How to Rename Administrator Account using GPO
In this article, I will show you how to rename administrator account using GPO (Group Policy). We will create a GPO and link it to an OU that will rename the local administrator account on domain joined computers.
When you install any Windows operating system, the default administrator account is disabled. You should never log on with the built-in administrator account. You must use your own administrative account instead. Furthermore, you can enable the administrator account using multiple methods. However, it’s not recommended unless you really need to access this account.
Renaming the administrator account will reduce the chance of brute force assaults, enhancing security in your Active Directory network. Group Policy makes it simple to rename the administrator account on all PCs in your AD domain.
Why should you rename the Local Administrator Account?
https://www.truecrimecollectors.com/showthread.php?tid=55
https://itrunsintheblood.bplaced.net/awake/showthread.php?tid=35
http://hondaikmciledug.co.id/HRIS/showthread.php?tid=11
http://yonghengro.gain.tw/viewthread.php?tid=70782&extra=
http://yonghengro.gain.tw/viewthread.php?tid=127195&extra=
http://yonghengro.gain.tw/viewthread.php?tid=88090&extra=
http://forum2.extremum.org/viewtopic.php?f=5&t=2468
http://forum2.extremum.org/viewtopic.php?f=5&t=20780
http://forum2.extremum.org/viewtopic.php?t=76288
http://forum2.extremum.org/viewtopic.php?t=76994
https://tasarhoa.com/hoa/viewtopic.php?t=59188
https://tasarhoa.com/hoa/viewtopic.php?t=42303
The administrator account exists on all Windows 10 and Windows 11 desktop editions (Home, Pro, Enterprise, and Education). Administrator accounts have privileged access to systems. As a recommended security practice, renaming the account makes it slightly more difficult for attackers to guess this username and password combination.
Steps to Rename Administrator Account using GPO
Let’s look at the steps to rename administrator account using Group Policy. First, launch the Group Policy Management console on the server. If you are a domain administrator, you can log in to either the domain controller or to a member server with GPMC installed.
There are two important points that I would like to highlight here:
- You should not edit the default domain policy in this case, as the settings will apply to the entire AD domain.
- The best practice that is followed in many organizations is creating a new GPO and then applying it to a selected OU.
In the Group Policy Management console, expand your domain and navigate to Group Policy Objects. We will first create a new GPO that will rename the built-in administrator account, and then link this GPO to an OU. Right click Group Policy Objects and select New.
Enter the GPO name as “Rename Local Administrator” and click OK.
You should find the newly created GPO under Group Policy Objects. Right-click Rename Local Administrator GPO and select Edit.
In the Group Policy Management Editor, navigate to Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Security Options. In the right pane, look for the policy Accounts: Rename administrator account. Right-click this policy setting and select Properties.
Accounts: Rename administrator account: This security setting determines whether a different account name is associated with the security identifier (SID) for the account Administrator. The BUILTIN\Administrator account always has a relative identifier (RID) of 500. Renaming the well-known Administrator account makes it slightly more difficult for unauthorized persons to guess this privileged username and password combination.
On the rename administrator account properties window, check the option “Define this policy setting” and enter the local administrator name. Ensure the administrator name doesn’t include any symbols or special characters. Click Apply and OK. Close the group policy management editor.
https://www.wwcs.eu/wwcs/modules/wwcs-gun/images/default-source/wwcs/gallery-5-5
http://xavierdeschamps.free.fr/Escalade/Forum_escalade/viewtopic.php?pid=12352
http://xavierdeschamps.free.fr/Escalade/Forum_escalade/viewtopic.php?id=57
http://xavierdeschamps.free.fr/Escalade/Forum_escalade/viewtopic.php?pid=5754
https://www.trinitymissionsusa.com/board/board_topic/8824286/5636880.htm
https://www.trinitymissionsusa.com/board/board_topic/8824286/5662767.htm
http://vrn.best-city.ru/forum/thread540088817/
http://vrn.best-city.ru/forum/thread540088889/
http://katusclub.tmweb.ru/forum/messages/forum23/topic417/message52787/#message52787
https://katusclub.tmweb.ru/forum/topic/add/forum22/
http://katusclub.tmweb.ru/forum/messages/forum23/topic655/message15384/#message15384
Link the Group Policy Object to OU
It is necessary to apply or link the GPO that we created in the previous step to an OU. It’s best to test the policy on a small group of computers before expanding it to a larger group, though you can link it to the entire domain if necessary. Right-click an OU in the Group Policy Management console and select “Link an Existing GPO.”
You must select a GPO to link it to the OU. In this case, select Rename Local Administrator and link it to the OU. Click OK.
We see the scope of the GPO is applied to authenticated users.
Update Group Policy and Verify the GPO on Client Computers
In this step, we will refresh the group policy on computers and verify if GPO has renamed the administrator account. By default, the Group Policy update interval is 90 minutes for AD domain joined computers, and you may modify the Group Policy Refresh Interval if required.
Comments
Post a Comment