Guest Phil McNeill Posted September 18, 2007 Posted September 18, 2007 If the Administrator account for the domain isn't being used for anything (which really, it shouldn't be), are there any potential pitfalls to renaming it and adding that one additional hoop a hacker, or virus, would need to go through to compromise it? Thanks
Guest Trinity Catholic High School Posted September 18, 2007 Posted September 18, 2007 RE: Renaming the Administrator account for the domain If you don't use it, you could always disable it. Bear in mind that any scripts run as administrator, rather than in the administrators group will fail if you do this. "Phil McNeill" wrote: > If the Administrator account for the domain isn't being used for anything > (which really, it shouldn't be), are there any potential pitfalls to > renaming it and adding that one additional hoop a hacker, or virus, would > need to go through to compromise it? > > Thanks > > >
Guest Ryan Hanisco Posted September 19, 2007 Posted September 19, 2007 RE: Renaming the Administrator account for the domain Phil, You'll generally want to disable the Administrator account: Have a look at this article -- http://www.microsoft.com/technet/technetmag/issues/2006/01/SecurityWatch/ And pushing it from GPO -- http://support.microsoft.com/kb/816109 Note that this does not apply to the domain administrator account in AD. Have a look at the security guide for ideas as to how to secure the Domain Admin. http://www.microsoft.com/technet/security/guidance/serversecurity/administratoraccounts/aapgch03.mspx -- Ryan Hanisco MCSE, MCTS: SQL 2005, Project+ http://www.techsterity.com Chicago, IL Remember: Marking helpful answers helps everyone find the info they need quickly. "Phil McNeill" wrote: > If the Administrator account for the domain isn't being used for anything > (which really, it shouldn't be), are there any potential pitfalls to > renaming it and adding that one additional hoop a hacker, or virus, would > need to go through to compromise it? > > Thanks > > >
Recommended Posts