Could not rename the Administrator\guest account #173
Comments
|
HardeningKitty does not have a module to rename a user account, you have to rename the account yourself |
|
Thank you very much for your quick response! The tool is truly amazing—it
has saved me a great deal of time.
I would like to clarify a few things regarding the following policies:
2.3.1.4, "Security Options", "Accounts: Rename administrator account",
localaccount, 500,,,,,,Administrator,Administrator,!=,Low 2.3.1.5,
"Security Options", "Accounts: Rename guest account", localaccount,
501,,,,,,Guest,Guest,!=,Low
I noticed that the account names don’t actually change. Are these policies
intended merely to notify me that I need to manually rename the accounts
during the audit mode?
Since the account names weren’t being updated, I modified the method from
localaccount to Secedit, and it appeared to change the names. However, when
attempting a *backup*, the account name shows as an empty string instead.
Is this because Secedit only retrieves numerical identifiers or converts
them to integers?
Additionally, regarding the following policy:
1.1.1, "Account Policies", "Length of password history maintained",
accountpolicy,,,,,,,None,24,>=,Low
In *backup* mode, the value for 0 is returned as None, and HardeningKitty
fails to apply it since it’s not recognized as a valid number. I also
changed the method here to Secedit. Is there an alternative solution to
this issue?
I would appreciate your assistance in resolving these matters.
…On Sun, 15 Dec 2024 at 19:51, Michael Schneider ***@***.***> wrote:
HardeningKitty does not have a module to rename a user account, you have
to rename the account yourself
—
Reply to this email directly, view it on GitHub
<#173 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/BMT7XJ2SHDYFV55Y3KOGEU32FW6QZAVCNFSM6AAAAABTUSL5XCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDKNBTHE3TOMJTHE>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
Yes, because there is no module for renaming accounts in HailMary mode. I don't think secedit can be used to rename a local user account, so changing from localaccount to secedit will not work
I would use group policies for these settings, either locally or in a domain |
Hi, would appreciate assistance in implementing policies 2.3.1.4 and 2.3.1.5 in the LIST finding_list_cis_microsoft_windows_10_enterprise_22h2_3.0.0_machine.csv. I am encountering an issue where I cannot rename the Administrator and Guest accounts. When I modify the RECOMMENDED name, the policy validation passes, but the actual account name remains unchanged.
The text was updated successfully, but these errors were encountered: