If you don’t have an account for a Windows 10 computer, you can offline activate the built-in administrator account without signing in as described in this blog post.
Latest posts by Michael Pietroforte (see all)

If you no longer have access to a Windows 10 computer, say because you forgot the password of your Microsoft account or because the trust relationship between the workstation and the Active Directory domain failed, you need a local account with administrator rights. If you haven’t used the local account for a while, you also might not remember its name and its password. It is also possible that no other local account exists on the computer for security reasons.

In such situations, you can follow the procedure described below to offline activate the built-in administrator account.

  1. Boot from your Windows 10 setup media. You might have to change the boot order in the BIOS of the computer if Windows 10 starts after you inserted the media. After Windows setup has started, you have to press SHIFT+F10 to open a command prompt.
    Opening a command prompt after booting from the Windows setup media
  2. Next, find the drive letter of the drive where Windows 10 is installed. The drive letter might be different from the one you use when you boot up Windows 10. The Windows setup media is usually on X: and, in most cases, Windows 10 is located on drive D:. To get an overview of the available drives you can run echo list volume | diskpart. You can recognize the correct drive by viewing its contents with the dir command (dir d:\users). The date of your profile folder should show the last date you logged on.
    Finding the Windows 10 installation drive
  3. You can now replace the utilman.exe file with cmd.exe in the system32 folder of the Windows 10 system directory. But first you have to create a copy of utilman.exe so that you can restore it after you activate the administrator account. Make sure you use the drive letter that you found in step 2:
    move d:\windows\system32\utilman.exe d:\
    copy d:\windows\system32\cmd.exe d:\windows\system32\utilman.exe

    Replacing utilman.exe with cmd.exe

  4. Now, remove the boot media and reboot:
    wpeutil reboot

    Rebooting Windows PE

  5. Wait until Windows 10 boots up, press a key, and then click the Accessibility options A command prompt should open on the login screen. At this point, you have full access to your Windows 10 installation without having signed in. You could also reset the password of any account.
    Command prompt on the Windows 10 login screen
  6. You can now enable the built-in administrator account. You should also set a password because, by default, the administrator account password is blank:
    net user administrator /active:yes
    net user administrator <your password>

    Activating the built-in administrator account and setting a password

  7. After you close the command prompt, you can sign in with the newly activated administrator account. If the computer does not belong to an Active Directory domain, you can just enter “administrator” as the user name after you click Other user. If the computer is a domain member, you should add “.\” in front of the name (.\administrator) to ensure that you log on locally:
    Local login with the built-in administrator account

After you sign in, you might want to restore the original utilman.exe. To do so, you have to boot again from your Windows 10 setup media and open a command prompt as explained in step 1. Then, you have to enter this command to restore utilman.exe:

Subscribe to 4sysops newsletter!

move /y d:\utilman.exe d:\windows\system32\
  1. Avatar
    Rámon 6 years ago

    And I also tried multiple antivirusses, including Avast, Avira and AVG. All downloaded from the vendors’ websites. This is troubling me, because I have a lot of important work on my laptop, and I can’t afford to lose it.


  2. Avatar
    Sheriff 6 years ago

    Worked perfectly and saved me a lot of stress. Thanks!

  3. Avatar
    Chris 6 years ago

    When I run the net user command on Windows 10 Home, I get “the rpc server is unavailable.” Any ideas?

    • Avatar


      Usually it’s the consequence of a denied access because you didn’t run from an elevated command prompt.

  4. Avatar
    CHRISTINE NYARANGI 6 years ago

    Will this process delete my files?

    • Avatar Author

      If the administrator account was active before and you encrypted files with the administrator account and EFS, you will loose these files. You will also loose encrypted information in Internet Explorer (stored passwords, for instance). This all applies only to the administrator account. Files of other users are not affected.

  5. Avatar
    danny 6 years ago


    I tried following the steps. But  when I input the command  move d:\windows\system32\utilman.exe … I get a response that the system cannot find the specified path…

    What am I doing wrong?

    btw, I verifed that the usb was actually e:\, so i tried that and got the same

    • Avatar
      StellisPro 4 months ago

      Check the installation folder of windows where your current windows is install. You can change to C or D or E where the current windows is booting.

      Nice informative article.

  6. Avatar
    Jason 6 years ago

    This really saved my butt!! Thanks!!

