Renaming the Administrator account for the domain

[Phil McNeill]

If the Administrator account for the domain isn't being used for anything
(which really, it shouldn't be), are there any potential pitfalls to
renaming it and adding that one additional hoop a hacker, or virus, would
need to go through to compromise it?

Thanks

 

[Trinity Catholic High School]

RE: Renaming the Administrator account for the domain

If you don't use it, you could always disable it. Bear in mind that any
scripts run as administrator, rather than in the administrators group will
fail if you do this.

"Phil McNeill" wrote:

> If the Administrator account for the domain isn't being used for anything
> (which really, it shouldn't be), are there any potential pitfalls to
> renaming it and adding that one additional hoop a hacker, or virus, would
> need to go through to compromise it?
>
> Thanks
>
>
>

 

[Ryan Hanisco]

RE: Renaming the Administrator account for the domain

Phil,

You'll generally want to disable the Administrator account:

Have a look at this article --
http://www.microsoft.com/technet/technetmag/issues/2006/01/SecurityWatch/
And pushing it from GPO --
http://support.microsoft.com/kb/816109

Note that this does not apply to the domain administrator account in AD.
Have a look at the security guide for ideas as to how to secure the Domain
Admin.
http://www.microsoft.com/technet/se...rsecurity/administratoraccounts/aapgch03.mspx



--
Ryan Hanisco
MCSE, MCTS: SQL 2005, Project+
www.techsterity.com
Chicago, IL

Remember: Marking helpful answers helps everyone find the info they need
quickly.


"Phil McNeill" wrote:

> If the Administrator account for the domain isn't being used for anything
> (which really, it shouldn't be), are there any potential pitfalls to
> renaming it and adding that one additional hoop a hacker, or virus, would
> need to go through to compromise it?
>
> Thanks
>
>
>