Fix 0x000008B0: User Account Already Exists

You're trying to create a local user account on a Windows machine — maybe Windows 10 Pro, Windows Server 2019, or Server 2022 — and you get hit with 0x000008B0: The user account already exists. This specific error pops up most often after you've migrated a machine from a domain to a workgroup, or after a domain join that was rolled back. The account name you're typing looks brand new in the GUI, but Windows insists it's already there. The real trigger: a leftover security identifier (SID) or a stale user object buried in the Security Account Manager (SAM) that the GUI tools don't show.

Root cause

The SAM registry hive stores local user accounts. When you create a user, Windows checks the SAM by name. But if a user with that name was once part of a domain that had a cached profile, or if an old local user was partially deleted, the SAM retains a ghost entry. The error code 0x000008B0 specifically means the name is already in the SAM database — it's not a network issue. The GUI tools like lusrmgr.msc or Settings > Accounts can't see these ghosts because they only show accounts with complete SID structures. The fix is to find that hidden user and purge it.

The fix — step by step

Skip the GUI. It won't help here. You need command-line tools and, in stubborn cases, ADSI Edit. I've seen this exact error on a dozen machines after a failed domain migration. Here's the process that works every time.

Open an elevated Command Prompt.
Press Win + R, type cmd, then press Ctrl + Shift + Enter. Click Yes on the UAC prompt.
List all local users.
Type this command and press Enter:
```
net user
```
You'll see a list of accounts. Look for the name you're trying to create. If it shows up here, you can just delete it with step 4. But often it won't — that's the ghost. Move to step 3.
Check for hidden users with PowerShell.
Open an elevated PowerShell window (same method as step 1 but type powershell). Run this:
```
Get-LocalUser | Select Name, Enabled, SID | Format-Table -AutoSize
```
This shows every account in the SAM, including disabled and hidden ones. The SID will look like S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-XXXX. If your target name isn't listed either, the ghost is in the registry itself — go to step 5.
Delete the visible duplicate.
If the user showed up in either net user or Get-LocalUser, delete it with this command in Command Prompt:
```
net user USERNAME /delete
```
Replace USERNAME with the exact name. After it runs, try creating the account again. If you still get error 0x000008B0, move to step 5.
Remove the ghost user from the SAM registry.
This is the nuclear option. Open Regedit as administrator. Navigate to:
```
HKEY_LOCAL_MACHINE\SAM\SAM
```
You'll likely see nothing under it — the SAM is locked. Right-click the SAM key, select Permissions, then click Advanced. Change the owner to your admin account. Give yourself Full Control. Then refresh (F5). Now you can expand:
```
HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\Names
```
Look for the user name you're trying to create. If you see it, right-click the key and delete it. Warning: This directly edits the SAM. If you delete the wrong key, you can break the system. Only delete the key that matches the name from the error.
Reboot and test.
Restart the machine. After it boots, try creating the user again via net user USERNAME PASSWORD /add or through the GUI. It should work now.

If it still fails

Two things can stop you. First, the account might be tied to a corrupted profile in C:\Users. Delete any folder matching that username inside C:\Users (backup anything you need first). Second, a third-party security tool (like Cylance or McAfee) can lock the SAM. Temporarily disable the security software, apply the fix, then re-enable it. If you're on a domain-joined machine that was demoted, you might need to rejoin the domain, then leave it cleanly with the System Properties > Computer Name/Domain Changes wizard. I've also seen this error on Hyper-V hosts after a VM rename — in that rare case, reboot the host, not just the VM.

Bottom line: Error 0x000008B0 is always a local SAM conflict. The GUI won't show it. The command line or registry will. Don't waste time reinstalling the OS.