Renaming AD Guest account
Posted by 4112Naes@reddit | sysadmin | View on Reddit | 6 comments
Vulnerability scanner has detected the Guest account hasn’t been renamed on our DCs, the Guest account is disabled but are there any risks to renaming it?
Thanks!
LordCornish@reddit
FFS, it's disabled. Tell the vulnerability scanner to pound sand.
lordmycal@reddit
This isn't a vulnerability. Renaming accounts is mostly security theater as the SIDs won't change. You can immediately identify the Guest and Administrator accounts no matter what you call them; so this will only confuse your own staff and not stop any serious attackers.
the_doughboy@reddit
Exactly, the name does not matter as the SID never changes.
BuffaloRedshark@reddit
no risks I know of. Ours has been renamed for years
Seth0x7DD@reddit
Such things are often down to your environment. For instance, you might have systems that rely on DOMAIN\guest being resolved. If the account is already disabled, there shouldn't be much of an issue with it as well. Maybe have a look why the scanner flags it. As there are GPOs for it, it is probably supported by Windows, not necessarily all the software you use.
Relagree@reddit
Nope. The scanner will probably flag it's not renamed on all endpoints too.
Gotta check those boxes...