Skip to main content

Hi There,

I am using ongoing policy to have Admin account on all MacBook in my organisation that has frequency of everyday. The account is made manually sometimes and also I have made an another policy to make local admin account. What happened, one of the IT Support person created local admin account manually and the name of the account was changed mistakenly. Because of the policy that I have which is to make every account as standard apart from the main local admin account, caused the account as standard. Now, I have two local account with standard privileges. If the Mac has no internet, how could it be manually done?

If you have physical access to the machine, you can use the below Terminal commands. Replace [username] with the account name to elevate.

sudo /usr/sbin/dseditgroup -o edit -a "[username]" -t user admin
sudo dscl . -append /groups/admin GroupMembership "[username]"

Will it ask for Admin password through terminal? Because there are none if it asks.

Then you need to boot into the machine in single user mode then run the following commands. This will run the set up assistant at the next normal boot.

/sbin/fsck -fy
/sbin/mount -uw / 
rm /var/db/.AppleSetupDone

Thank you, I will try. But, just in case, If the Apple Mac is encrypted, Do I push "S" button from the start of booting or after I put the user account password?

Terms & ConditionsCookie settingsAccessibility statement