Tip

Built-in Administrator account is disabled, hidden in Windows Vista

In versions of Windows prior to Vista, the Administrator account was enabled and created with a blank password during setup. This left the system vulnerable not only during but after a Windows installation. Microsoft realized that this was a major security hole.

To better protect Vista, Microsoft decided that its built-in Administrator account should be disabled by default. So the built-in Administrator account is now disabled in all clean installations and upgrades of Windows Vista.

In fact, it looks like OEMs and system builders are required to disable the built-in Administrator account before delivering the computers to customers.

Administrator account in upgrade installations

For upgrade installations, the built-in Administrator account is kept enabled when there is no other active local Administrator on the computer. However, the built-in Administrator account is disabled by default for new installations and upgrades on domain-joined computers, regardless of whether there are other active local Administrators on the domain-joined computers. Basically, Microsoft believes that there must be a domain administrator (or account with admin privileges) that can log on for administrative purposes.

There are three ways to enable the built-in Administrator account:

  1. Use the AutoLogon unattended Setup setting.
  2. Use the Local Users and Groups MMC console. (You won't find the Administrator

Requires Free Membership to View

  1. account in the User Account Control Panel. But the MMC-based Computer Management section of the Administrative Tools Control Panel does give you access to the Administrator account.)
  2. Use the command line: net user administrator/active:yes. (This is my personal favorite.)

    (Note: You may need to disable User Account Control or else open the elevated (RUNAS) command prompt.)

You can read more about enabling and disabling the built-in Administrator account.

About the author: Tim Fenner (MCSE, MCSA: Messaging, Network+ and A+) is a senior systems administrator who oversees a Microsoft Windows, Exchange and Office environment, as well as an independent consultant who specializes in the design, implementation and management of Windows networks.

More information on this topic:


This was first published in May 2007

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.