Rename & Disable Administrator Account using Intune Security Policies #msintune
3.1 هزار بار بازدید -
پارسال
-
Let's check how to Rename
Let's check how to Rename & Disable Administrator accounts using Intune Security Policies in this video.
#msintune #microsoftintune #microsoft365 #securitypolicies #securityrisk #administratoraccount #adminaccount
==
Rename & Disable Administrator Account using Intune
Disable Admin Account Status
Rename Admin Account using Custom Policy/Settings Catalog
Verification Process
==
What is Security Risk with Default Administrator Account?
Security Recommendations:
Disable the Administrator Account Status
Rename the Administrator account
When a computer is booted into safe mode, the Administrator account is always enabled, regardless of how this setting is configured.
The admin account has a well-known security identifier (SID), and there are third-party tools that allow authentication by using the SID rather than the account name so rename of this account won't always help.
==
Disable the Administrator Account Status using Intune security policy CSP?
Accounts_EnableAdministratorAccountStatus is the policy to Disable the Administrator Account status.
This security setting helps to Disable the Admin Account status to Disable. The default Value is Disable (int = 0).
./Device/Vendor/MSFT/Policy/Config/LocalPoliciesSecurityOptions/Accounts_EnableAdministratorAccountStatus
==
Rename Admin Account using Intune security policy CSP?
Accounts_RenameAdministratorAccount is the policy to Rename the Administrator Account.
This security setting helps to Rename the Admin Account to a customized name. Default Value is Administrator.
./Device/Vendor/MSFT/Policy/Config/LocalPoliciesSecurityOptions/Accounts_RenameAdministratorAccount
==
Intune Settings Catalog?
Intune Settings Catalog policies are going to help here to automate the policy deployment.
Accounts Enable Administrator Account Status to Disable
Accounts Rename Administrator Account to HTMD_Adm
Endpoint Protection or Custom Profile can also be used.
==
Intune Troubleshooting?
Monitor
Health Alerts
Deployment Status
Assess the impact
Service (Global/Regional?)
Tenant wide?
Deployment (all users/devices)
Identify small set to drill down
Deployment Reports
Troubleshooting Node (Single user drill down)
Device Drill down
==
Policy Deployment Checks?
MDM Event Logs
Applications and Services - Microsoft - Windows- DeviceManagement- Enterprise-Diagnostics-Provider/Admin
Registry - User Based:
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\Providers\D1E11663-BF69-4DD8-974A-BAD47E6EF433\default\S-1-5-21-2901188661-3025291148-348095268-1124\ADMX_ControlPanelDisplay
Registry - Device Based Policy
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\providers\21915145-BD7F-4430-BC50-4C6F60D24965\default\Device\LocalPoliciesSecurityOptions
==
Rename administrator account This security setting determines whether a different account name is associated with the security identifier (SID) for the account Administrator.
Renaming the well-known Administrator account makes it slightly more difficult for unauthorized persons to guess this privileged user name and password combination. Default: Administrator.
==
https://learn.microsoft.com/en-us/win...
https://learn.microsoft.com/en-us/win...
==
More Blog posts related to SCCM/Intune/Windows 11/Cloud PC/AVD/Hyper-V/Cloud/IT Pro/Azure -
✔ https://www.anoopcnair.com/windows-365/
👉 Stay Connected - https://howtomanagedevices.com/stay-c... 👉 https://howtomanagedevices.com/sccm/1...
#CloudPC #Windows365 #W365
https://howtomanagedevices.com/
Learn SCCM Read https://www.anoopcnair.com/sccm/
https://www.anoopcnair.com/learn-sccm...
Learn Intune Read - https://www.anoopcnair.com/intune/
https://www.anoopcnair.com/learn-micr...
Learn Windows 10 Read - https://www.anoopcnair.com/windows-10/
Learn Hyper-V Read - https://www.anoopcnair.com/hyperv-2/
Learn About Cloud Read - https://www.anoopcnair.com/cloud/
Learn about Azure Read - https://www.anoopcnair.com/cloud/azure/
Learn About IT Pros Events - https://www.anoopcnair.com/itpro/
Learn about me - https://www.anoopcnair.com/about/
#SCCM #ConfigMgr #SCCMVideos #SCCMTutorials #SCCMStudyVideos #SCCMFreeTraining #SCCMTraining #HowtoManageDevices
#Intune #MicrosoftIntune #IntuneVideos #IntuneTutorials #IntuneGuide #IntuneStudy #MSIntune #IntuneTraining #HowtoManageDevices
#msintune #microsoftintune #microsoft365 #securitypolicies #securityrisk #administratoraccount #adminaccount
==
Rename & Disable Administrator Account using Intune
Disable Admin Account Status
Rename Admin Account using Custom Policy/Settings Catalog
Verification Process
==
What is Security Risk with Default Administrator Account?
