How to rename the built-in Administrators group in Active Directory?
Solution 1:
The following steps worked for me.
- Launch LDP.exe and bind to the DS server you want to modify. Make sure you are schema admin, and admin over the partition you are modifying
- After connecting and binding, navigate to the browse menu and select the "Modify" option.
- Leave the DN blank, type schemaUpgradeInProgress into the Attribute field and in the values field type 1.
- Click the Add operation and then click the Enter button. This will add this command to the entry list.
- Click the Run button. If you are successful you should see a successful modify message.
- Go to View -> Tree. Connect to the appropriate base DN.
- Find the object, right click and select Modify.
- In the Attribute field, type "systemflags"; in the Values field, leave it blank; in the operation radio options, select Delete.
- Then click Enter, then click Run to remove the system flags values.
- Perform the modification of the object.
- Set the systemflags value back to the original value, to make it owned by the system again
- Once finished, run LDP again with the above steps, changing the schemaUpgradeInProgress value to 0 (to prevent unwanted schema/system changes).
https://docs.microsoft.com/en-us/archive/blogs/janelewis/how-to-modify-a-system-owned-object