Create a new Mac Administrator account using Single User Mode

Andy · 7 Jan 2019

If you ever need to recreate admin account on your Mac, this is the quickest and safest way to do it without breaking your Mac:

Boot into Single User Mode by pressing ⌘ + S before you hear the Apple chime.
Mount the drive by typing /sbin/mount –uw / then enter.
Remove the Apple Setup Done file by typing rm -v /var/db/.AppleSetupDone then enter.
Reboot by typing reboot then enter.
Complete the setup process, creating a new admin account.

This will force macOS to redo the initial first account creation, and doing so will not affect the current user profiles (they will remain intact) – so, if you prefer to make them as admin later, you can do that as well by logging in using the newly created admin account, then go to System Preferences, then Users & Groups, select the existing user, and tick “Allow user to administer this computer.”

I tested on macOS 10.14 Mojave and it worked:

ark:db andy$ pwd
/var/db
ark:db andy$ ls -al .AppleSetupDone
-r-------- 1 root wheel 0 Apr 4 2017 .AppleSetupDone
ark:db andy$ uname -a
Darwin ark.local 18.0.0 Darwin Kernel Version 18.0.0: Wed Aug 22 20:13:40 PDT 2018; root:xnu-4903.201.2~1/RELEASE_X86_64 x86_64
ark:db andy$

If you have any questions or comments, please feel free to post down below. Cheers!

alexjphillipson · 12 Nov 2019

This does not work for me.

Every time I do this, I complete the account creation and after I fill out the page where it asks for my full name, the account name, password, and password hint, it tells me it can not create an account with the name I gave it. Then it just freezes and I have to hard reboot the mac. Also this has happened on 3 different computers, 3 different models.

What should I do?

Andy · 16 Nov 2019

alexjphillipson said:
This does not work for me.

Every time I do this, I complete the account creation and after I fill out the page where it asks for my full name, the account name, password, and password hint, it tells me it can not create an account with the name I gave it. Then it just freezes and I have to hard reboot the mac. Also this has happened on 3 different computers, 3 different models.

What should I do?

Hi Alex,

Did you try to create using the name that previously known by the system? If so, please try creating a different name (totally unique).

Cheers
Andy

LBP3Player14 · 8 Apr 2021

Hello, I tried this on a MacBook air: macOS Big Sur and it didn't work.

Help?

Andy · 8 Apr 2021

LBP3Player14 said:
Hello, I tried this on a MacBook air: macOS Big Sur and it didn't work.

Help?

Are you using the new M1 MacBook Air?

LBP3Player14 · 8 Apr 2021

Andy said:
Are you using the new M1 MacBook Air?

Does it look like this?

When I boot the Mac into Single User Mode it says the root drive is mounted in read-only mode, and when I try to mount it in read-and-write mode
it says permission denied.

Also something interesting in image 3. They moved the file

Andy · 8 Apr 2021

LBP3Player14 said:
Does it look like this?

When I boot the Mac into Single User Mode it says the root drive is mounted in read-only mode, and when I try to mount it in read-and-write mode
it says permission denied.

Also something interesting in image 3. They moved the file

No, that MacBook doesn't appear to be an M1, from what you say, it sounds like you already made it into the single-user mode, just make sure that you type this command to mount the root drive in read-write:

Code:

/sbin/mount –uw /

LBP3Player14 · 8 Apr 2021

Andy said:
No, that MacBook doesn't appear to be an M1, from what you say, it sounds like you already made it into the single-user mode, just make sure that you type this command to mount the root drive in read-write:

Code:

/sbin/mount –uw /

I have been doing that command but it says permission denied. It only says the drive has been mounted to read only, not read and write.

do I have to unmount and then remount it?

Andy · 9 Apr 2021

Try changing your Secure Boot option to "Medium Security" or "No Security" if you are on a computer with a T2 chip.

About Startup Security Utility on a Mac with the Apple T2 Security Chip

Use Startup Security Utility to make sure that your Mac always starts up from your designated startup disk and from a legitimate, trusted operating system at all times.

support.apple.com

And if it's still doesn't work, try the directions below:

Bash:

csrutil authenticated-root disable
sudo mount -uw /Volumes/Macintosh\ HD\ 1
sudo /System/Library/Filesystem/apfs.fs/Contents/Resources/apfs_systemsnapshot -s "SnapshotName" -v /Volumes/Macintosh\ HD\ 1
sudo /System/Library/Filesystem/apfs.fs/Contents/Resources/apfs_systemsnapshot -r "SnapshotName" -v /Volumes/Macintosh\ HD\ 1

If you're curious:

Code:

✘ andy@mm  /System/Library/Filesystems/apfs.fs/Contents/Resources  ./apfs_systemsnapshot
apfs_systemsnapshot: This utility is used to tag snapshots for boot and to declare new ones.
NOTE: ARV must be disabled before this tool can be used.
apfs_systemsnapshot usage: apfs_systemsnapshot [-r snapname] [-s snapname] -v <mount point>
-r: Tag specified snapshot as the one to root from on the next boot
-s: Create snapshot with the specified name
-v: Mount point on which to operate
✘ andy@mm  /System/Library/Filesystems/apfs.fs/Contents/Resources 

LBP3Player14 · 9 Apr 2021

Andy said:
Try changing your Secure Boot option to "Medium Security" or "No Security" if you are on a computer with a T2 chip.

About Startup Security Utility on a Mac with the Apple T2 Security Chip

Use Startup Security Utility to make sure that your Mac always starts up from your designated startup disk and from a legitimate, trusted operating system at all times.

support.apple.com

And if it's still doesn't work, try the directions below:

Bash:

csrutil authenticated-root disable sudo mount -uw /Volumes/Macintosh\ HD\ 1 sudo /System/Library/Filesystem/apfs.fs/Contents/Resources/apfs_systemsnapshot -s "SnapshotName" -v /Volumes/Macintosh\ HD\ 1 sudo /System/Library/Filesystem/apfs.fs/Contents/Resources/apfs_systemsnapshot -r "SnapshotName" -v /Volumes/Macintosh\ HD\ 1

If you're curious:

Code:

✘ andy@mm  /System/Library/Filesystems/apfs.fs/Contents/Resources  ./apfs_systemsnapshot apfs_systemsnapshot: This utility is used to tag snapshots for boot and to declare new ones. NOTE: ARV must be disabled before this tool can be used. apfs_systemsnapshot usage: apfs_systemsnapshot [-r snapname] [-s snapname] -v <mount point> -r: Tag specified snapshot as the one to root from on the next boot -s: Create snapshot with the specified name -v: Mount point on which to operate ✘ andy@mm  /System/Library/Filesystems/apfs.fs/Contents/Resources 

ok I will try

Create a new Mac Administrator account using Single User Mode

Andy

Administrator

alexjphillipson

New member

Andy

Administrator

LBP3Player14

New member

Andy

Administrator

LBP3Player14

New member

Attachments

Andy

Administrator

LBP3Player14

New member

Andy

Administrator

About Startup Security Utility on a Mac with the Apple T2 Security Chip

LBP3Player14

New member

About Startup Security Utility on a Mac with the Apple T2 Security Chip