Security Recommendations:
Disable the Administrator Account Status
Rename the Administrator account
When a computer is booted into safe mode, the Administrator account is always enabled, regardless of how this setting is configured.
The admin account has a well-known security identifier (SID), and there are third-party tools that allow authentication by using the SID rather than the account name so rename of this account won't always help.
==
Disable the Administrator Account Status using Intune security policy CSP?
Accounts_EnableAdministratorAccountStatus is the policy to Disable the Administrator Account status.
This security setting helps to Disable the Admin Account status to Disable. The default Value is Disable (int = 0).
./Device/Vendor/MSFT/Policy/Config/LocalPoliciesSecurityOptions/Accounts_EnableAdministratorAccountStatus
==
Rename Admin Account using Intune security policy CSP?
Accounts_RenameAdministratorAccount is the policy to Rename the Administrator Account.
This security setting helps to Rename the Admin Account to a customized name. Default Value is Administrator.
./Device/Vendor/MSFT/Policy/Config/LocalPoliciesSecurityOptions/Accounts_RenameAdministratorAccount
==
Intune Settings Catalog?
Intune Settings Catalog policies are going to help here to automate the policy deployment.
Accounts Enable Administrator Account Status to Disable
Accounts Rename Administrator Account to HTMD_Adm
Endpoint Protection or Custom Profile can also be used.
==
Intune Troubleshooting?
Monitor
Health Alerts
Deployment Status
Assess the impact
Service (Global/Regional?)
Tenant wide?
Deployment (all users/devices)
Identify small set to drill down
Deployment Reports
Troubleshooting Node (Single user drill down)
Device Drill down
==
Policy Deployment Checks?
MDM Event Logs
Applications and Services - Microsoft - Windows- DeviceManagement- Enterprise-Diagnostics-Provider/Admin
Registry - User Based:
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\Providers\D1E11663-BF69-4DD8-974A-BAD47E6EF433\default\S-1-5-21-2901188661-3025291148-348095268-1124\ADMX_ControlPanelDisplay
Registry - Device Based Policy
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\providers\21915145-BD7F-4430-BC50-4C6F60D24965\default\Device\LocalPoliciesSecurityOptions
==
Rename administrator account This security setting determines whether a different account name is associated with the security identifier (SID) for the account Administrator.
Renaming the well-known Administrator account makes it slightly more difficult for unauthorized persons to guess this privileged user name and password combination. Default: Administrator.
==
https://learn.microsoft.com/en-us/win...
https://learn.microsoft.com/en-us/win...
==
More Blog posts related to SCCM/Intune/Windows 11/Cloud PC/AVD/Hyper-V/Cloud/IT Pro/Azure -
✔ https://www.anoopcnair.com/windows-365/
👉 Stay Connected - https://howtomanagedevices.com/stay-c... 👉 https://howtomanagedevices.com/sccm/1...
#CloudPC #Windows365 #W365
https://howtomanagedevices.com/
Learn SCCM Read https://www.anoopcnair.com/sccm/
https://www.anoopcnair.com/learn-sccm...
Learn Intune Read - https://www.anoopcnair.com/intune/
https://www.anoopcnair.com/learn-micr...
Learn Windows 10 Read - https://www.anoopcnair.com/windows-10/
Learn Hyper-V Read - https://www.anoopcnair.com/hyperv-2/
Learn About Cloud Read - https://www.anoopcnair.com/cloud/
Learn about Azure Read - https://www.anoopcnair.com/cloud/azure/
Learn About IT Pros Events - https://www.anoopcnair.com/itpro/
Learn about me - https://www.anoopcnair.com/about/
#SCCM #ConfigMgr #SCCMVideos #SCCMTutorials #SCCMStudyVideos #SCCMFreeTraining #SCCMTraining #HowtoManageDevices
#Intune #MicrosoftIntune #IntuneVideos #IntuneTutorials #IntuneGuide #IntuneStudy #MSIntune #IntuneTraining #HowtoManageDevices
پارسال
در تاریخ 1401/12/24 منتشر شده
است.
3,146
بـار بازدید شده