Hide account from login screen but can be used in UAC

windows-7 login user-accounts uac
32,283

Solution 1

The original question was different, but I have actually provided an answer to this question before. See my post in the question "Always display the last / default user Windows 7 welcome screen" - it explains how to set up UAC and hidden accounts together so you can authenticate to the account via UAC but not log into it from the welcome screen.

Essentially, what you need to do is configure UAC to prompt for the user to enter both their username and password manually, allowing you to enter a username which is hidden from the login screen but still enabled. Instructions on how to do this are on the linked post.

In the meantime, it should still be possible for you to recover the account without doing a full reinstall. Open a command prompt (cmd.exe), and type runas /user:USERNAME regedit.exe, where USERNAME is the name of the administrative account. It will prompt you for that user's password; enter it and hit enter. This will open the registry editor running as that user, from which you can go in and revert the changes you made, adding back the account to the login screen.

Re-read your question and noticed that you said run-as won't work. What happens when you try booting into safe mode? I seem to recall that with Windows 7 Home Premium, the built-in administrator account is disabled by default, but is enabled in safe mode, allowing you to log into it and make changes. Unless you have hidden the built-in account in addition to whatever account you set up, this may work.

Finally, if all else fails, you could try running a system restore from the recovery console. Boot onto your Windows 7 installation disk, and choose to "repair a windows installation" instead of install. You can select your installation, then will eventually get to a screen where you can choose to do a restore. This should change the registry back to how it was before you made the change, if it has an old enough restore point. Your files will not be modified by a system restore, although some system settings might be.

Solution 2

(as the question has changed, so must my answer.)

My idea is that one does not need to unhide the administrator account in order to use it. This account can stay hidden from the Welcome screen through the mechanism of Winlogon\SpecialAccounts\UserList.

This is based on the fact that one can always issue in a Command Prompt (or Run box) any command as administrator by using RunAs :

RunAs /user:admin "control userpasswords2"
RunAs /user:admin regedit

You can also in this way import a pre-prepared .reg file that will unhide the administrator account for your own use, then use another .reg file to hide it again when you finish with this computer.

RunAs /user:admin regedit c:\secret\directory\unhide_admin.reg
RunAs /user:admin regedit c:\secret\directory\hide_admin.reg

This way you can automate the hiding and unhiding of the administrator account.

Share:
32,283

Related videos on Youtube

tvanover
Author by

tvanover

Updated on September 17, 2022

Comments

  • tvanover
    tvanover over 1 year

    So I have a Windows 7 home machine with 2 user accounts. One is a standard user account and one is an administrator account. Now this is going to be put in the hands of a very low-tech user so I don't want them to be able to see the administrator account on logon, but they want to have a password to prevent someone else from using the machine.

    My goal is that when the user turns on the computer, they are presented with their login. After logging in to their non-administrator account, if something needs to be installed then the administrator account can be used through UAC.

    I have tried creating the reg key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList and adding a dword of the account name and set it to 0. It succeeded in hiding the account from th login screen. As well as hiding it from UAC. So it fails the second requirement, of being able to run things as administrator through UAC.

    Also since I didn't set an administrator password (left it blank) it seems that I have completely locked myself out of the machine since runas doesn't accept blank passwords. So I also cannot undo it, and have quite effectively bricked the install, prompting an OS reinstall.

    This is Windows 7 Home, so there is no Users management console.

  • wag2639
    wag2639 over 13 years
    That actually is almost exactly what I was looking for but is there a way to to clean up the admin prompt besides editing regedit? I'm hoping something to toggle in Local Security Policies.
  • nhinkle
    nhinkle over 13 years
    Yes, it is an option in gpedit.msc, however, that isn't available on Windows 7 Home Premium, so I left it out since people without Win7 Pro or later would be confused and unable to follow the instructions. If you want to do it in the group policy editor though, you can go to Computer Configuration > Administrative Templates > Windows Components > Credential User Interface and change the setting for "Enumerate administrator accounts on elevation" to "disabled".
  • wag2639
    wag2639 over 13 years
    Thanks, I was searching the Interwebs for it and found it on another SU question for the opposite. I wanted to do this cause I like doing SOHO Windows admin and only deal with professional or better.
  • Gergely Fehérvári
    Gergely Fehérvári over 11 years
    If you got locked out by the Winlogon\SpecialAccounts\UserList simply use this: open cmd, type runas /user:admin cmd, in the new console type: regedit and than you can edit the registry. You dont need system restore at all.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to restore default logon screen in Windows 7?
How to let standard user run an application that asks for administrator previleges
Opening a program as a different user (with /savecred) fails
"The requested operation requires elevation" when using Admin login
Logging in to Windows 7 with one specific user account is very slow. Why?
How to avoid the login screen when returning from standby?
Windows 7 domain logon takes too long
Windows 7 user login fails even with correct password
automatically start a session at Windows 7 startup
User-account missing from "Manage Accounts" in windows-7 64bit