Michael Pietroforte

Michael Pietroforte is the founder and editor in chief of 4sysops. He has more than 35 years of experience in IT management and system administration.

In my last my post I described how to offline edit the Registry of a Windows installation through Windows PE or Windows RE. Today, I will give you the procedure to offline enable the built-in administrator account. This can be useful when you have to reset the password of the administrator account without having admin privileges on this machine.

I tried the procedure described here on Windows 7 and Windows Vista. I suppose it also works on Windows XP. However, in Windows XP you can just boot up in Safe Mode (press F8 before Windows starts booting) and log on with the built-in administrator account even it is disabled. Because an administrator password has to be configured when Windows XP is installed, the Safe Mode procedure will only help if you have at least this password.

Once you enable the administrator account, you can use this account to log on to this Windows installation. This works because, by default, the built-in administrator account is configured with an empty password in Vista and Windows 7. Of course, if you configured an administrator password (which I recommended in my article about the built-in administrator account), this procedure is useless if you have also forgotten this password or if a user has set the password and didn't tell you about it.

Before you proceed, please note that editing the Registry is always risky if you don't know what you are doing.


To offline enable the built-in administrator account, follow these steps:

  1. Load the SAM Registry hive with regedit as described in my post about the offline Registry editor.
  2. Navigate to HKLM\%your_key_name%\SAM\Domains\Accounts\Users\Names\.
  3. Click "Administrator" and note the value in the type column.
  4. Navigate to HKLM\%your_key_name%\SAM\Domains\Accounts\Users\.
  5. Use the type value you noted before to locate the Registry key of the administrator account (see screenshot). Offline enable built in administrator locate administrator
  6. Edit the F entry of the administrator key and navigate to the 0038 position.
  7. If the built-in administrator account is disabled, the value of this position is "11"; replace it with "10". NOTE: Make sure to edit the correct position because editing binary values in the Registry is a bit tricky: Move the cursor to the beginning of position 0038, press "DEL," and then type "10".
    Offline enable built-in administrator
  8. Click %your_key_name% and then unload the hive through the corresponding menu point in the File menu.

After you reboot, you can log on using the built-in administrator and reset the password of other accounts.

Note that you can also use this procedure to offline enable other accounts with administrator privileges. In this case, the value at position 0038 will be "15" if the account is disabled; replace it with"14" to enable the account.

Are you an IT pro? Apply for membership!

1+
Share
53 Comments
  1. John 6 years ago

    Thank you for posting. Confirmed to remote registry edit enable local Administrator account on Windows 8.1 after getting locked out of Live account.

    0

  2. Bruno 4 years ago

    Now that more and more people use Microsoft Accounts, knowing how to switch a profile from a Microsoft Account to a local account, via regedit, would be extremely useful. There are cases where resetting a Microsoft Account is out of the question (user is deceased, cell phone is unavailable or long gone, access to recovery email address isn't possible, etc). It's easy to switch from a Microsoft Account to a local account when you're logged in to it, but how about doing it from another account with administrator privileges, via regedit? Gaining local admin access is easy, gaining access to data under a Microsoft Account profile is also easy. Converting a Microsoft Account user profile into a local account profile should be easy (via regedit), but I can't find any way to do it.

    0

  3. Angryviking 2 years ago

    Michael, this guide just saved my bacon, thank you !!!!

    0

Leave a reply

Your email address will not be published. Required fields are marked *

*

© 4sysops 2006 - 2019

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account