Jump to content

Change administrator name


Recommended Posts


ehhh.... the followed problem do I no have:

The password from the administrator is now un-encrypted in the batch file.

net user Administrator {password}

But is it possible that I make a batchfile with a encrypted password?

Link to comment
Share on other sites

Well...if you're talking about the real administrator account you can have that encrypted in your answer file (winnt.sif) by using setupmgr.exe (Located on your XP disc in \SUPPORT\TOOLS\DEPLOY.CAB). This way you don't have to set the administrator password in a batch file in plain text.

Cheers

Link to comment
Share on other sites

I have already try that!

But if I copy the encrypted text into

net user administrator "encrypted text"

or

net user administrator encrypted text

(without quotes)

the Password is wrong.

(I mean, I must type the complete encrypted text and that's not my hobby)

Link to comment
Share on other sites

If you already have it in the answer file why are you changing the password in a batch file? The encrypted password will only work in the answer file (winnt.sif) during setup. Just set that password to what you want then and you shouldn't have to change it later.

Cheers

Link to comment
Share on other sites

  • 2 weeks later...

I tried to remove the Guest while in windows and its not working.

"Cannot perform operation on built-in accounts"

Even more funny - my windows xp pro is pretty hacked up right now by all kinda worms and friendly hackers :) so i don't have workstation service started??? not even present in the services list but i'm browsing the net how is this possible???

LoooL thats a first one for me :rolleyes:

BTW is this run on GUIRunOnce or RunOnceEx(wich i don't know much) or is it the same thing?

Link to comment
Share on other sites

@wolfshade

I don't think you can remove the built in accounts (Guest and Administrator), you can only rename them.

As an addendum, here is a somewhat more secure way to do the whole thing:

Get netuser.exe, renuser.exe, sdelete.exe, and copypwd.exe. Run copypwd on a machine where your renamed (and passworded) guest and fake adminstrator account are already setup like so:

CopyPwd DUMP >copypwd.txt

The file copypwd.txt now contains all the accounts that where on the machine in the format

accountname:reallylongpasswordhash

Delete all but the two for the renamed guest and the fake administrator account.

Now drop all the files you downloaded including the copypwd.txt you just made into the system32 folder however you like (I use $OEM$\$$\System32 during setup) and run a batch file like this (from whatever part of setup you want, t-13, runonce...etc)

@echo off
echo Renaming/Creating Accounts
renuser guest notguest
net localgroup guests notguest /delete
renuser Administrator admin
net user /add Administrator /active:no /passwordchg:no /passwordreq:yes
netuser Administrator /pwnexp:y
net localgroup users Administrator /delete
copypwd set
sdelete -p 7 %windir%\system32\copypwd.txt
del /F /Q %windir%\system32\copypwd.exe
del /F /Q %windir%\system32\renuser.exe
del /F /Q %windir%\system32\netuser.exe

This will rename the guest account, remove it from the guest group and set a password on the guest account (If you install the .Net framework later it will put it back there FYI). It will also rename the administrators account to something else and create a dummy Administrators account while removing the dummy account from the users group. This way (using copypwd) you're not showing the passwords in plaintext, just the password hashes which I don't really mind since they are disabled accounts anyway.

Cheers

Edited by Jotnar
Link to comment
Share on other sites

Guest zippy

try using CUsrMgr (search in this board)...

CUsrMgr -u "Guest" -r "notGuest" -dlg "Guests" -p
CUsrMgr -u "Administrator" -r "admin" +s MustChangePassword
net user /add "Administrator" /active:no /passwordchg:no /passwordreq:yes times:
CUsrMgr -u "Administrator" -dlg "Users" -p +s PasswordNeverExpires

this will 1.rename built-in Guest to notGuest, remove from Guests localgroup, and set a randowm password.

2.rename built-in Administrator to admin, ask him change password on next logon

3.add dummy Administrator, remove it from Users localgroup, set a random pwd, pwd never expires

i set encrypted pwd in winnt.sif for built-in administrator.

Link to comment
Share on other sites

10x for all u're help guys esp Jotnar

i have a lil problem: i rename the built in administrator with renuser in t-12 and use it but at first logon it tells me that he can't logme with that account name i push ok and just log in (administrator yet i renamed it only!).

Edited by wolfshade
Link to comment
Share on other sites

  • 2 weeks later...

@wolfshade

If you are running the renuser program from a batch file, put a PAUSE command right after the renuser command. That way you should be able to see if it executed or if it had an error.

Cheers

Link to comment
Share on other sites

  • 3 months later...

mmm

I'm still a little bit confused!

in my $OEM$ directory i've a cmdline.txt....and it call RunOnceEx.cmd, that it's executed at the same time of [RunOnce] of WinNT.sif...

...so when "user changes" should be done? Before that i think...

mmm ok...seem that i've menaged this by myself...while writing...

Let me know if its wrong, ok?

mrmr

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...