[Samba] rename Administrator account

Marc Muehlfeld mmuehlfeld at samba.org
Sat Mar 18 14:21:05 UTC 2017

Am 17.03.2017 um 15:52 schrieb Bart Coninckx via samba:
> Renaming the admin account in Windows server context is a
> popular measure to make the network more safe.
> Can we do this also in Samba 4? Are there any negative consequences?

Sure you can rename it. Being a member of the right groups decite what 
an account can do.

However, I don't understand how renaming the admin account improves the 
security. For example, every domain user can easily find out who is a 
member of the "Domain Admins" group:

 > dsquery group -name "Domain Admins" | dsget group -members


PS. By the way talking about "Samba 4" can be misleading. It's better if 
you use the terms "Samba AD", "Samba NT4 domain", "Samba standalone 
server", "Samba domain member", etc. depending on what you are talking 
about. Samba 4 can act as all of them.

More information about the samba mailing list