Windows Machine Administration
September 9, 2019

Windows Machine Administration

A collection of how-tos related to the administration and monitoring of Microsoft Windows machines. Note: much of this is not original content, but for my own reference. Links are provided to the sources.

Win+R Quick Reference

Command Opens
control panel Control Panel!
cmd + SHIFT + CTRL + ENTER Command Prompt in administrative mode
SystemPropertiesComputerName System Properties / Computer Name
SystemPropertiesHardware System Properties / Hardware
SystemPropertiesProtection System Properties / Protection
SystemPropertiesRemote System Properties / Remote

From the Command Line

Enable Administrator Account

net user administrator /active:yes

Manage User Passwords

net user username newpassword

Recover Lost Password

Method 1:

One method that works up until build 1903:

  1. Load the recovery and troubleshooting environment, e.g. by clicking on "Repair your computer" during Windows Setup if you boot from Windows installation media.
  2. Select Troubleshoot > Command Prompt.
  3. Switch to the drive letter that Windows is installed on and there in the system32 directory, e.g. cd c:\windows\system32
  4. Type rename utilman.exe utilman.bak.
  5. Type copy cmd.exe utilman.exe.
  6. Restart the computer and boot from the Window installation this time.
  7. If you run Windows 10 version 1803 or earlier, click on the Ease of Access button to open a command prompt window.
  8. If you run Windows 10 version 1809 or later, do the following first:
    1. Hold Shift-key on the keyboard and click on the Power button to select Restart.
    2. After the Restart, hold down the Shift-key again and select Restart from the Power menu again to boot into startup repair.
    3. Select Troubleshoot > Advanced Options > Startup Settings > Restart
    4. When the Startup Settings screen appears after the Restart, select 8) Disable early launch anti-malware protection.
  9. Click on the Ease of Access button on the next start on the login screen to open the command prompt window.
  10. Type net user to display the names of all user accounts.
  11. Use the command net user [username] [password] to change the password of the account, e.g. net user martin qwerty123456 to change the password of the user martin to qwerty123456.

Method 2: Create a New User to Save Account Files

  1. Boot into windows setup (via USB stick)
  2. Once the setup begins, hit Shift+F10 to bring up a command prompt
  3. move d:\windows\system32\utilman.exe d:\windows\system32\utilman.exe.bak
    copy d:\windows\system32\cmd.exe d:\windows\system32\utilman.exe
  4. wpeutil reboot
  5. At the login screen, click the Utility Manager
  6. net user  /add
    net localgroup administrators  /add
  7. Reboot, and you should see your new user in the login screen
  8. Log in and use computer management to reset the password of the other account

Alternatively, use a utility:


Run something as an administrator

win + <command> and press ctrl + shift + enter

Get into safe mode

From the Login screen:

  1. On the Windows sign-in screen, press and hold the Shift key while you select the Power  > Restart
  2. After your PC restarts to the Choose an option screen, select Troubleshoot > Advanced options > Startup Settings > Restart

From Settings:

  1. Go to Settings > Update & Security  > Recovery
  2. Under Advanced startup, select Restart now
  3. After reboot, select Troubleshoot > Advanced options > Startup Settings > Restart

Reactivate the F8 key (and bring back the boot menu):

bcdedit /set {default} bootmenupolicy legacy

To return to the "normal" startup, run:

bcdedit /set {default} bootmenupolicy standard

Windows hangs? Telemetry might be the cuplrit!

(1) Disable CompatTelRunner.exe

Task Manager → CompatTelRunner.exe → End Task

Task Scheduler → Microsoft → Windows → Application Experience → right click on each task for: DISABLE

(2) Other things to try:

sc delete DiagTrack
sc delete dmwappushservice
echo "" > C:\\ProgramData\\Microsoft\\Diagnosis\\ETLLogs\\AutoLogger\\AutoLogger-Diagtrack-Listener.etl
reg add "HKLM\\SOFTWARE\\Policies\\Microsoft\\Windows\\DataCollection" /v AllowTelemetry /t REG_DWORD /d 0 /f

Here is a more complete guide.

There is also a tool to do the above (and more), I cannot vouch for it though!


Windows Machine Administration
Share this