Renaming the Administrator account for the domain

[Guest Phil McNeill]

If the Administrator account for the domain isn't being used for anything

(which really, it shouldn't be), are there any potential pitfalls to

renaming it and adding that one additional hoop a hacker, or virus, would

need to go through to compromise it?

 

Thanks

[Guest Trinity Catholic High School]

RE: Renaming the Administrator account for the domain

 

If you don't use it, you could always disable it. Bear in mind that any

scripts run as administrator, rather than in the administrators group will

fail if you do this.

 

"Phil McNeill" wrote:

> If the Administrator account for the domain isn't being used for anything

> (which really, it shouldn't be), are there any potential pitfalls to

> renaming it and adding that one additional hoop a hacker, or virus, would

> need to go through to compromise it?

>

> Thanks

>

>

>

[Guest Ryan Hanisco]

RE: Renaming the Administrator account for the domain

 

Phil,

 

You'll generally want to disable the Administrator account:

 

Have a look at this article --

http://www.microsoft.com/technet/technetmag/issues/2006/01/SecurityWatch/

And pushing it from GPO --

http://support.microsoft.com/kb/816109

 

Note that this does not apply to the domain administrator account in AD.

Have a look at the security guide for ideas as to how to secure the Domain

Admin.

http://www.microsoft.com/technet/security/guidance/serversecurity/administratoraccounts/aapgch03.mspx

 

 

 

--

Ryan Hanisco

MCSE, MCTS: SQL 2005, Project+

http://www.techsterity.com

Chicago, IL

 

Remember: Marking helpful answers helps everyone find the info they need

quickly.

 

 

"Phil McNeill" wrote:

> If the Administrator account for the domain isn't being used for anything

> (which really, it shouldn't be), are there any potential pitfalls to

> renaming it and adding that one additional hoop a hacker, or virus, would

> need to go through to compromise it?

>

> Thanks

>

>

>