+ Post New Thread
Results 1 to 11 of 11
Windows 7 Thread, No administrators on the machine except Administrator, whoops in Technical; Hi guys, on a scale of 1-10 how stuffed am I? Building a laptop with Windows 7, and we're only ...
  1. #1
    azc
    azc is offline

    Join Date
    Jan 2011
    Location
    Cirencester, UK
    Posts
    36
    Thank Post
    1
    Thanked 6 Times in 5 Posts
    Rep Power
    9

    No administrators on the machine except Administrator, whoops

    Hi guys, on a scale of 1-10 how stuffed am I?

    Building a laptop with Windows 7, and we're only tentatively dipping our toes into the Windows 7 waters at the moment, so still got a lot to learn. I'm applying my XP knowledge to this brave new world, and getting my fingers burnt.

    In XP, we'd have two users on the machine - Administrator, and User. User is a member of the Users group, whilst of course Administrator is a member of the Administrators group. AutoAdminLogon is set to log the machine in automatically as User (after the Novell login has happened), and when we need to do administrative stuff on the machine we do a RunAs on Computer Management, launch it as Administrator, and add User to the Administrators group.

    Now, I came to replicate this procedure on Windows 7. I have successfully made User a member of the Users group instead of Administrators, and that's fine. However, the problem comes when I need to add them back to the Administrators group. It won't let me do a RunAs Administrator. It says there's some kind of policy in place to disallow that.

    We don't have an Active Directory, we're not using any kind of Group Policy, so this must be a default Local Policy.

    So, my problem is that the only user on the machine that's a member of the Administrators group is Administrator, and I can't log in as Administrator.

    I've tried in Safe Mode and that didn't help. The Administrator account definitely has a password set, and the prompts that appear say 'to continue, type an administrator password, and then click Yes'. Well, there's nowhere to type a password, and Yes is greyed out.

    Does anyone have any suggestions please, or am I going to have to wipe the machine and start again?

    Thanks.

  2. #2
    TheLibrarian
    Guest
    Without something that can modify the accounts on the W7 box then my guess would be 10.

    I think there are some free *nix tools that may be able to help - never had cause to use them I've got a O&O Bluecon subscription which I would use in circumstances like this.

  3. #3
    azc
    azc is offline

    Join Date
    Jan 2011
    Location
    Cirencester, UK
    Posts
    36
    Thank Post
    1
    Thanked 6 Times in 5 Posts
    Rep Power
    9
    OK, I'll give NTPassWd a try. I'd forgotten that can do user promotion as well as password change. Will report back how that goes.
    Last edited by azc; 23rd March 2011 at 02:14 PM.

  4. #4


    Join Date
    Mar 2009
    Location
    Leeds
    Posts
    6,656
    Thank Post
    229
    Thanked 866 Times in 744 Posts
    Rep Power
    298
    administrator on win7 is turned off by default you need to turn it on

  5. #5
    azc
    azc is offline

    Join Date
    Jan 2011
    Location
    Cirencester, UK
    Posts
    36
    Thank Post
    1
    Thanked 6 Times in 5 Posts
    Rep Power
    9
    I initially tried NTPassWd to promote User to a member of Administrators, which didn't work.

    After reading sted's reply, I booted back into NTPassWd and used it to unlock the Administrator account. I also, for giggles, tried promoting User again.

    This time, it all worked. Now I've booted back into Windows, User is an Administrator, and the Administrator account is unlocked.

    Not sure why NTPassWd failed to do it's job the first time.

    Looks like my bacon is saved. Thanks for your help guys.
    Last edited by azc; 23rd March 2011 at 02:14 PM.

  6. #6
    azc
    azc is offline

    Join Date
    Jan 2011
    Location
    Cirencester, UK
    Posts
    36
    Thank Post
    1
    Thanked 6 Times in 5 Posts
    Rep Power
    9
    Well, maybe things didn't go quite as well as I'd hoped.

    When I came to demote User again, Windows refused. Although it was showing as being a member of the Administrators group, different parts of the OS couldn't agree on whether the user really was or wasn't an Administrator.

    This tallies with the warnings given by NTPassWd, so although this utility is great as a last-resort to restoring access, don't expect everything to be smelling of roses once it's done its work.

    I couldn't demote the account, I couldn't even delete the account.

    I've ended up reinstalling the OS after all. And this time, I'll be sure that the Administrator account is NOT disabled!
    Last edited by azc; 23rd March 2011 at 04:51 PM.

  7. #7
    TheLibrarian
    Guest
    Or do as I do and have a 'back door' account that has administrator access just to save your bacon while you are testing.

  8. #8

    Join Date
    Mar 2011
    Location
    Bournemouth
    Posts
    280
    Thank Post
    16
    Thanked 74 Times in 64 Posts
    Rep Power
    22
    I'm not sure if this would have helped you, but I thought it might be useful for future reference.

    On windows 7 and server 2008 if the administrator is the only user in the admin group, and it must be the only one, you can log into it in safe mode even if its disabled.

    Got me out of a hole after I removed one of our machines from the domain with the local admin account disabled.

  9. #9
    azc
    azc is offline

    Join Date
    Jan 2011
    Location
    Cirencester, UK
    Posts
    36
    Thank Post
    1
    Thanked 6 Times in 5 Posts
    Rep Power
    9
    Hi Chris,

    I'm convinced I tried that, and it wouldn't let me in. Oh well, too late now. Thanks anyway

  10. #10
    TheLibrarian
    Guest
    Quote Originally Posted by ChrisMiles View Post
    I'm not sure if this would have helped you, but I thought it might be useful for future reference.

    On windows 7 and server 2008 if the administrator is the only user in the admin group, and it must be the only one, you can log into it in safe mode even if its disabled.

    Got me out of a hole after I removed one of our machines from the domain with the local admin account disabled.
    So sayeth the local policy, not tested it though.

  11. #11

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,193
    Thank Post
    875
    Thanked 2,720 Times in 2,303 Posts
    Blog Entries
    11
    Rep Power
    781
    Why do you need to do the runas stuff anyway, anything that requires admin privilages should trigger a UAC prompt and ask for elevation anyway, at this point you could just use the local admin account credentials to run whatever needed running unless you have turned off UAC for some reason.

SHARE:
+ Post New Thread

Similar Threads

  1. Whoops!
    By HMCTech in forum Mac
    Replies: 7
    Last Post: 22nd September 2009, 10:55 PM
  2. Make a power user an administrator on single machine
    By rocknrollstar in forum Windows
    Replies: 8
    Last Post: 2nd September 2009, 07:03 AM
  3. Whoops BBC
    By tech_guy in forum General Chat
    Replies: 0
    Last Post: 3rd November 2008, 10:06 AM
  4. Whoops....
    By tech_guy in forum General Chat
    Replies: 2
    Last Post: 30th September 2008, 11:00 AM
  5. Whoops...
    By tech_guy in forum General Chat
    Replies: 15
    Last Post: 16th December 2007, 11:14 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •