surreal Posted July 28, 2005 Posted July 28, 2005 I have always known the default local administrator account to have a sid of 500. Under Win 2003 I can not seem to tell if this is true.As in, in my 2003 builds I have always created a new user (as a member of the administrator group) and then set a difficult password for the administrator account and disabled it.Is there any point in this? Or has the 500 SID identification gone?By checking under the HKEY_USERS hive, I can not see any accounts that end with 500, only one that ends with 9057.(I also disable anonymous enumeration of SAM accounts).thanks heaps!
Martin Zugec Posted July 28, 2005 Posted July 28, 2005 Hmmm, dont think so they changed this... I will check at home and let you know, but I am almost sure you can still found "real" administrator by looking at RID 500
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now