Can't find the information you are looking for here? Then leave a message over on our WinBatch Tech Support Forum.
Some of our users have renamed the local Admin account, and many have left it default. All of the functions in the network extender I see all require the exact username or exact SID you want to manipulate. Well, the local Admin SIDs are never the same (see below), and the name could be anything.
The only thing going for me is the SID for the local Administrator account is ALWAYS in the following format:
S-1-5-21-randomnumber-randomnumber-randomnumber-500The wntMemberList function could be used to return a list of users (or SIDs)in the local Admin group. But I have no idea how to extract the actual name of the Adminstrator account from the list of usernames or SIDs.
I thought maybe I could use wntMemberList and return the SIDs, then search each string for the "500" that appears at the end of the Administrator account SID. But then I would need a way to "convert" the SID to a name to see what that name is.
The only other thing I can think of is to totally forget about my idea of checking the name first and changing it only if it's not correct - the alternative would be once I find the SID just change the name of the account to what I want, regardless of what it's called. Sure, I'll rename most accounts already named "Administrator" to the same name again, but I will at the same time achieve my goal of changing the oddball names. Horribly inefficient, but it may be my only option.
There is only ONE true local "Administrator". The RID is 500. You can add 300 extra users into the Administrator group, and there will still always be the 1 true (default) Administrator.
That's the one I want - the SID ends in 500 - just need to figure out the name based on that SID.
Here's the simple little script that does this for you:
AddExtender('wwwnt34i.dll') MachineSID = wntLsaPolGet('','AccountDomain',2) AdministratorSID = StrCat(MachineSID, "-500") AdministratorName = wntAcctInfo('',AdministratorSID,2,0)This works regardless of the localized language version of Windows that you are using. For example, the name of the Administrator account changes in the German language versions of Windows, so you can't assume that it will be "Administrator". The NT extender does some tasks internally where groups like "Administrators" and "Everyone" need to be manipulated, and it uses this same method to build the SID values because the account names may vary. The SID value is the one thing that will always work regardless of what the account name currently is.
Article ID: W16044
File Created: 2004:03:30:15:42:30
Last Updated: 2004:03:30:15:42:30