Since people diligently try to get access to our servers using various methods, I was wondering if it would be alright to disable the Administrator account so the wannabe hackers would have one more thing to guess. Since the Administrator account is built-in, and has administrative privilege, figuring out the password to this account is all they need to gain full access to the server.
Bascially I had two concerns:
- Whether disabling the Administrator account will cause problems with server core operations
- If it would affect some of the applications/services running on the server
Some Services or Applications and Scheduled Tasks may be configured to run in the context of Administrator account. Needless to say this should be avoided at all cost.
So I disabled the Administrator account on all the hosting production servers, and verified if all required services and applications are functioning properly. Yes, everything works fine!
So no more Administrator account on the production servers, espacially those with remote access enabled.
Be the first to rate this post
- Currently 0/5 Stars.
- 1
- 2
- 3
- 4
- 5