Restoring Lost Administrator on macOS Sonoma

Thank you for this topic! I have almost the same problem but I lost not only admin rights but I can enter the macbook only as a guest, I think I might lost all users... I tried to do this thing with terminal but it doesn’t work (it writes: “no such file in directory” or “unexpected token “(“” or “command is not found”) maybe I do something wrong? I would be grateful if you can help with that

apologies for the triple reply here didn't realize I wasn't able to delete posts. But, I got it working!

I actually had to navigate to

/Volumes/<Volume Name>/etc 

Where the <Volume Name> was the same as the disk that I had to unlock/mount because File Vault was turned on.

Here I was able to find the sudoers file, and everything else worked like a charm. Thanks so much for this post!

actually — the sudoers file isn’t present for me in /etc/ after Mounting the disk, which explains why it’s not updating or showing any contents.

I'm currently having this exact problem; had to restore from recovery mode to Sonoma 14.6.1 and now my only User account on my machine has been downgraded from Admin to Standard.

After I unlock the system disk and Mount it, I try editing the sudoers file, but when I "vi" into it, I don't see any contents at all. I've tried adding my username in there (as you had in your post), also tried adding the root line in just to see what would happen, but after rebooting I still don't have sudo access.

Any ideas what I might be doing wrong? I am surprised you can just edit the sudoers file this way, but hope I've just missed something because I'd rather not have to completely wipe my machine to fix this. Thanks!

I have a user tip to recover the admin using the old way on Catalina to Ventura. I can add that trick to the user tip so it covers everything.

I assume Apple did that to prevent security breaches, but I’m not sure how they would block this technique from working. On Apple Silicon, I suppose you have to be the device owner to get into recovery to do this though.

Jonas_TheM wrote:

Unfortunately it seems like all threads on this topic are closed so there is no way to post the solution in one of them. But since I have seen this issue come up again and again I wanted to provide a potential fix for everyone struggling with this.

You can lose admin privileges on a Mac in numerous ways. The last time I saw it happening was after updating a Mac Studio from Sonoma 14.5 to 14.6. The only admin account was just gone. In other cases accounts will be downgraded to standard users for all sorts of reasons. See these threads:

Restoring Lost Administrator - Apple Community

Get admin controls without admin account … - Apple Community

Starting with Sonoma recovering from such a situation got a lot harder since relaunching the macOS setup is no longer possible as seen here: What's new for enterprise in macOS Sonoma - Apple Support

Removing /private/var/db/.AppleSetupDone no longer relaunches Setup Assistant if a local user already exists on the Mac. Erase All Contents and Settings can reset the device and launch Setup Assistant.

1.

However you can regain admin access without wiping your device! Here is how:

Create a full backup of your system. TimeMachine or something like Carbon Copy Cloner are good options.

2. Boot your Mac into Recovery Mode. Hold down CMD + R during startup on Intel platforms or long press the startup button until you see the boot options menu on Apple Silicon.

3. If you are using FileVault you will need to unlock the system disk and mount it. You can do this by right clicking the disk and selecting "Mount" in Disk Utility.

4. Enter the terminal via the menu bar.

5. Edit the sudoers file at /etc/sudoers to include your standard user by adding the line:

yourusername            ALL = (ALL) ALL

The vi text editor can be used for this:

vi /etc/sudoers

Add the line with your user name under this line (DO NOT DELETE ANYTHING):

root            ALL = (ALL) ALL

Save and quit with:

:wq!

1.

At this point we have added a standard user to the sudoers which means that we can now use that account to run commands with elevated privileges even though in macOS this user would not be considered an administrator. We can change that easily now though with a single command in the next part:

Quit Terminal and exit recovery mode by rebooting.

2. Login with your standard user account.

3. Open the Terminal and enter this command (you will need to provide your password):

sudo dscl . -append /Groups/admin GroupMembership yourusername

After logging out and logging back in you will find that your user account has full administrative privileges!

If you had a different account for administrating your Mac which got deleted for some reason you might even be able to add an account with the same user name and get the user profile back.

I hope this helps some of you. Please add any additional information that I might have missed.

very interesting post Jonas_TheM