Rudi1 Posted November 7, 2009 Share Posted November 7, 2009 Not really,so far I am use administrator account several years and no problems.I hate UAC popup windows and all other UAC stuff! Link to comment Share on other sites More sharing options...
biatche Posted November 8, 2009 Share Posted November 8, 2009 Oh and that's something else I've been meaning to ask since I skipped Vista. I have seen this UAC thing mentioned many times, and came to the understanding that most people don't use an administrator account, in XP, i never bother creating normal user accounts.. so what's the verdict in vista/win7. Is it necessary at all? Or is it for those folks who don't know what they are doing? Link to comment Share on other sites More sharing options...
MAVERICKS CHOICE Posted November 8, 2009 Share Posted November 8, 2009 Generally speaking the administrator account in Vista & W7 is not accessible by default. In Vista & W7 you must create a user, they can have administrative privileges. Their are ways to enable the admin account as recently posted on this board. Link to comment Share on other sites More sharing options...
MrJinje Posted November 9, 2009 Share Posted November 9, 2009 (edited) Generally speaking the administrator account in Vista & W7 is not accessible by default. In Vista & W7 you must create a user, they can have administrative privileges. Their are ways to enable the admin account as recently posted on this board.While M$ claims you are safer having it disabled, there are others who will claim you are no safer than if you had simply renamed your Administrator account. (via control userpasswords2) Both situations will prevent malicious software from hacking an account called "Administrator", now malicious programmers not only need to crack the password, but also need to guess the account name. All this is assuming said malicious software actually attacks via user/password, instead of buffer exploit like a normal piece of malware.If said malware can access you non-administrator user account (which in M$ infinite wisdom has local administrator privileges), your false sense of security is out the window (pun not intended), as hacking any account with Local Admin rights will allow malicious software full access. I rank this up there with "Editing the Registry can cause catastrophic failure", sure technically that is true, but has it ever stopped anyone ? Edited November 9, 2009 by MrJinje Link to comment Share on other sites More sharing options...
maxXPsoft Posted November 9, 2009 Share Posted November 9, 2009 (edited) I personally don't use Administrator but I do turn LUA off and I think It's just as powerful as that Admin account who couldn't delete folder's i couldn't delete. I develop and I need to have an account which be on same level as 99.9% out there. Gives me better perspective and my Admin account does have a Pass I set with my XmlI'd like to know just what is the difference between Administrator and a local Admin Edited November 10, 2009 by maxXPsoft Link to comment Share on other sites More sharing options...
MrJinje Posted November 10, 2009 Share Posted November 10, 2009 (edited) I'd like to know just what is the difference between Administrator and a local AdminAdministrator is a "Built-in account for administering the computer", it derives it power from being a member of the "Administrators" group.A local administrator is "Administrator" and/or any other user account on the local machine in the "Administrators" group. Everyone in the Administrators group is equally powerful. By default, the "Administrator" account is disabled and the user created by setup is in the "Administrators" group.Notice that security on C:\Windows Directory has no permission entries for "Administrator" account but instead an entry for "Administrators" group. If you remove Administrator from the Administrators group, you would not be able to do much. Edited November 10, 2009 by MrJinje Link to comment Share on other sites More sharing options...
maxXPsoft Posted November 10, 2009 Share Posted November 10, 2009 (edited) You read pretty much what i have read.It is a good account to keep in reserve for troubleshooting purposes.By remaining relatively untouched, it is very likely that you will be able to log onto this account if/when the other accounts become damaged or inaccessible.Another benefit of knowing this method is to keep the hidden Administrator account as a 'back door', for example, if you inadvertently lock out your main account. Sitting there at your computer, you can never believe that you will be so foolish as to lock yourself out, yet logic dictates that somewhere in the world today, someone has just done that: locked themselves out. Would not they like to know how to activate the administrator account?Boot to Safe mode no pass on Administrator account by defaultalso the whoami vs Administrator. My account is identicalWhoami_vs_Administrator_Nov-09-2009So I have decided that instead of typing out all that mess maybe I'll just call myself Admin. Edited November 10, 2009 by maxXPsoft Link to comment Share on other sites More sharing options...
cluberti Posted November 10, 2009 Share Posted November 10, 2009 Note there are two major differences- the actual local Administrator account gets a full admin token on logon, whereas an Administrative group account gets a pseudo-token and is still affected by UAC and it's security (unless you of course disable UAC). Also, the admin account has a well-known SID GUID, and it's disabled (and a new user is made an administrator on install) to try and mitigate attacks that target the Administrator account, both by name AND by it's SID. Link to comment Share on other sites More sharing options...
MrJinje Posted November 18, 2009 Share Posted November 18, 2009 (edited) Note there are two major differences- the actual local Administrator account gets a full admin token on logon, whereas an Administrative group account gets a pseudo-token and is still affected by UAC and it's security (unless you of course disable UAC). Also, the admin account has a well-known SID GUID, and it's disabled (and a new user is made an administrator on install) to try and mitigate attacks that target the Administrator account, both by name AND by it's SID.Here is good article detailing what Cluberti is touching on.http://technet.microsoft.com/en-us/magazine/2007.06.acl.aspxEDIT:Relevanthttp://www.msfn.org/board/topic/144776-unable-to-open-an-elevated-windows-explorer-window/ Edited September 11, 2013 by MrJinje Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now