Andries Posted May 6, 2004 Author Share Posted May 6, 2004 Yes! Great! It works...I have got the dutch windows XP PRO version.And I try to remove "users" but it is "gebruikers" But It works! Thank you! Link to comment Share on other sites More sharing options...
Andries Posted May 12, 2004 Author Share Posted May 12, 2004 ehhh.... the followed problem do I no have:The password from the administrator is now un-encrypted in the batch file.net user Administrator {password}But is it possible that I make a batchfile with a encrypted password? Link to comment Share on other sites More sharing options...
Jotnar Posted May 12, 2004 Share Posted May 12, 2004 Well...if you're talking about the real administrator account you can have that encrypted in your answer file (winnt.sif) by using setupmgr.exe (Located on your XP disc in \SUPPORT\TOOLS\DEPLOY.CAB). This way you don't have to set the administrator password in a batch file in plain text.Cheers Link to comment Share on other sites More sharing options...
Andries Posted May 13, 2004 Author Share Posted May 13, 2004 I have already try that!But if I copy the encrypted text into net user administrator "encrypted text" ornet user administrator encrypted text (without quotes)the Password is wrong.(I mean, I must type the complete encrypted text and that's not my hobby) Link to comment Share on other sites More sharing options...
Jotnar Posted May 13, 2004 Share Posted May 13, 2004 If you already have it in the answer file why are you changing the password in a batch file? The encrypted password will only work in the answer file (winnt.sif) during setup. Just set that password to what you want then and you shouldn't have to change it later.Cheers Link to comment Share on other sites More sharing options...
Andries Posted May 17, 2004 Author Share Posted May 17, 2004 Yes, I know.But I would add a new user with an encrypted password.And the user is created in a batch file after the installation. Link to comment Share on other sites More sharing options...
wolfshade Posted May 31, 2004 Share Posted May 31, 2004 I tried to remove the Guest while in windows and its not working."Cannot perform operation on built-in accounts"Even more funny - my windows xp pro is pretty hacked up right now by all kinda worms and friendly hackers so i don't have workstation service started??? not even present in the services list but i'm browsing the net how is this possible???LoooL thats a first one for me BTW is this run on GUIRunOnce or RunOnceEx(wich i don't know much) or is it the same thing? Link to comment Share on other sites More sharing options...
Jotnar Posted June 5, 2004 Share Posted June 5, 2004 (edited) @wolfshadeI don't think you can remove the built in accounts (Guest and Administrator), you can only rename them.As an addendum, here is a somewhat more secure way to do the whole thing:Get netuser.exe, renuser.exe, sdelete.exe, and copypwd.exe. Run copypwd on a machine where your renamed (and passworded) guest and fake adminstrator account are already setup like so:CopyPwd DUMP >copypwd.txtThe file copypwd.txt now contains all the accounts that where on the machine in the format accountname:reallylongpasswordhashDelete all but the two for the renamed guest and the fake administrator account.Now drop all the files you downloaded including the copypwd.txt you just made into the system32 folder however you like (I use $OEM$\$$\System32 during setup) and run a batch file like this (from whatever part of setup you want, t-13, runonce...etc)@echo offecho Renaming/Creating Accountsrenuser guest notguestnet localgroup guests notguest /deleterenuser Administrator adminnet user /add Administrator /active:no /passwordchg:no /passwordreq:yesnetuser Administrator /pwnexp:ynet localgroup users Administrator /deletecopypwd setsdelete -p 7 %windir%\system32\copypwd.txtdel /F /Q %windir%\system32\copypwd.exedel /F /Q %windir%\system32\renuser.exedel /F /Q %windir%\system32\netuser.exeThis will rename the guest account, remove it from the guest group and set a password on the guest account (If you install the .Net framework later it will put it back there FYI). It will also rename the administrators account to something else and create a dummy Administrators account while removing the dummy account from the users group. This way (using copypwd) you're not showing the passwords in plaintext, just the password hashes which I don't really mind since they are disabled accounts anyway.Cheers Edited July 19, 2005 by Jotnar Link to comment Share on other sites More sharing options...
Guest zippy Posted June 6, 2004 Share Posted June 6, 2004 try using CUsrMgr (search in this board)...CUsrMgr -u "Guest" -r "notGuest" -dlg "Guests" -pCUsrMgr -u "Administrator" -r "admin" +s MustChangePasswordnet user /add "Administrator" /active:no /passwordchg:no /passwordreq:yes times:CUsrMgr -u "Administrator" -dlg "Users" -p +s PasswordNeverExpiresthis will 1.rename built-in Guest to notGuest, remove from Guests localgroup, and set a randowm password.2.rename built-in Administrator to admin, ask him change password on next logon3.add dummy Administrator, remove it from Users localgroup, set a random pwd, pwd never expiresi set encrypted pwd in winnt.sif for built-in administrator. Link to comment Share on other sites More sharing options...
Jotnar Posted June 7, 2004 Share Posted June 7, 2004 I'd use it if I didn't have to pay for the resource kit to get it Cheers Link to comment Share on other sites More sharing options...
wolfshade Posted June 13, 2004 Share Posted June 13, 2004 (edited) 10x for all u're help guys esp Jotnari have a lil problem: i rename the built in administrator with renuser in t-12 and use it but at first logon it tells me that he can't logme with that account name i push ok and just log in (administrator yet i renamed it only!). Edited June 14, 2004 by wolfshade Link to comment Share on other sites More sharing options...
Jotnar Posted June 23, 2004 Share Posted June 23, 2004 @wolfshadeIf you are running the renuser program from a batch file, put a PAUSE command right after the renuser command. That way you should be able to see if it executed or if it had an error.Cheers Link to comment Share on other sites More sharing options...
GreenMachine Posted June 23, 2004 Share Posted June 23, 2004 Thanks again, Jotnar, looks like you've got this security thing wotked out pretty good! I like the password dumper/importer. You must work in some high security place, like a bank, or XXX site ... Link to comment Share on other sites More sharing options...
mrmr Posted October 20, 2004 Share Posted October 20, 2004 mmmI'm still a little bit confused!in my $OEM$ directory i've a cmdline.txt....and it call RunOnceEx.cmd, that it's executed at the same time of [RunOnce] of WinNT.sif......so when "user changes" should be done? Before that i think...mmm ok...seem that i've menaged this by myself...while writing... Let me know if its wrong, ok?mrmr Link to comment Share on other sites More sharing options...
RogueSpear Posted October 20, 2004 Share Posted October 20, 2004 In addition to renaming Administrator/Guest and disabling the Administrator account (SID 500), I also strip away the descriptions for them and nuke the ASPNET user that .NET creates. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now