Offline activate the built-in administrator on Windows 10 without signing in

If you don’t have an account for a Windows 10 computer, you can offline activate the built-in administrator account without signing in as described in this blog post.

If you no longer have access to a Windows 10 computer, say because you forgot the password of your Microsoft account or because the trust relationship between the workstation and the Active Directory domain failed, you need a local account with administrator rights. If you haven’t used the local account for a while, you also might not remember its name and its password. It is also possible that no other local account exists on the computer for security reasons.

In such situations, you can follow the procedure described below to offline activate the built-in administrator account.

  1. Boot from your Windows 10 setup media. You might have to change the boot order in the BIOS of the computer if Windows 10 starts after you inserted the media. After Windows setup has started, you have to press SHIFT+F10 to open a command prompt.
    Opening a command prompt after booting from the Windows setup media
  2. Next, find the drive letter of the drive where Windows 10 is installed. The drive letter might be different from the one you use when you boot up Windows 10. The Windows setup media is usually on X: and, in most cases, Windows 10 is located on drive D:. To get an overview of the available drives you can run echo list volume | diskpart. You can recognize the correct drive by viewing its contents with the dir command (dir d:\users). The date of your profile folder should show the last date you logged on.
    Finding the Windows 10 installation drive
  3. You can now replace the utilman.exe file with cmd.exe in the system32 folder of the Windows 10 system directory. But first you have to create a copy of utilman.exe so that you can restore it after you activate the administrator account. Make sure you use the drive letter that you found in step 2:

    Replacing utilman.exe with cmd.exe
  4. Now, remove the boot media and reboot:

    Rebooting Windows PE
  5. Wait until Windows 10 boots up, press a key, and then click the Accessibility options A command prompt should open on the login screen. At this point, you have full access to your Windows 10 installation without having signed in. You could also reset the password of any account.
    Command prompt on the Windows 10 login screen
  6. You can now enable the built-in administrator account. You should also set a password because, by default, the administrator account password is blank:

    Activating the built-in administrator account and setting a password
  7. After you close the command prompt, you can sign in with the newly activated administrator account. If the computer does not belong to an Active Directory domain, you can just enter “administrator” as the user name after you click Other user. If the computer is a domain member, you should add “.\” in front of the name (.\administrator) to ensure that you log on locally:
    Local login with the built-in administrator account

After you sign in, you might want to restore the original utilman.exe. To do so, you have to boot again from your Windows 10 setup media and open a command prompt as explained in step 1. Then, you have to enter this command to restore utilman.exe:

Want to write for 4sysops? We are looking for new authors.

Read 4sysops without ads by becoming a member!

14+
avatar
Share
57 Comments
  1. Rámon 3 years ago

    And I also tried multiple antivirusses, including Avast, Avira and AVG. All downloaded from the vendors' websites. This is troubling me, because I have a lot of important work on my laptop, and I can't afford to lose it.

    Regards

    1+

  2. Sheriff 3 years ago

    Worked perfectly and saved me a lot of stress. Thanks!

    1+

  3. Chris 3 years ago

    When I run the net user command on Windows 10 Home, I get "the rpc server is unavailable." Any ideas?

    1+

  4. CHRISTINE NYARANGI 3 years ago

    Will this process delete my files?

    1+

    • Author

      If the administrator account was active before and you encrypted files with the administrator account and EFS, you will loose these files. You will also loose encrypted information in Internet Explorer (stored passwords, for instance). This all applies only to the administrator account. Files of other users are not affected.

      1+

  5. danny 3 years ago

    Hi!

    I tried following the steps. But  when I input the command  move d:\windows\system32\utilman.exe ... I get a response that the system cannot find the specified path...

    What am I doing wrong?

    btw, I verifed that the usb was actually e:\, so i tried that and got the same

    1+

  6. Jason 2 years ago

    This really saved my butt!! Thanks!!

    1+

  7. Mike DIetz 2 years ago

    Thank you very much for this- it saved me the wrath of my teenage daughter who forgot her "sentence long" password...

    I did find one shortcut- thorugh the bios boot menu, there is an option to access the "terminal", where you can enter the DOS commands you list. This means I didn't have to begin the new Windows installation to get to the CMD prompt.

    Thanks again,

    -Mike

    1+

  8. Starboy 2 years ago

    Thanks !This method still working perfectly

    0

  9. said 2 years ago

    waw! impressive!

    Bravo

    0

  10. 2dan 2 years ago

    Any update on bringing the cmd prompt at login screen? I also can't get the command prompt at login screen by clicking Ease of access or pressing shift key 5 times in normal or safe mode.

    3+

  11. Calvin 1 year ago

    Hi, thank you for this information!

    I have tried several times but can’t seem to get this to work. I found the OS drive using notepad, used “dir c:\users” and saw my accounts.  Then I tried to move the file as in step 3 and I get - “ The file cannot be accessed by the system.”

    I then tried to cd to c:\ but it does nothing then pops up as X:\sources> , again.

    One thing is that my computer is upgraded to windows 10 and the boot USB is windows 8

    any idea where to go from here?

    Thanks very much.

    0

    • Author

      Calvin, either your system drive is encrypted or you using the wrong drive letter. Just try different letters and see if there is a Windows installation.

      0

  12. Sheldon Rodrigues 1 year ago

    Hi Michael, I'm in a bad situation right now and could really do with your help. My brand new laptop running Windows 10 has been stolen. I've set up bit locker and find my device, tried to locate it but its not been turned on since stolen so impossible to track it. Is there any way to track the Laptop while it's turned off like with the serial number or to blacklist it. I believe even when switched off the battery stays on to maintain the time and date. Please Help ( there's a £100 reward if you manage to help me successfully locate it)

    Thank you

    Sheldon Rodrigues

    +447413719691

    0

  13. Thathsara Wagasenevi 1 year ago

    This method is very promising. But can’t we use sethc.exe rather than utilman.exe so we can get cmd using shift key on log screen.

    0

  14. Markus Berg 6 months ago

    Hey,

    I tried to use the command "move d:\windows\system32\utilman.exe d:\" on both d and c.

    On "D" i got "The system cannot find the file specified"

    On "C" i got to see the last logon's but same message "The system cannot find the file specified".

    Any tips there?

    1+

    • Ali Moghimi 1 month ago

      Your windows is installed in another drive. Try checking other directories by dir command. If you found the windows and users folders in any drive, that is the drive that windows is installed on. Mine was in f drive. (You should keep that in mind that the name of the drives are different from what you actually see in the windows)

      0

  15. Ali Moghimi 1 month ago

    Really thanks for the help. I really panicked that I thought I had to reinstall windows. 

    0

Leave a reply

Your email address will not be published. Required fields are marked *

*

© 4sysops 2006 - 2020

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account