http://www.rit.edu/its/services/desktop_support/mac/xforcenewadminacccount.html

Create a new Mac OS X adminstrator account without an existing administrator password

With access to the Mac OS X single user mode, you can create a new administration-level user account without entering a current administrative password. This process is useful for technical support and troubleshooting, but it does have important security implications.

The following process should be used only as a last resort, when none of the administrator-level accounts on the computer are functional. If you are providing technical support, you should only create a new administrator account in this manner if you have permission from the computer&rsquos owner or system administrator.

In most cases, you can do what is necessary using an existing administrator account. You may need to Change your Mac OS X account password in System Preferences. Or, if the password is not known or forgotten, you can Change a forgotten Mac OS X account password by starting up from any Mac OS X install disc.

Note: Being able to start up a computer in this way and create a new administrator user is a security risk. If you want to prevent the computer from starting up in single user mode or from a Mac OS X install disc, you should enable an Open Firmware password on the computer.

1. Restart the computer in Mac OS X single user mode by holding Command-S at startup.

2. Mount the computer's drive for read/write access. To do so, type the following command at the command prompt, and then press Enter:

   % mount -uw /

3. Remove the file that identifies that the initial run of the "Mac OS X Setup Assistant" has been completed, with this command at the command prompt, followed by Enter:

   % rm /var/db/.applesetupdone

4. Restart the computer by entering this command, followed by Enter.

   % reboot

5. The Mac OS X Setup Assistant screen should appear after the reboot, just as it does when you start up a brand new computer or upgrade to a new version of Mac OS X.
6. Create a new user account with the Setup Assistant. Be sure to name this user something different than the admin user that already exists on the system, and use a strong password (see "Mac OS X password tips"). At the end of the Setup Assistant process, the system will automatically log into this new user account. The account will have a unique ID (UID) that is one higher than the last user that was on the system, and will have all administration privileges.

We strongly recommend that you delete the new administrator account in the System Preferences application, once you have done what you need to do with it and it is no longer needed.

Section: Maintain a Macintosh

Keywords: desktop computer, file system, laptop computer, mac os x, security, system administration, troubleshooting, utility

Question: How can I create a new Mac OS X adminstrator account for troubleshooting, when I don't have an existing administrator password?

FAQ item: true

Score: 500