So I have a Windows 7 home machine with 2 user accounts. One is a standard user account and one is an administrator account. Now this is going to be put in the hands of a very low-tech user so I don’t want them to be able to see the administrator account on logon, but they want to have a password to prevent someone else from using the machine.
My goal is that when the user turns on the computer, they are presented with their login. After logging in to their non-administrator account, if something needs to be installed then the administrator account can be used through UAC.
I have tried creating the reg key
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonSpecialAccountsUserListand adding a dword of the account name and set it to 0. It succeeded in hiding the account from th login screen. As well as hiding it from UAC. So it fails the second requirement, of being able to run things as administrator through UAC.Also since I didn’t set an administrator password (left it blank) it seems that I have completely locked myself out of the machine since runas doesn’t accept blank passwords. So I also cannot undo it, and have quite effectively bricked the install, prompting an OS reinstall.
This is Windows 7 Home, so there is no Users management console.
Solution:
The original question was different, but I have actually provided an answer to this question before. See my post in the question “Always display the last / default user Windows 7 welcome screen” – it explains how to set up UAC and hidden accounts together so you can authenticate to the account via UAC but not log into it from the welcome screen.
Essentially, what you need to do is configure UAC to prompt for the user to enter both their username and password manually, allowing you to enter a username which is hidden from the login screen but still enabled. Instructions on how to do this are on the linked post.
In the meantime, it should still be possible for you to recover the account without doing a full reinstall. Open a command prompt (cmd.exe), and type runas /user:USERNAME regedit.exe, where USERNAME is the name of the administrative account. It will prompt you for that user’s password; enter it and hit enter. This will open the registry editor running as that user, from which you can go in and revert the changes you made, adding back the account to the login screen.
Re-read your question and noticed that you said run-as won’t work. What happens when you try booting into safe mode? I seem to recall that with Windows 7 Home Premium, the built-in administrator account is disabled by default, but is enabled in safe mode, allowing you to log into it and make changes. Unless you have hidden the built-in account in addition to whatever account you set up, this may work.
Finally, if all else fails, you could try running a system restore from the recovery console. Boot onto your Windows 7 installation disk, and choose to “repair a windows installation” instead of install. You can select your installation, then will eventually get to a screen where you can choose to do a restore. This should change the registry back to how it was before you made the change, if it has an old enough restore point. Your files will not be modified by a system restore, although some system settings might be.