February 2nd, 2006, 09:55 PM
Users in Windows
Hey, I just started working with network security. I felt like i needed to after my computer getting trashed about 3 weeks ago. One thing that i need to do is remove both the administrator and guest accounts from windows. I've created seperate accounts but when i try to remove either account it tells me that the account could not be removed.
What am i doing wrong here?
February 2nd, 2006, 10:23 PM
I think the first most important question is, do you have administrative privledges on that machine?
Also, I dont think you can "remove" the administrator account. I believe you can only rename it. Maybe disable it. Don't quote me on that though.
If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.
- Sun Tzu
, The Art of War
February 2nd, 2006, 11:11 PM
Unless you are really familiar with the Windows XP registry, you might want to leave the administrator account alone....you will need to access this account when troubleshooting PC problems through "Safe Mode".
If you want to hide accounts then use this tool from MS...TweakUI
PC Registered user # 2,336,789,457...
"When the water reaches the upper level, follow the rats."
February 2nd, 2006, 11:21 PM
Alright, thank you very much
February 2nd, 2006, 11:28 PM
Yeah, like Dalek said, just put a good long, complex, hard to remember password/passphrase on the Administrator account, write it down and lock it away in your fire-proof safe.
You _do_ have a fire-proof safe, don't you?
Disable the Guest account after putting a ridiculous password on it, too.
Hiding isn't a perfect option, since the SID (Security IDentifier) for the Administrator account (or Guest account for that matter) is the same no matter what you do to the account name or visibility. That means that the core identity of the account is accessible from other vectors using just the SID. And, you can't change the SID without breaking something -- like your whole operating system install.
You must be able to log in as, or run as the local administrator to install, repair or otherwise troubleshoot problems (as Dalek indicated). SafeMode is your friend and you should know how to use it.
You just don't need to use the local administrator account for anything other than that.
Welcome to AO, BTW!
February 2nd, 2006, 11:32 PM
Re: Users in Windows
Hi, like it says the account cannot be removed, a windows PC has to have an administrative account and there is no way around it.
Originally posted here by Norrit
when i try to remove either account it tells me that the account could not be removed.
If you want to install something or change certain settings etc you need to be logged in with admin privialages - if you have no admin account, then windows can't function properly.
The best you can do is rename the admin account and rename the discription that goes with it.
You can create a dummy account and call this "administrator" and give it the admins discription, to fool the casual "hacker", also give this a real shitty password - you wont have to remember it so make it as hard as you can.
The same goes with the guest account - it can only be disabled - but Windows XP Home does not allow you to truly disable the Guest account, it only removes it from the Fast User Switching and Log on screens. For added security set a very strong password for the Guest account.
You didnt say what OS you are using so im guessing XP home? Dont ask me why, I just am!
February 3rd, 2006, 02:20 AM
Actualy im using Win 2K pro, havnt had the money to upgrade to XP since im a poor student. Well thanks for all the advice, i guess i need to take alittle time to implement it now. Then back to reading the vast amount of information on this website.
February 4th, 2006, 12:22 AM
All you have to do is go into the managment console/users&groups, then select users folder. You can rename the Administrator account to anything you like. My best suggetion is to rename your administrator account to <some name> and grant admin priviledges to another user. Best practice would be to rename your admin account and leave it alone and always use another account other than admin to do anything on your system. You should have no problem doing that under Win2k.
Just my two cents worth!
February 4th, 2006, 11:51 AM
Doesn't that then give you two admin accounts? Wouldn't that be less secure than just renaming the admin account and then just using a more limited account for web browsing and such so that it shouldn't be able to break too much?
Originally posted here by ethos914
My best suggetion is to rename your administrator account to <some name> and grant admin priviledges to another user.
Sorry ethos, but I think that is possibly the worst suggestion that anybody has given this guy.
If everything looks perfect, then there is something you don\'t know
February 4th, 2006, 05:36 PM
There is a program from www.sysinternals.com that might be of some use for you. It is called AccessEnum, and shows which users have access to what on your system. Here is the link:
\"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"