Link to home
Start Free TrialLog in
Avatar of knesbitt
knesbitt

asked on

How To Log In With Administrator Account

I originally created an account that had Admin status and named "Tom Jones".  Then I joined my computer to my Windows 2008 Domain, logged into the machine with an Active Directory also named "Tom Jones" and made it a mobile account, so now my account is cached.  The problem now is that when I log on to my machine it logs on to the "Tom Jones" mobile account that does not have Admin privliges and I can't perform any administrative tasks.  I know the password to the original "Tom Jones", but it defaults to "Tom Jones" account that has no Admin rights.  Does anyone have any idea how to get into my original "Tom Jones" account?  If I removed my Mac from the Domain will it help the situation.  Thanks.
Avatar of Zuhir Elgmati
Zuhir Elgmati
Flag of Libya image

your active directory user account Tom Jones, is this user member of administrators group or domain admins ? and you mean if you log in when the computer not connected to the domain you got restricted user ?
Avatar of robertcerny
robertcerny

Hi,
you confused your system using two accounts with the same name. You will need to add another account from command line, booted in the single user mode. Following links should help:

<http://support.apple.com/kb/HT1492>

<http://osxdaily.com/2007/10/29/how-to-add-a-user-from-the-os-x-command-line-works-with-leopard/>
Hi,

If the 'shortname' is not the same, you can use that in the login promt, the default for your first account is 'tomjones'.

You can also boot from your 10.6 DVD and use the Password Reset utility to change the password, if they are the same, to make it different.

Hope it helps.
If the shortnames are both same resetting password will not work. AD account usually has a precedence (depends on actual settings in the Search path)
You could also boot into Single User Mode (aka plain terminal)

Navigate to /private/var/db/dslocal/nodes/Default/users
and Add another shortname for the local account. It will be in a plist file, username.plist, and you should look for this key:

        name
      
            jap
            Jakob Peterhänsel
      

Add another  line with your alternate shortname.
Save, and reboot.
Login with the new shortname added.
PS: You boot into Single User Mode by holding down CMD+S while rebooting...  ;-)

BE CAREFUL!
Avatar of knesbitt

ASKER

Thanks for the help guys.  I decided to use the method RobertCerny provided in the links.  I am having problems with entering the commands listed in the links.  I am new to the Mac environment, so please have pity on me.

When I type in "dscl / -create /Users/localadmin" I get an error that says "launch_msg(): Socket is not connected  Data source (/) is not valid."

What could I be doing wrong?
Hello,
the link is not valid for 10.6 Snow Leopard. If you're on 10.6, simply exchange '/' with '.'

The command will be:
dscl . -create /Users/toddharris
Now I am getting:

launch_msg(): Socket is not connected
For Single User Mode you must run the following command to enable use of dscl .
launchctl load /system/library/launchDaemons/com.apple.DirectoryServicesLocal.pList
dscl local only
Yeah, 'dscl' is a tool to modify a running Directory. The local or a remote one. In Single User mode no directory is loaded.

Why not jus edit the plist and got over the trouble?  ;-)
Marook,

OK.  Excatly how do I navigate to /private/var/db/dslocal/nodes/Default/users?  When I type that in all I get is /private/var/db/dslocal/nodes/Default/users: is a directory.  How do I actually get to that folder.  I know nothing about Linux or Mac so just assume I know nothing a describe step by step.

Thanks so much.
cd /private/var/db/dslocal/nodes/Default/Users
OK that worked.  Where do I go from here?  Remember, I don't know what a username.plist is, much less ever edited one.
Well,
execute this:

ls |grep -v _

it will display several plist files including the one with your shortname. Let's say it's named "knesbitt.plist". Now you need to edit it.

pico knesbitt.plist

Use keyboard key to navigate through the text and find the info which marook mentioned:

        <key>name</key>
      <array>
            <string>knesbitt</string>

create new entry or change "knesbitt" to something else

Press Ctrl+O followed by Ctrl+X to stop pico and reboot
Hi again,

OK, seems like you need to use 10-60 min on learning what you are doing.. ;-)

This google search should get you going:
http://www.google.com/search?rls=en&q=os+x+terminal+tutorial&ie=UTF-8&oe=UTF-8

Best,
Thanks guys getting nowhere.  Thinking about formatting hard drive and reinstalling.  Trying to follow instructions but getting nowhere fast.  Ran "ls |grep -v" and get Usage: grep [OPTION]... PATTERN [FILE]...
I think you need a space between the 'pipe' | and the grep command.

Anyway, maybe it's better for you to study the terminal in other conditions than this, even though having a solution to fix normaly get you to look into the details.

If you have another Mac, you can also boot your Mac in Target Mode (hold down T during reboot) to put it into FireWire disk mode. Then use GUI tools on the other Mac to work the problem.
I wish I had that luxury.  Thanks anyway.  Is there anyone here that can tell me verbatim exactly what to type?  I have a screen and I am at the prompt that says:

:/ root#

What next?
OK.  I am in Pico.  I see the
<key>name<key>
<array>
<string>tomjones</string>
<string>tom.jones</string>
<string>tom.jones@abc.com</string>
<string>tom.jones@abc.local</string>

I am thinking about changing all these fields to something totally different.  Then when I get in using the local TJones admin account I delete the offending user and recreate under a different account.  Is this correct?
Hi,

ADD another:

<string>localadmin</string>

then use the Control-X and and hit Enter to confirm save.
Reboot and see if you can login with
User: localadmin
Pass: the password on your account.  ;-)
Don't think that is an option.  I could only get into plist file for user that network user that did not have enough rights.  I could not get GREP to list all the plist file.  If I could somehow get Grep to work I could see what plist files were available.


Also, when I try to do CTRL-O I get "Error writing Tom.Jones.plist: Read-only file system.
About the error writing: You are not 'root'. Use this:

sudo pico tomjones.plist        (I assume that is the name of the file)

It will ask you for your local admin password. :-)
The file for both accounts should be there. Else, that's where we have the trouble... :-/

so,
cd /private/var/db/dslocal/nodes/Default/Users     (get to the folder)
ls -lha           (list the folders content, in Long mode and human readable sizes)
sudo pico tomjones.plist

- do your edit
control-X
Enter to confirm...  Better?

OK.  Was able to do a ls in directory.  Found file named tjones.plist.  I just added <string>localadmin</string>.  Still getting Read Only Error.
Marook,

I followed your sudo suggestion, but it does not ask me for password.  When I get in and make changes I still get Read Only Error.
Hmm, do a

sudo bash

to enter a full terminal as root. Asking for password?
Does not ask for password.  All I get is bash-3.2#.  Make changes in Pico, but still get same error.
ASKER CERTIFIED SOLUTION
Avatar of marook
marook
Flag of Denmark image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
OK.  Thanks anyway.  Learned alot in the mean time.  Luckily, I don't have any important files on my machine.
You're welcome!