Add User to Group In Registry
How to fix this:
- Boot up in another system and mount the encrypted/problem drive that hosts the Windows OS where you don't have Admin rights. In my case this meant using TrueCrypt.
- Load the SYSTEM hive in c:\windows\system32\config\system. You can use regedit or Registrar Registry Manager Pro or whatever.
- Change HKEY_LOCAL_MACHINE\Setup\SetupType to "2".
- Change HKEY_LOCAL_MACHINE\Setup\CommandLine to "cmd.exe".
- Boot into the encrypted drive like normal. A command line window will pop up. You will have admin privileges in it.
- Type:
net localgroup Administrators [UserLoginName] /add
All done. The command line window won't pop back up when you reboot.
See: How to Reset a Windows Password in Regedit at Boot
Related videos on Youtube
Mark Williams
Updated on September 18, 2022Comments
-
Mark Williams over 1 year
I accidentally made all the users on a computer non-administrators. So no one can get past UAC now. The hard drive is also encrypted with TrueCrypt, meaning I can mount it on another computer but I can't use any boot CD kind of thing.
Does anyone know how to add a user to the Administrators group using the registry?
Another option - I have figured out how to re-enable the Administrator default account, but the computer won't let me login - it says I need to use a smart card.
Any ideas on how to deal with either one of these issues? Thanks guys.
I'm using Windows 8.1 w/ latest updates.
Edit: Don't want to decrypt the drive. You need to get past UAC/elevate to decrypt a drive in Windows, which obviously isn't possible under the circumstances. Using a rescue disk to decrypt the drive would require a large amount (read: 1 day+) of downtime.
-
Ramhound almost 10 yearsSeems strange your Administrator account would be configured to use a smart card. What sort of setting is this in?
-
Mark Williams almost 10 yearsI have no idea. I'd really like to figure out how to turn it off.
-
Admin almost 10 yearsYou could decrypt the volume, use a boot tool to remove the password, then encrypt again. Just one option
-
Mark Williams almost 10 yearsI could, but I'd have to use the rescue disk (because you need elevated privileges to decrypt in Windows), which would take like a day.
-
-
Ivan Ferrer Villa about 9 yearsTHANK YOU. I was stick with a KSOD, loging always as SYSTEM account using the trick of pressing Shift 5 times to get a cmd (having replaced System32\sethc.exe with cmd.exe). Now with your trick, as Admin I can try more things to restore my broken pc.