even tired via adsiedit but no go..
0
 
LVL 47

Expert Comment

by:noxcho
ID: 40368233
Built in accounts do not have such names. System or Administrator are built in accounts.
0
 
LVL 1

Author Comment

by:vmich
ID: 40368235
I know that that's why I don't understand why it is saying I can delete them because they are built in accounts
0
 
LVL 22

Expert Comment

by:Larry Struckmeyer MVP
ID: 40368240
Can you move them?
0
 
LVL 1

Author Comment

by:vmich
ID: 40368242
yes it lets me move them....
0
 
LVL 13

Expert Comment

by:Gabriel Clifton
ID: 40368261
Do not delete krbtgt, http://windowsitpro.com/security/q-what-krbtgt-account-used-active-directory-ad-environment
I think the account is disabled by default. Just need to worry about it test.
0
 
LVL 1

Author Comment

by:vmich
ID: 40368267
Awesome find thanks..
Just need to figure out how to delete the it test account...
0
 
LVL 13

Expert Comment

by:Gabriel Clifton
ID: 40368292
Does the IT Test account have any additional information with it like description or user logon name? I have found that you can rename a builtin account.
0
 
LVL 1

Author Comment

by:vmich
ID: 40368301
No it does not have any description with it but for the login in it says it@xxxxxxxx
where the x'x are is their domain name...
0
 
LVL 13

Expert Comment

by:Gabriel Clifton
ID: 40368306
Are you able to go into the properties of the account, go to security, add yourself and give yourself full control, then delete.
0
 
LVL 13

Accepted Solution

by:
Gabriel Clifton earned 500 total points
ID: 40368313
Here is a find. A list of all true AD builtin accounts and their SIDs. Check this and see if it was another account renamed / repurposed. http://support.microsoft.com/kb/243330
0
 
LVL 1

Author Comment

by:vmich
ID: 40368390
You got it right again...
It has the beginning sid number for the administrator account so that is why I can delete it. I guess some one renamed it to it test at some point..
Thanks for all your info..
0
 
LVL 1

Author Comment

by:vmich
ID: 40368403
I've requested that this question be closed as follows:

Accepted answer: 0 points for vmich's comment #a40368390

for the following reason:

account was an administrator account before found via sid...
0
 
LVL 1

Author Comment

by:vmich
ID: 40368398
Sorry I clicked on my own instead of yours Clifton for the solution...
How do I change that?
0
 
LVL 13

Expert Comment

by:Gabriel Clifton
ID: 40368404
Object, Author states clicked on wrong comment to accept as solution.
0
 
LVL 1

Author Comment

by:vmich
ID: 40368410
Yes I just sent the moderator the same so that I can resolve this..
Sorry for my screw up
0
 
LVL 13

Expert Comment

by:Gabriel Clifton
ID: 40368413
No problem, it happens.
0
 
LVL 1

Author Closing Comment

by:vmich
ID: 40373624
account was an administrator account before found via sid...
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question