I have made a dedicated server contract recently with a hosting provider, the server is unmanaged and the hosting provider is responsible for network and hardware issues not software,
but they have set admin password and other administrative passwords and use it for some administrtive tasks, like adding new IPs and ...
I want to know if I can change the password and restrict them from accessing my server,
is it a routine thing in dedicated server providers to have an admin password on the server they sell?
If you don't trust the company that you're paying every month FOR the server to have your password, why are you even with them at all?
They have PHYSICAL access to your server.... more than likely you do not. It would take all of a min. for them to walk up, hook up a monitor and change the pass on your system (assuming it's a flavor of *nix). So you have no more privacy from your host (which again I would think you would trust above anyone else) than if they have an account on your system or not.
Yeah, it completely depends on the deal you've made, what level of administration your host will do on the box, ie. if they need the ability to go in and add IP's or make any kind of OS software updated, then they'll need a login. But on the other hand, if the box is truly unmanaged and they really have no business being logged in, then lock it down.
A couple of helpful links about securing a Windows server: