Microsoft Windows: Accounts: Administrator account status

This test checks the setting for policy 'Accounts: Administrator account status' on Windows hosts (at least Windows 7). The security setting determines whether the local Administrator account is enabled or disabled. The following conditions prevent disabling the Administrator account, even if this security setting is disabled: - The Administrator account is currently in use - The Administrators group has no other members - All other members of the Administrators group are: - Disabled - Listed in the Deny log on locally User Rights Assignment If the Administrator account is disabled, you cannot enable it if the password does not meet requirements. In this case, another member of the Administrators group must reset the password.