Windows operating system have a lot of command line and GUI tools to manage user accounts. The most popular user management tool from command line like ms-dos or powershell is net user command. In this tutorial we will look different usage examples about net user command.

Help

Help about the net user command can be get with the /? option like below.

$ net user /?

Case Sensitivity

Before starting issuing commands we need to know that Windows is generally incase sensitive system. So following commands can be used uppercase or lowercase with username. The only exception is the password. So following commands are the same. But using accepted usage which is uppercase will make commands more readable

net user

NeT UsEr

List  Users

Existing user accounts can be listed just issuing the net user command without any option. Only local user accounts will be listed. Domain user accounts will not be listed.

$ net user

As we can the the default users like Administrator and Guest all ready exist.  New user ismail is added previously.

Get User Account Information

The user information can be get by providing the user account name.

$ net user jack

This will list following information;

• User name
• Full name
• Comment
• User’s comments
• Country Code
• Account Active
• Account Expires line shows where her after specified time account will be locked
• Password Last Set line shows when the password is set for the last time
• Password Expires line shows whether the password of the user will expire after specified time.
• Password Changeable
• Password Required line shows whether user account login needs password.
• User may change password line show whether the user have privileges to change his own password.
• Workstations allowed line show in which computers the user can login.
• Logon script line shows which script file will be run during user logon
• User profile
• Home directory line shows if the user home path is different then default location what is the user home path.
• Last logon line shows what is the time where the user last time login.
• Logon hours allowed line shows which hours is the user allowed to login.
• Local Group Memberships line show the local groups where the user is a member
• Global group memberships line show the global groups where the user is a member

Create  User Account

Users can be created with net user . This user will be created locally and do not exists in Active Directory. We will provide the user name to the command and /ADD option like below. In this example we create a user named test .

$ net user test /ADD

The user is created successfully. If there is a problem we will get an error like

• The account all ready exists
• System error 5 has occurred. Access is denied is we have do not have required privileges like Administrator.

Remove  User Account

A user can be easily removed with the /DELETE option.

$ net user test /DELETE

Set Password While User Account Creation

While creating user account we can set the password. But changing user creation time password will make things more secure. We will just append the user account password after user account name. In this example we will create a user account named test and set password 123456

$ net user test 123456 /ADD

Set Password Existing User

Changing existing user password is very similar to while adding. We will just remove the /ADD and only provide the user account name and new password. In this example we set user test password as 654321

$ net user test 123456

Operate On Domain Users

Up to now we have operated on local users. Windows Active directory very popular technology used by corporates. Previously described commands can be used to manipulate domain users too. We just need to add /DOMAIN option to the command. We need Domain Admin privileges to run these commands. Also current worked computer should be joined related domain.

Add User Account To Domain

$ net user test /ADD /DOMAIN

Delete Remove User Account

$ net user test /DELETE /DOMAIN

Change User Account Password

$ net user test 123456 /DOMAIN

Lock or Disable User Account

Windows operating system provides the ability to lock or disable user accounts. Locking accounts generally used for security. Locking or disabling account will prevent the account to login to the Windows systems. User account can be locked or disabled with /active:no option.

In this example we will lock user account named jack .

$ net user jack /active:no

Enable User Account

The reverse operation can be done to enable all ready locked or disabled account. In this example we will unlock the user account jack .

$ net user jack /active:yes