Forum Discussion
Wesoley
Apr 06, 2022Copper Contributor
Rename built-in local admin and change password
I'm trying to rename the local built-in admin account and change the password using the following
Devices > Windows > Create custom profile >
OMA-URI
/Device/Vendor/MSFT/Policy/Config/LocalPoliciesSecurityOptions/Accounts_RenameAdministratorAccount
The account is renamed fine. However, on trying to set the password: ./Device/Vendor/MSFT/Accounts/Users/localadmin/Password I get the error code -2016281112 which I believe Rudy talked about here https://call4cloud.nl/2021/12/i-kill-remediation-errors/
However, I'm not able to login with the user and password. If I create a new account instead of renaming the existing one, I'm able to login fine. Any tips on how to resolve this corner case?
- So far as i know: yes… we created our own laps (powershell) to change those passwords. Leanlaps was the creation of that idea
- Hi as responded on reddit:
https://www.reddit.com/r/Intune/comments/txkdyf/rename_builtin_admin_account_and_set_password/
Hi,
I noticed you also reached out in a comment.. Looking at what you are trying to do and the CSP. It looks like you can only change the administrator account name with it... but I don't see anything mentioned a password change?
Could you still login with the password that was configured for the old account? Could you also check if that account is disabled?- WesoleyCopper Contributor
Yes, I can still login with the password for the old account. No, the account is not disabled. Btw, I apologize for the double/triple posting. I should clarify - set password.
Is it that the ./Device/Vendor/MSFT/Accounts/Users/localadmin/Password will only set a password for a newly created account and not an existing one?
- So far as i know: yes… we created our own laps (powershell) to change those passwords. Leanlaps was the creation of that idea