?
Solved

rename administrator account on all servers and workstations on a domain by gpo ?

Posted on 2016-11-03
5
Medium Priority
?
153 Views
Last Modified: 2016-11-22
Hi,

With new domain controllers (2012 and 2016) and new workstations ( Win 7, 8 & 10 )
Is there a best way to rename the administrator by GPO and/or a shell cmd to apply it to all ?

Regards
0
Comment
Question by:rmailloux
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 97

Expert Comment

by:Experienced Member
ID: 41872376
In all the machine and operating systems you name, the "administrator" account is disabled and should remain this way. There is no need and no advantage to renaming a disabled account as it cannot be used anyway,
0
 
LVL 56

Expert Comment

by:McKnife
ID: 41872413
https://technet.microsoft.com/en-us/library/cc747484(v=ws.10).aspx is the documentation that you are looking for.
0
 
LVL 39

Accepted Solution

by:
Philip Elder earned 2000 total points
ID: 41872674
The simplest way is to create a Group Policy Object, name it, and link it to the OU the machines are located in.

Use Group Policy Preferences to disable, rename, or remove the local Administrator account from the default group.

We use the Microsoft Local Administrator Password Solution (LAPS) to manage local admin passwords, expiration policy, usage policy, and more. It's an excellent tool.
0
 

Author Closing Comment

by:rmailloux
ID: 41897402
This is what i did, tks
0
 
LVL 56

Expert Comment

by:McKnife
ID: 41897408
Two ways offered, only one valid? Please explain :-)
0

Featured Post

Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Hey fellow admins! This time, I have a little fairy tale for you. As many tales do, it starts boring and then gets pretty gory. I hope you like it. TL;DR: It is about an important security matter, you should read it if you run or administer Windows …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question