If you don’t have an account for a Windows 10 computer, you can offline activate the built-in administrator account without signing in as described in this blog post.

If you no longer have access to a Windows 10 computer, say because you forgot the password of your Microsoft account or because the trust relationship between the workstation and the Active Directory domain failed, you need a local account with administrator rights. If you haven’t used the local account for a while, you also might not remember its name and its password. It is also possible that no other local account exists on the computer for security reasons.

In such situations, you can follow the procedure described below to offline activate the built-in administrator account.

  1. Boot from your Windows 10 setup media. You might have to change the boot order in the BIOS of the computer if Windows 10 starts after you inserted the media. After Windows setup has started, you have to press SHIFT+F10 to open a command prompt.
    Opening a command prompt after booting from the Windows setup media
  2. Next, find the drive letter of the drive where Windows 10 is installed. The drive letter might be different from the one you use when you boot up Windows 10. The Windows setup media is usually on X: and, in most cases, Windows 10 is located on drive D:. To get an overview of the available drives you can run echo list volume | diskpart. You can recognize the correct drive by viewing its contents with the dir command (dir d:\users). The date of your profile folder should show the last date you logged on.
    Finding the Windows 10 installation drive
  3. You can now replace the utilman.exe file with cmd.exe in the system32 folder of the Windows 10 system directory. But first you have to create a copy of utilman.exe so that you can restore it after you activate the administrator account. Make sure you use the drive letter that you found in step 2:
    move d:\windows\system32\utilman.exe d:\
    copy d:\windows\system32\cmd.exe d:\windows\system32\utilman.exe

    Replacing utilman.exe with cmd.exe

  4. Now, remove the boot media and reboot:
    wpeutil reboot

    Rebooting Windows PE

  5. Wait until Windows 10 boots up, press a key, and then click the Accessibility options A command prompt should open on the login screen. At this point, you have full access to your Windows 10 installation without having signed in. You could also reset the password of any account.
    Command prompt on the Windows 10 login screen
  6. You can now enable the built-in administrator account. You should also set a password because, by default, the administrator account password is blank:
    net user administrator /active:yes
    net user administrator <your password>

    Activating the built-in administrator account and setting a password

  7. After you close the command prompt, you can sign in with the newly activated administrator account. If the computer does not belong to an Active Directory domain, you can just enter “administrator” as the user name after you click Other user. If the computer is a domain member, you should add “.\” in front of the name (.\administrator) to ensure that you log on locally:
    Local login with the built-in administrator account

After you sign in, you might want to restore the original utilman.exe. To do so, you have to boot again from your Windows 10 setup media and open a command prompt as explained in step 1. Then, you have to enter this command to restore utilman.exe:

Subscribe to 4sysops newsletter!

move /y d:\utilman.exe d:\windows\system32\
  1. Rámon 5 years ago

    And I also tried multiple antivirusses, including Avast, Avira and AVG. All downloaded from the vendors’ websites. This is troubling me, because I have a lot of important work on my laptop, and I can’t afford to lose it.


    • Author
      Michael Pietroforte 5 years ago

      Maybe you already have an AV software installed that prevents the installation.

  2. Sheriff 5 years ago

    Worked perfectly and saved me a lot of stress. Thanks!

  3. Chris 5 years ago

    When I run the net user command on Windows 10 Home, I get “the rpc server is unavailable.” Any ideas?

    • Luc Fullenwarth 5 years ago


      Usually it’s the consequence of a denied access because you didn’t run from an elevated command prompt.

  4. CHRISTINE NYARANGI 5 years ago

    Will this process delete my files?

    • Author
      Michael Pietroforte 5 years ago

      If the administrator account was active before and you encrypted files with the administrator account and EFS, you will loose these files. You will also loose encrypted information in Internet Explorer (stored passwords, for instance). This all applies only to the administrator account. Files of other users are not affected.

  5. danny 5 years ago


    I tried following the steps. But  when I input the command  move d:\windows\system32\utilman.exe … I get a response that the system cannot find the specified path…

    What am I doing wrong?

    btw, I verifed that the usb was actually e:\, so i tried that and got the same

  6. Jason 4 years ago

    This really saved my butt!! Thanks!!

