Local Group Management For Windows From Command Line – POFTUT

Local Group Management For Windows From Command Line


Modern operating systems like Linux, Windows uses groups to manage user rights more flexible way. Users generally assigned to the groups to use groups related privileges like Local Admin , Remote Desktop User , Power User , etc. In this tutorial we will look how manage manage local user groups in Windows operating systems.

Help

Help and syntax information about local groups can be printed with the following command.

$ net localgroup /?
Help localgroup
Help localgroup

List Groups

Local groups can be listed with net localgroup command. This will list local groups not domain groups.

$ net localgroup
List Groups
List Groups

As we can see groups are listed line by line. These groups are default groups those came with Windows Operating System.

  • Administrators is most privileged groups used for administration
  • Users is least privileged user used for normal users.

Create Group

Windows local groups can be create with /ADD option easily. We will create a local group named Developers in this example.

$ net localgroup Developers /ADD
Create Group
Create Group

We get the message of successful group creation.

Delete Group

Local groups can be removed if we have no need for them. We will use /DELETE option to remove group.

$ net localgroup Developers /DELETE

List Group Users

One of the most used option is listing given group users. We need to provides the local group name for its users. In this example we will list local group named Administrators users.

$ net localgroup "Administrators"
List Group Users
List Group Users

As we can see the local groups alias and comment about the group is printed too. Administrators local group have two users named Administrator and ismail . Do not confuse user Administrator with the local group Administrators they are different entities.

LEARN MORE  How To Install, Configure and Test Open Ldap Server For Ubuntu

Add User To A Group

We can add existing user to the local group by providing the user named and /ADD option. In this example we will add user  ismail to the Developers group. So user ismail will use all resources  and privileges provided by Developers group.

$ net localgroup Developers ismail /ADD

Add Comment To The Group

In busy environment we will manage lot of builtin and administrator created groups. We need some clues about these local groups to remember. Or we can set some notes like when we will delete these groups. All these information can be stored in comments about group. We will set some note about Developers group.

$ net localgroup Developers /COMMENT:"Only 10.1.0.0/24 network"

The comment can be viewer with GUI or while listing group members.

Leave a Comment