Windows 2008 Local System vs Administrator Account

Posted on 2011-10-29
Last Modified: 2012-05-12
I'm trying to understand the differences between the Local System vs Administrator account. Which has more rights? When would I want to use one over the other
Question by:compdigit44
    LVL 12

    Accepted Solution

    How to gain access to system account the most powerful account in Windows.

    There is an account in Microsoft Windows that is more powerful than the Administrator account in Windows Operating Systems. That account is called System account it is similar to the root OR super user in the Linux/Unix world . I will show you how to access this system account in this article.
    You can use this facility for removing programs that are causing problems to your system, malware etc.
    If you look at the task manager (which can be launched by pressing [CTRL]+[ALT]+[DEL]) you will see some processes that are running with System level privileges. Even the Administrator account is unable to do some of the things a system account can do.
    System is the highest account in Windows (like root),You can be a super power user by accessing the system account (even while you are logged in as a restricted user)
    Note: Accessing system account may cause serious problems.
     Leave this tread and don’t follow the rest of this topic
     if you don’t know what you are doing. I am not liable for any problems caused by accessing the system account
    Local system differs from an administrator account in that it has
     full control of the operating system, similar to root on a Unix
     machine. Most system processes are required by the operating
     system, and cannot be closed, even by an administrator account;
     attempting to close them will result in an error message.
     In Windows NT and later systems derived from it (windows 2000,
     Windows XP, Windows servers 2003 and Windows Vista), there may
     or may not be a superuser. By default, there is a superuser named
     Administrator, although it is not an exact analogy of the Unix
     root superuser account. Administrator does not have all the
     privileges of root because some superuser privileges are assigned
     to the Local System account in windows NT/XP.
     What you gain by accessing System account?
     Local privilege escalation is useful on any system that a hacker
     may compromise; the system account allows for several other
     things that aren’t normally possible (you can reset passwords, resetting administrator passwords is also possible)
     You can even login to System and lock administrator account out by
     editing group policy or other tools in windows.
     How to access System:
     Note : Don’t follow the procedure bellow if you don’t know what you
     are doing. You may harm your PC. If you follow, Do it on your own risk.
     1.Check the name of the account you’ve logged into (Click start. You
     will see the name of the account you’ve logged in.)
     2.Launch the command prompt. (Start | Run | cmd | [Enter] )
     in command prompt, create a schedule to run cmd.exe.
     To create a schedule type the following line and hit enter.
     at 10:41 /interactive “cmd.exe”
     this will create a schedule to run cmd.exe at 10:41.
     (Since you are testing, check the time in your system try and add two or three minutes.)Change this time according to your local time
     Hint: you can check if the schedule is placed by typing “at“
     and hitting enter after the above step.
     3.Wait for the time you set for the schedule.
     cmd.exe would be launched at the specified time.
     4.After cmd.exe is launched by the scheduled time, press [CTRL] + [ALT] + [DEL] and launch task manager.
     Select “Process” tab, select explorer.exe in the process list and click “End Process” button.
     You will receive a confirmation dialogue. Click “Yes” to end the process.
     5.Close task manager by clicking the close (X) button.
     Close the first cmd window (be careful to close the first one not the second one.)
     6.Now you have only the second command prompt window and an empty desktop.
     In command prompt type the following line and hit “Enter”
     cd ..
     7.In command prompt type the following line and hit “Enter”
     If this is the first time you do it, windows creates the necessary
     components for you to access System ( Desktop, start menu,
     My document)
     when it’s finished you will have a new desktop.
     8.Close command prompt window. Click start and check your username.
     It’s changed to System.
     Now you are a super-power user. Be careful not to harm your PC and delete or modify system files if you don’t know what you are doing.
    Am once again saying, don’t attempt accessing system account, unless you are an experienced Windows user.
    LVL 24

    Expert Comment

    Difference Between Local System account and Administrator.

    The LocalSystem account is an account used by the system in executing
    processes and whatnot. In the Windows security architecture, everything
    uses an account on the system for something (this is why Internet
    Information Server does not allow the use of permissions based on a
    ..htaccess file like Unix webservers do--all security is handled by an

    Most services that run on a Windows machine run as the LocalSystem user,
    though some services (typically third-party services) may need to run as
    another user, particularly if they access other computers on the network
    (such as backup applications).

    Here are a couple of links:

    Hope that helps!

    LVL 12

    Expert Comment

    LVL 22

    Expert Comment

    Local System has more privileges than Administrator

    Here is some info on it

    In General, if you are installing software and need to specify a service account I would use Administrator (or a Domain Admin level Account depending on if it needs network access).
    LVL 19

    Author Comment

    Great articles everyone... I guess I was confused becuase one of are vendors recommed that we switch a service account on a service from local system to administrator on a 2008 R2 server is order for a install to complete. According to these articles going from local system to administrator is a downgrade in premissions correct
    LVL 12

    Expert Comment

    best to stick to vendor recomendations, and screw up your system with local system account settings. cheers
    LVL 19

    Author Comment

    S00007359, great responces!!!

    in your first responce, why do you have to schedule cmd.exe to run via a schedule task in order to access the local system account. I'm a little confused on this part.
    LVL 19

    Author Comment

    I tried to schedule the CMD to run on my Winodws 7 workstation but it stated that do to secutity restriotion is won't run?????

    How can you access the local system account in Windows 7
    LVL 12

    Expert Comment

    "in your first responce, why do you have to schedule cmd.exe to run via a schedule task in order to access the local system account. I'm a little confused on this part. "

    answer: it's got to timing,

    in windows 7, you'll have to run with elevated system rights or disable uaser access control.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Want to promote your upcoming event?

    Attending an event? Speaking at a conference? Or exhibiting at a tradeshow? Easily inform your contacts by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

    Introduction As businesses grow they expand within their original location and often spill over into nearby buildings when space becomes constrained or open up a branch office in another, distant area. If these new offices are outside of the …
    Normally after a failure of Domain Controller, when promoting new DC the DC is renamed, we will discuss the options in Dcpromo to re-create the DC with the same name. Scenario: You are a small IT shop with two Domain Controllers (Domain Contr…
    This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
    This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now