Can I delete an Admin account? - Help please

Veni Vidi Vici

Distinguished Member
Joined
Jan 28, 2004
Messages
4,815
Reaction score
1,087
Points
1,418
Hi

When I got my Macbook I created an Admin account and a Standard account which I use all the time but has less permissions. I thought I was being safer doing this. I now want to delete one account as the only problems I ever get seem to be because of permissions.

My itouch and itunes are synched on the Standard account so whenever I go into the Admin account none of my music is on there so Im now thinking its a bit pointless having this particular Admin account.

Im aware you have to have at least one Admin account so I have now given the Standard account Admin rights. So is it possible to delete the original Admin account I created (and hardly ever use). If possible how do I delete it as I can't see an option to do this anywhere?

Any help appreciated.
 
why not make your standard account the admin account

log in the admin account and do this:

System Preferences>System>Users>[STANDARD ACCOUNT]>Allow user to administer this Computer

and then voila, the standard account is now admin and now you can delete the other admin account
 
why not make your standard account the admin account

log in the admin account and do this:

System Preferences>System>Users>[STANDARD ACCOUNT]>Allow user to administer this Computer

and then voila, the standard account is now admin and now you can delete the other admin account

Thats what i have done but I cannot see the option to delete the original Admin account?
 
Thats what i have done but I cannot see the option to delete the original Admin account?

ok, when in the users page, in the left you should see, a padlock, click on it to unlock

now slightly above, are a + and a - sign, on the account you want to delete, click on the - button to delete said account :thumbsup:
 
My itouch and itunes are synched on the Standard account so whenever I go into the Admin account none of my music is on there so Im now thinking its a bit pointless having this particular Admin account.
It is not pointless. The reason the Admin account is created is that you use this for application installation, OS updates, etc., The Admin account does NOT see the data (ie., iTunes data, etc.) on the Standard Accounts, and this is done deliberately.

Because the Application folder is owned by the Admin account and only readable by the Standard accounts, you have full control over who/what(?) writes in the Application folder - thereby screening accidentally deletes.

I have several Standard accounts - one of which is used by my kids for their god-knows-which-website-they-will visit. If for any reason I suspect that their account is being attacked, I will simply delete their account - along with their data - and then create a clean new one.

EDIT: also, a lot of application-generated data is generated and these are stored in the /Users/<account_id>/Library folder. This is so since the System Library folder is write-protected in the same way the Application folder.
 
Last edited:
Another thing is that you should enable Fast User Switching - this means you do not have to log out of any account to access the other acccounts.
 
It is not pointless. The reason the Admin account is created is that you use this for application installation, OS updates, etc., The Admin account does NOT see the data (ie., iTunes data, etc.) on the Standard Accounts, and this is done deliberately.

Because the Application folder is owned by the Admin account and only readable by the Standard accounts, you have full control over who/what(?) writes in the Application folder - thereby screening accidentally deletes.

I have several Standard accounts - one of which is used by my kids for their god-knows-which-website-they-will visit. If for any reason I suspect that their account is being attacked, I will simply delete their account - along with their data - and then create a clean new one.

EDIT: also, a lot of application-generated data is generated and these are stored in the /Users/<account_id>/Library folder. This is so since the System Library folder is write-protected in the same way the Application folder.

When I say pointless I was referring more to my own setup. Its only me that really uses my Mac, the other half checks her emails but thats all. I created two accounts thinking I was doing the right thing but as I never use the Admin account all it seems to do is complicate things when I do anything in the Standard account. To me it seems silly having an Admin account that I never use so thought it would be easier to have just one account and give that Admin rights.
 
ok, when in the users page, in the left you should see, a padlock, click on it to unlock

now slightly above, are a + and a - sign, on the account you want to delete, click on the - button to delete said account :thumbsup:


Cheers, I should have spotted that. Do you know if theres any problems with deleting Admin accounts, is it going to muck up settings it may have created?
 
Cheers, I should have spotted that. Do you know if theres any problems with deleting Admin accounts, is it going to muck up settings it may have created?

nah, will be fine, just as long as you didn't delete any important personal files you may have kept on it!

so don't worry :thumbsup:
 
One of the ways viruses, trojans, etc., work is by gaining access to system files - in the Application folder, system Library, etc. If you use a admin account for your everyday browsing, then be sure that when attacked, your entire volume is compromised.
 
2nded!
Your proposed solution to your permissions problem seems rather drastic. What are the permissions problems that you are experiencing?
Having separate administrator and user accounts fits best practice and the underlying Unix security model. For home users, the administrator account should rarely be used. Its main use is to install applications and update the system. By having just one 'superuser' you are heading down the route of pain that is a typical windows installation where a simple piece of malicious code from say a dodgy website can hijack the whole system because it inherits all the (administrator) rights of the user and so can do any and everything. If the user has limited rights then so does the malware and is therefore limited in the damage it can do.
All of our macs are setup this way, whether its the macbook with a single user or the home office imac with several accounts. We have only had permissions problems once (long since fixed), sharing media libraries on the multiuser systems.
 
2nded!
Your proposed solution to your permissions problem seems rather drastic. What are the permissions problems that you are experiencing?
Having separate administrator and user accounts fits best practice and the underlying Unix security model. For home users, the administrator account should rarely be used. Its main use is to install applications and update the system. By having just one 'superuser' you are heading down the route of pain that is a typical windows installation where a simple piece of malicious code from say a dodgy website can hijack the whole system because it inherits all the (administrator) rights of the user and so can do any and everything. If the user has limited rights then so does the malware and is therefore limited in the damage it can do.
All of our macs are setup this way, whether its the macbook with a single user or the home office imac with several accounts. We have only had permissions problems once (long since fixed), sharing media libraries on the multiuser systems.

Actually I have just sorted the problem I was having. I backed up my Mac using Time Machine but when I tried to view what had been backed up it said I didn't have permission to view the files. What I have now just realised was I was logged into the Standard account and was trying to view files on the Admin account.

I think I will keep the two accounts after all (admin and standard).

Whenever I download apps I also do this via my Standard account and just enter the Admin password to download anything. Is this not best practice then, should I ideally go into the Admin account for any downloads? What I have noticed is I can never update Firefox in the Standard account as I don't have permission.
 
Whenever I download apps I also do this via my Standard account and just enter the Admin password to download anything. Is this not best practice then, should I ideally go into the Admin account for any downloads?

I am no expert but that seems fine. It is being installed by an administrator account. If it was a piece of malware it would have to do likewise before committing its foul deeds, that is it would have to brazenly ask for an administrator account and password.:devil:
 
The way I deal with new or suspicious applications is to set up a test/sandbox account, download the app and install it onto the Desktop and then run the app from there. That way, if there is any request for access to admin-controlled files, then I would have been alerted first. At the end of the day, I can always switch back to the admin account and delete this test/sandbox account if I am not happy with the app in any way - including being useless or buggy or ....

A side benefit, I noted, as that apps which automatically expire after a trial period can be used all over again by simply setting up this dummy acount and re-installing onto the Desktop (or whatever user folder). Eg., Pixelmator.

Obviously, for Firefox (etc.), the admin account is invoked. But I've discovered that there is sometimes a need to use to *old* version of the app when the updated version just messes things up. Skype is one of these app's. Therefore, in the Applications folder - managed by the Admin account only - I have Skype_v_whatever, the last version my family used without complaint. Not happy with Skype (latest)? Trash it and rename/move previous version as Skype.
 

The latest video from AVForums

Is 4K Blu-ray Worth It?
Subscribe to our YouTube channel
Back
Top Bottom