  7. Avatar
    Mike DIetz 6 years ago

    Thank you very much for this- it saved me the wrath of my teenage daughter who forgot her “sentence long” password…

    I did find one shortcut- thorugh the bios boot menu, there is an option to access the “terminal”, where you can enter the DOS commands you list. This means I didn’t have to begin the new Windows installation to get to the CMD prompt.

    Thanks again,


    • Avatar
      Tazar 2 years ago

      Can you please explain your method to me?

  8. Avatar
    Starboy 5 years ago

    Thanks !This method still working perfectly

  9. Avatar
    said 5 years ago

    waw! impressive!


  10. Avatar
    2dan 5 years ago

    Any update on bringing the cmd prompt at login screen? I also can’t get the command prompt at login screen by clicking Ease of access or pressing shift key 5 times in normal or safe mode.

  11. Avatar
    Calvin 5 years ago

    Hi, thank you for this information!

    I have tried several times but can’t seem to get this to work. I found the OS drive using notepad, used “dir c:\users” and saw my accounts.  Then I tried to move the file as in step 3 and I get – “ The file cannot be accessed by the system.”

    I then tried to cd to c:\ but it does nothing then pops up as X:\sources> , again.

    One thing is that my computer is upgraded to windows 10 and the boot USB is windows 8

    any idea where to go from here?

    Thanks very much.

    • Avatar Author

      Calvin, either your system drive is encrypted or you using the wrong drive letter. Just try different letters and see if there is a Windows installation.

  12. Avatar
    Sheldon Rodrigues 5 years ago

    Hi Michael, I’m in a bad situation right now and could really do with your help. My brand new laptop running Windows 10 has been stolen. I’ve set up bit locker and find my device, tried to locate it but its not been turned on since stolen so impossible to track it. Is there any way to track the Laptop while it’s turned off like with the serial number or to blacklist it. I believe even when switched off the battery stays on to maintain the time and date. Please Help ( there’s a £100 reward if you manage to help me successfully locate it)

    Thank you

    Sheldon Rodrigues


    • Avatar


      According to Microsoft:

      Your Windows device must be connected to the Internet and have enough battery power so it can send its location.

      However, this is true for every application which locates devices and every type of device (computer, phones, …).

      Furthermore, instead of starting the computer the thief can just reinstall it. And then I guess it will not be possible anymore to locate it…

      But before you give up, wait a few days…

      Here is the whole procedure for a Windows 10 computer:

  13. Avatar
    Thathsara Wagasenevi 4 years ago

    This method is very promising. But can’t we use sethc.exe rather than utilman.exe so we can get cmd using shift key on log screen.

  14. Avatar
    Markus Berg 4 years ago


    I tried to use the command "move d:\windows\system32\utilman.exe d:\" on both d and c.

    On "D" i got "The system cannot find the file specified"

    On "C" i got to see the last logon's but same message "The system cannot find the file specified".

    Any tips there?

    • Avatar
      Ali Moghimi 4 years ago

      Your windows is installed in another drive. Try checking other directories by dir command. If you found the windows and users folders in any drive, that is the drive that windows is installed on. Mine was in f drive. (You should keep that in mind that the name of the drives are different from what you actually see in the windows)

  15. Avatar
    Ali Moghimi 4 years ago

    Really thanks for the help. I really panicked that I thought I had to reinstall windows. 

  16. Avatar
    Jocelyn Gabriel 3 years ago

    Anyone able to help me? I tried using shift+F10 but it still won't show up for me 🤷‍♀️

  17. Avatar
    Adam 3 years ago

    Does this still work or has it been patched?

    I am able to get onto command off my external hard drive windows startup, I have identified the user accounts on my hard drive in the d:\user directory. 
    The move and copy command work but when I reboot and press ease of access nothing happens. Not only does it not open command but it doesn’t open the accessibility options either?

    Any help with a fix/alternative?

  18. Avatar
    Astrid 3 years ago

    I can’t logged in because I forgot my pin. I can access my cmd in bios but that also requires a pin… And downloading the windows 10 setup is taking forever…any ideas?

Leave a reply

Your email address will not be published. Required fields are marked *


© 4sysops 2006 - 2023


Please ask IT administration questions in the forums. Any other messages are welcome.


Log in with your credentials


Forgot your details?

Create Account