diff --git a/atomics/T1078.003/T1078.003.yaml b/atomics/T1078.003/T1078.003.yaml
index 0ab7dc6c..64ec3640 100644
--- a/atomics/T1078.003/T1078.003.yaml
+++ b/atomics/T1078.003/T1078.003.yaml
@@ -103,6 +103,7 @@ atomic_tests:
     name: powershell
     elevation_required: true
 - name: Create local account (Linux)
+  auto_generated_guid: 02a91c34-8a5b-4bed-87af-501103eb5357
   description: |
     An adversary may wish to create an account with admin privileges to work with. In this test we create a "art" user with the password art, switch to art, execute whoami, exit and delete the art user.
   supported_platforms:
@@ -118,6 +119,7 @@ atomic_tests:
     cleanup_command: |
       userdel -r art 
 - name: Reactivate a locked/expired account (Linux)
+  auto_generated_guid: d2b95631-62d7-45a3-aaef-0972cea97931
   description: |
     A system administrator may have locked and expired a user account rather than deleting it. "the user is coming back, at some stage" An adversary may reactivate a inactive account in an attempt to appear legitimate. 
 
@@ -139,6 +141,7 @@ atomic_tests:
     cleanup_command: |
       userdel -r art 
 - name: Login as nobody (Linux)
+  auto_generated_guid: 3d2cd093-ee05-41bd-a802-59ee5c301b85
   description: |
     An adversary may try to re-purpose a system account to appear legitimate. In this test change the login shell of the nobody account, change its password to nobody, su to nobody, exit, then reset nobody's shell to /usr/sbin/nologin.
   supported_platforms:
diff --git a/atomics/used_guids.txt b/atomics/used_guids.txt
index 53962ac2..6521a4c4 100644
--- a/atomics/used_guids.txt
+++ b/atomics/used_guids.txt
@@ -1304,3 +1304,6 @@ f12acddb-7502-4ce6-a146-5b62c59592f1
 2b93758e-a8d7-4e3b-bc7b-d3aa8d7ecb17
 fca246a8-a585-4f28-a2df-6495973976a1
 37ad2f24-7c53-4a50-92da-427a4ad13f58
+02a91c34-8a5b-4bed-87af-501103eb5357
+d2b95631-62d7-45a3-aaef-0972cea97931
+3d2cd093-ee05-41bd-a802-59ee5c301b85