All we need is an easy explanation of the problem, so here it is.
In our office users have their own Windows 7 computer with their own account. I’ve started adding a hidden Administrator user for use with certain network services and so I can access their machines if we can no longer login for whatever reason (ie. someone quits and I don’t know their password but need to re-purpose the machine).
Obviously this user doesn’t show up on the login screen because it’s hidden, but I want to be able to manually type in the username/password when I need to access this account. The only way I’ve been able to find to do this is to force all users to login with a username/password, however this solution does not work for our office.
My question is:
Does anyone know of a way I can manually enter Windows 7 login information WITHOUT forcing everyone to have to do this every time they log in. (I’m thinking something similar to how you user to be able to ‘ctrl+alt+del’ at the login screen and then enter your credentials but have been unsuccessful in figuring out how to do this.)
How to solve :
I know you bored from this bug, So we are here to help you! Take a deep breath and look at the explanation of your problem. We have many solutions to this problem, But we recommend you to use the first method because it is tested & true method that will 100% work for you.
Warning! Following is going to modify/replace some system files and modifying registry keys at HKLM. You will not able to use some builtin accessibility options.I think that some virus scanners do not like this (modifying system files this way) and may require excluding modified files from scan. Thats not all… we are replacing files that will run under mighty SYSTEM account, so your fresh scripts will have same permissions.
[optional] If you know how to behave as
TrustedInstaller while setting this up there is no need to change permissions.
something Tells you Current Working Directory.
Okay, last warning is that there is possibility that small typo will lock you out of your system and you may need to take control back while being offline [in terms of running os].
First, take advantage of running programs at logon screen
One quick way to achieve this is to replace
%windir%\System32\Utilman.exe with your own program, in this case it is replaced with application that writes list of visible / hidden users to registry.
anything you want
You need program that toggles visible users, one easy way to write simple programs is to use
notepad and any batch compiler. (linked compiler has built in editor)
If using this method you will need some code to place inside too:
@echo off IF EXIST "%SYSTEMROOT%\System32\SwitchVisibleUsers\hidden.state" ( del %SYSTEMROOT%\System32\SwitchVisibleUsers\hidden.state regedit /s "%SYSTEMROOT%\System32\SwitchVisibleUsers\displayusers.reg" ) ELSE ( echo "1" > "%SYSTEMROOT%\System32\SwitchVisibleUsers\hidden.state" regedit /s "%SYSTEMROOT%\System32\SwitchVisibleUsers\hideusers.reg" ) wmic process where (name="LogonUI.exe") delete
Here is explanation what above script does:
Let's break above code down, do not copypaste this! First line checks if status file exists, filename quoted: 1| IF EXIST "%SYSTEMROOT%\System32\SwitchVisibleUsers\hidden.state" ( If file exists then delete file that we cheked: 2| del %SYSTEMROOT%\System32\SwitchVisibleUsers\hidden.state And write displayusers.reg contents to registry: 3| regedit /s "%SYSTEMROOT%\System32\SwitchVisibleUsers\displayusers.reg" 4| ) ELSE ( If status file does not exist then create it: 5| echo "1" > "%SYSTEMROOT%\System32\SwitchVisibleUsers\hidden.state" And write contents of hideusers.reg to registry: 6| regedit /s "%SYSTEMROOT%\System32\SwitchVisibleUsers\hideusers.reg" 7| ) Registry values written, kill LogonUI.exe to reload (LogonUI restarts) 8| wmic process where (name="LogonUI.exe") delete
Replace system files
After that save your file as
Utilman.cmd and compile it so it will be
Utilman.exe, we are good if you have compiled your batch and your
.exe file is working. Copy your fresh
utilman.exe to clipboard.
Define special users (registry keys/values to change):
Create new directory
Create two files named
displayusers.reg. These two files defines which users to hide/display at logon screen, edit contents to correspond your configuration.
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList] "Administrator"=dword:00000000 "ChuckNorris"=dword:00000000 "JonSkeet"=dword:00000000
And contents of
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList] "Administrator"=dword:00000001 "ChuckNorris"=dword:00000001 "JonSkeet"=dword:00000001
Now, you’re done. How to test it?
Just logout or switch user if fast user switching is enabled and when you are at logon screen try to use accessibility options (small button at left bottom corner). If Administrator, Chuck Norris or Jon Skeet is nearby, they will appear and disappear while you are clicking this magic button.
Note: Use and implement method 1 because this method fully tested our system.
Thank you 🙂