Jump to content
DeployCentral

Controlling Sysprep to Not Reset Local Accounts on Windows 7 x64


Recommended Posts

So, I'm creating Offline Deployment Media using SD version 1.1.1990. Using a Windows 7 x64 image, I've noticed that after Sysprep, Windows 7 will ask for a password to a newly created administrator account, and that the Admin 0 account is set to disabled. The Admin 0 account was not disabled prior to creating the .wim file. Is there a way to prevent Sysprep from NOT creating the new administrator account, and not disabling the Admin 0 account? Our requirement is to make sure that the Admin 0 account is not disabled until it is joined to the domain.

Link to comment
Share on other sites

So, I'm creating Offline Deployment Media using SD version 1.1.1990. Using a Windows 7 x64 image, I've noticed that after Sysprep, Windows 7 will ask for a password to a newly created administrator account, and that the Admin 0 account is set to disabled. The Admin 0 account was not disabled prior to creating the .wim file. Is there a way to prevent Sysprep from NOT creating the new administrator account, and not disabling the Admin 0 account? Our requirement is to make sure that the Admin 0 account is not disabled until it is joined to the domain.

By default when deploying an image of Windows 6.x sysprep will disable the built-in administrator account. If you go to advanced options in the Deploy Wizard and select Enable administrator account it will try and enable the "Administrator" account. Since you have the administrator account renamed this results in creating a new administrator account. What you can do is leave the enable administrator account check box unchecked and create a task to enable your admin account. You can follow the steps below to do so.

  1. From the Deploy Wizard select Advanced
  2. Select the Tasks tab
  3. Select Add to create a new task
  4. Enter "Net user (your admin account user name) /active:yes"
  5. Change the phase to Specialized / Mini-Setup
  6. Complete your deployment

Once the image is deployed the renamed admin account should be activated and you should not be prompted for a new password.

Link to comment
Share on other sites

By default when deploying an image of Windows 6.x sysprep will disable the built-in administrator account. If you go to advanced options in the Deploy Wizard and select Enable administrator account it will try and enable the "Administrator" account. Since you have the administrator account renamed this results in creating a new administrator account. What you can do is leave the enable administrator account check box unchecked and create a task to enable your admin account. You can follow the steps below to do so.

  1. From the Deploy Wizard select Advanced
  2. Select the Tasks tab
  3. Select Add to create a new task
  4. Enter "Net user (your admin account user name) /active:yes"
  5. Change the phase to Specialized / Mini-Setup
  6. Complete your deployment

Once the image is deployed the renamed admin account should be activated and you should not be prompted for a new password.

So with the "Net user..." command I am able to get the Administrator 0(user account renamed to sysadmin) account not disabled. However, sysprep is creating a 2nd account called Administrator. If I were to rename sysadmin back to Administrator

1. Would sysprep still create a 2nd administrator account?

2. Is there a command during sysprep to rename the Administrator 0 account to a different username?

I would like to make sure that there is only 1 administrator account in Windows 7.

3. How do I get the Guest account to be renamed during sysprep? Originally, the image file has this guest account renamed, and I am assuming that the sysprep process is reverting the guest account to the original guest username.

thanks

Link to comment
Share on other sites

So with the "Net user..." command I am able to get the Administrator 0(user account renamed to sysadmin) account not disabled. However, sysprep is creating a 2nd account called Administrator. If I were to rename sysadmin back to Administrator

1. Would sysprep still create a 2nd administrator account?

2. Is there a command during sysprep to rename the Administrator 0 account to a different username?

I would like to make sure that there is only 1 administrator account in Windows 7.

3. How do I get the Guest account to be renamed during sysprep? Originally, the image file has this guest account renamed, and I am assuming that the sysprep process is reverting the guest account to the original guest username.

thanks

It looks like the Administrator account is being recreated based on the answer file passed to sysprep by the Deploy Wizard. You can simply delete it "Net user administrator /delete" using a task like was done to enable the built-in administrator account. The easiest solution would probably be to just leave the administrator account disabled, and create a new administrator account named sysadmin but the net user commands will work as well.

In regards to the built-in guest account it is being renamed by default sysprep behavior. If you wish to have it renamed you can run "wmic useraccount where name="Guest" call rename name="Your Guest Account Name"". This task will not run during Specialize / Mini-Setup and will need to be run at the First boot as system or First logon phase.

Link to comment
Share on other sites

In regards to the built-in guest account it is being renamed by default sysprep behavior. If you wish to have it renamed you can run "wmic useraccount where name="Guest" call rename name="Your Guest Account Name"". This task will not run during Specialize / Mini-Setup and will need to be run at the First boot as system or First logon phase.

This isn't working with either the First boot as system or First logon phase. Is it because the Guest account is disabled? In fact, I get an error with having quotes around "Guest" or "Your Guest Account Name", so I have to remove the quotes.

Link to comment
Share on other sites

In regards to the built-in guest account it is being renamed by default sysprep behavior. If you wish to have it renamed you can run "wmic useraccount where name="Guest" call rename name="Your Guest Account Name"". This task will not run during Specialize / Mini-Setup and will need to be run at the First boot as system or First logon phase.

This isn't working with either the First boot as system or First logon phase. Is it because the Guest account is disabled? In fact, I get an error with having quotes around "Guest" or "Your Guest Account Name", so I have to remove the quotes.

The command will fail without the quotes around the usernames. You can simply put this command into a batch file with the quotes, then run the batch file. The batch file will need to be available locally when the machine is in the first boot phase, so you will either need to copy it over after the image is deployed or add it to your image.

Link to comment
Share on other sites

The command will fail without the quotes around the usernames. You can simply put this command into a batch file with the quotes, then run the batch file. The batch file will need to be available locally when the machine is in the first boot phase, so you will either need to copy it over after the image is deployed or add it to your image.

So this worked using single quotes ' versus the "

First boot at system

Command:

wmic useraccount where name='Guest' call rename name='Your Guest Account Name'

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...