  7. Mike DIetz 4 years ago

    Thank you very much for this- it saved me the wrath of my teenage daughter who forgot her “sentence long” password…

    I did find one shortcut- thorugh the bios boot menu, there is an option to access the “terminal”, where you can enter the DOS commands you list. This means I didn’t have to begin the new Windows installation to get to the CMD prompt.

    Thanks again,


    • Tazar 4 months ago

      Can you please explain your method to me?

  8. Starboy 4 years ago

    Thanks !This method still working perfectly

  9. said 3 years ago

    waw! impressive!


  10. 2dan 3 years ago

    Any update on bringing the cmd prompt at login screen? I also can’t get the command prompt at login screen by clicking Ease of access or pressing shift key 5 times in normal or safe mode.

  11. Calvin 3 years ago

    Hi, thank you for this information!

    I have tried several times but can’t seem to get this to work. I found the OS drive using notepad, used “dir c:\users” and saw my accounts.  Then I tried to move the file as in step 3 and I get – “ The file cannot be accessed by the system.”

    I then tried to cd to c:\ but it does nothing then pops up as X:\sources> , again.

    One thing is that my computer is upgraded to windows 10 and the boot USB is windows 8

    any idea where to go from here?

    Thanks very much.

    • Author
      Michael Pietroforte 3 years ago

      Calvin, either your system drive is encrypted or you using the wrong drive letter. Just try different letters and see if there is a Windows installation.

  12. Sheldon Rodrigues 3 years ago

    Hi Michael, I’m in a bad situation right now and could really do with your help. My brand new laptop running Windows 10 has been stolen. I’ve set up bit locker and find my device, tried to locate it but its not been turned on since stolen so impossible to track it. Is there any way to track the Laptop while it’s turned off like with the serial number or to blacklist it. I believe even when switched off the battery stays on to maintain the time and date. Please Help ( there’s a £100 reward if you manage to help me successfully locate it)

    Thank you

    Sheldon Rodrigues


    • Luc Fullenwarth 3 years ago


      According to Microsoft:

      Your Windows device must be connected to the Internet and have enough battery power so it can send its location.

      However, this is true for every application which locates devices and every type of device (computer, phones, …).

      Furthermore, instead of starting the computer the thief can just reinstall it. And then I guess it will not be possible anymore to locate it…

      But before you give up, wait a few days…

      Here is the whole procedure for a Windows 10 computer:

  13. Thathsara Wagasenevi 3 years ago

    This method is very promising. But can’t we use sethc.exe rather than utilman.exe so we can get cmd using shift key on log screen.

  14. Markus Berg 2 years ago


    I tried to use the command "move d:\windows\system32\utilman.exe d:\" on both d and c.

    On "D" i got "The system cannot find the file specified"

    On "C" i got to see the last logon's but same message "The system cannot find the file specified".

    Any tips there?

    • Ali Moghimi 2 years ago

      Your windows is installed in another drive. Try checking other directories by dir command. If you found the windows and users folders in any drive, that is the drive that windows is installed on. Mine was in f drive. (You should keep that in mind that the name of the drives are different from what you actually see in the windows)

  15. Ali Moghimi 2 years ago

    Really thanks for the help. I really panicked that I thought I had to reinstall windows. 

  16. Jocelyn Gabriel 2 years ago

    Anyone able to help me? I tried using shift+F10 but it still won't show up for me 🤷‍♀️

  17. Adam 2 years ago

    Does this still work or has it been patched?

    I am able to get onto command off my external hard drive windows startup, I have identified the user accounts on my hard drive in the d:\user directory. 
    The move and copy command work but when I reboot and press ease of access nothing happens. Not only does it not open command but it doesn’t open the accessibility options either?

    Any help with a fix/alternative?

  18. Astrid 1 year ago

    I can’t logged in because I forgot my pin. I can access my cmd in bios but that also requires a pin… And downloading the windows 10 setup is taking forever…any ideas?

Leave a reply

Your email address will not be published.


© 4sysops 2006 - 2022


Please ask IT administration questions in the forums. Any other messages are welcome.


Log in with your credentials


Forgot your details?

Create Account