surreal Posted July 28, 2005 Share Posted July 28, 2005 I have always known the default local administrator account to have a sid of 500. Under Win 2003 I can not seem to tell if this is true.As in, in my 2003 builds I have always created a new user (as a member of the administrator group) and then set a difficult password for the administrator account and disabled it.Is there any point in this? Or has the 500 SID identification gone?By checking under the HKEY_USERS hive, I can not see any accounts that end with 500, only one that ends with 9057.(I also disable anonymous enumeration of SAM accounts).thanks heaps! Link to comment Share on other sites More sharing options...
Martin Zugec Posted July 28, 2005 Share Posted July 28, 2005 Hmmm, dont think so they changed this... I will check at home and let you know, but I am almost sure you can still found "real" administrator by looking at RID 500 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now