Share via

Windows Server 2022 Local User Account Inquiry

Anonymous
2023-12-14T23:06:44+00:00

Hello,

I am trying to create a local account on my Windows Server 2022 that has Administrative privileges. However, for some reason I can't see the Local Users and Groups tab in the Computer Management application. It is not even an option for me. I have attached a screen grab below for clarity. I am making this to offer a backdoor to the server to login to a local account that is not connected to the active directory. Any help would be greatly appreciated!

For some reason it won't let me upload any type of image for clarity. I will attempt to diagram what the options are below:

Computer Management (Local)

v System Tools

  > Task Scheduler

  > Event Viewer

  > Shared Folders

  > Performance

        Device Manager

v Storage

  > Windows Server Backup
Windows for business | Windows Server | Directory services | Active Directory

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.

0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2023-12-15T06:52:24+00:00

    Hello Sam_786345252345,

    Thank you for posting in Microsoft Community forum.

    Please tell us if Windows Server 2022 is one Domain Controller or one domain member server in domain or one server in workgroup?

    If it is one Domain Controller, there is no Local Users and Groups by default. Because "local users" become "domain users".

    Here is a similar thread for your reference.
    In short, the "local users" become "domain users". Microsoft opt'ed to only allow 1 authentication repository for 1 computer. When you promote a computer to a domain controller, the local authentication repository is used to store domain accounts. Since there is no longer a set of local users/groups/etc... you're only left with domain users & accounts. In all honesty, having "local" users on a domain controller really defeats the purpose of having a domain controller in the first place.

    security - Why are there no local users and groups on Windows 2K3/2K8 domain controllers? - Server Fault

    I hope the information above is helpful.

    If you have any questions or concern, please feel free to let us know.

    Best Regards,
    Daisy Zhou

    0 comments
  2. Anonymous
    2023-12-15T15:30:08+00:00

    Hi Daisy!

    Thank you for your prompt response. The reason I am asking is because we are using a MFA tool that will force MFA for users in the domain at the workstation level. This is something we need to have done. However, when I tried to uninstall it and restarted the computer, I was locked out of the AD. This brought up the question in our organization, how we would be able to fix an issue like this if it arose. So are you telling me that there is no method that we can take to create a back door for security in a situation where we get locked out of our AD?

    Thank you,

    0 comments
  3. Anonymous
    2023-12-18T03:30:12+00:00

    Hello Sam_786345252345,

    Thank you for your reply.

    Did you mean the AD domain account is locked? If so, you can find this AD account on DC and right click it and unlock it.

    For example:

    If you have any questions or concern, please feel free to let us know.

    Best Regards,
    Daisy Zhou

    0 comments