Site icon Winhelponline

Enable the Built-in Administrator in Windows 10/11 via Windows RE

Ramesh

There are situations where you’ll need to activate and use the built-in Administrator account in Windows. The built-in Administrator account is disabled by default. If your existing admin user account profile gets corrupted (and you have no alternate user account with admin privileges), you’ll need to enable and use the built-in administrator account to fix things up or create a second administrator account.

This post applies only to the situations where the user remembers the password for his account, but cannot log into the account due to a corrupt user profile or per-user registry. Corrupt user profile causes the error “The user profile service failed the logon. User profile cannot be loaded” when logging in to the account.

Whereas, for the “lost password or “lost admin privileges” kind of situations, you need to follow the instructions in the article Windows 10/11 Password Reset Methods for Lost Password Scenario to reset the user account password or restore the admin rights for the user account.

This article tells you how to enable the built-in administrator account (named “Administrator“) in Windows 10 and 11.

Enable Built-in Administrator via Recovery Options

Enabling the built-in administrator (“Administrator”) account can be done through Windows Recovery Environment (aka “Recovery Options”) if you cannot log in to your user account.

Step 1: Log in to Advanced Recovery Options (Windows RE)

  1. From the sign-in screen in Windows 10/11, press and hold the SHIFT key on the keyboard.
  2. With the SHIFT key still pressed, click the Power button and then click Restart.
  3. In the Recovery Options menu, click Troubleshoot, and then click Advanced Options.

Alternate Methods: If Windows doesn’t boot or WinRE doesn’t launch

Note: If Windows doesn’t boot, follow these steps to access the Recovery Options screen.

  • Attempt to boot the system 2 or 3 times. After 3 failed tries, you’ll have the option to get into the Recovery Options directly, after going through the automatic repair (“Startup Repair”) process.

(Or use the USB Windows Setup disk to go to Windows RE.)

  1. Boot the system using your Windows installation media or Recovery drive if you’ve created one already. If you don’t have any, download the Windows 10 or 11 ISO and then create bootable media using another computer.
  2. On the Windows setup page, click Next.
    (Tip: At this point, you can press Shift + F10 to open a Command Prompt window quickly, if you want.
  3. Click Repair your computer.
  4. There we go. We have opened the recovery options.

Step 2: Enable the Built-in Administrator account from Windows RE

  1. In the Windows Recovery Options menu, click Troubleshoot → Advanced Options.

  2. Click Command Prompt.
    (This opens a Command Prompt window. We need to edit the SAM registry hive offline to enable the built-in Administrator account.)
  3. In the Command Prompt window, type the following command and press ENTER: 
    regedit.exe
  4. In the Registry Editor, select HKEY_LOCAL_MACHINE
  5. From the File menu, click Load Hive…
  6. In the browse dialog, locate and select the \Windows\System32\Config\SAM hive file from your Windows installation — e.g., assuming C:\ is your Windows drive letter. This SAM hive contains the user accounts information.
    See the section about finding the drive letter of your Windows installation in this article.

  7. Assign a name for the loaded hive — e.g., TEMPHIVE
  8. Go to the following branch in the Registry Editor: 
    HKEY_LOCAL_MACHINE\TEMPHIVE\SAM\Domains\Account\Users\000001F4
  9. Double-click the REG_BINARY value named F
  10. In the 8th row, 1st column, modify the value 11 to 10
    The value of 11 denotes that the built-in Administrator account is disabled. Setting it to 10 enables the built-in Administrator.
  11. Click OK to save the setting.
  12. Select the TEMPHIVE key.
  13. From the File menu, click Unload Hive…
  14. Exit the Registry Editor.
  15. Type Exit in the Command Prompt window.
  16. In the Recovery Options window, click Continue (Exit and Continue to Windows.)
  17. When you get to the Windows sign-in screen, you’ll see the built-in Administrator account.
  18. Log in to the built-in Administrator. This account has a blank password by default.

Additional Notes

From the built-in “Administrator account, you can:

  1. Carry out the administration tasks using this account — e.g., creating a new administrator account, fixing the registry or file system permissions, etc.
  2. Once done, log off from the “Administrator” account and log in to your user account.
  3. For security reasons, it’s better to disable the built-in administrator. To disable the built-in Administrator account, open an elevated Command Prompt window and type: 
    net user administrator /active:no

    You can check the status of the “Administrator” account by running the command “net user administrator“. The “Account active” field tells if the account is active or not.

That’s it!

Exit mobile version