Home » PowerShell Tips » Net User Command – Manage User Accounts from cmd

Net User Command – Manage User Accounts from cmd

Net user command is a command-line utility that comes with Windows and allows you to manage Windows server local user accounts.

It lets you create, delete, enable or disable users on the system and set passwords for the net user accounts.

Windows administrators can perform add or modifications in user accounts using the net user command-line tool.

You can get net user account information, enable or disable a user account, sets the home directory path, set account expiration, and so on.

net user to display user account info
net user to display user account info

In this article, I will explain to you how to use the net user command-line tool with examples to get user account information, domain account status, password expiry date.

Net User Command – Syntax

net user command syntax

net user [<UserName> {<Password> | *} [<Options>]] [/domain]
net user [<UserName> {<Password> | *} /add [<Options>] [/domain]]
net user [<UserName> [/delete] [/domain]]

Parameters

Username – It specifies user account name to add or modify or display user account information

Password – Assign or change the password for the user account

/domain – Perform the operation on the domain controller

/active:{no |yes} – Enable or disable user account

/comment – Provide descriptive comments for the user account

/expires – Specify date to expire user account

net help – Display help for net user command.

<Options> – Specify a command-line options.

Refer the following table to know more about options used in net user command.

Command-line option syntaxDescription
/active:{no | yes}Use this option to enable or disable user account. Default it’s value is yes (active).
/comment:”<Text>”Use this to provide comments for user account, max 48 characters and should be enclose in quotation marks.
/countrycode:<NNN>/countrycode option is used to set country code for user account to display help or error messages in their language. Default value is 0, it means computer default country/region code.
/expires:{{<MM/DD/YYYY> | <DD/MM/YYYY> | <mmm,dd,YYYY>} | never}Use this option to specify the date for user account to expire.If the expire date is not specified, it will assume never expires.
/fullname:”<Name>”Specify the user full name instead of username.
/homedir:<Path>Use this option to set the path for the user’s home directory.
/passwordchg:{yes | no}Use this to specify if user can change their own password. The default value is yes.
/passwordreq:{yes | no}It specify if the user must have password or not. The default is yes.
/profilepath:[<Path>]Use this option to sets a path for the user’s logon profile. This path points to a registry profile.
/scriptpath:<Path>Use this to set a path for the user’s logon script. <Path> should be relative.
/times:{<Day>[<-Day>][,<Day>[-<Day>]],<Time>[-<Time>][,<Time>[-<Time>]][;] | all}It specifies the times that users are allowed to use the computer.
/usercomment:”<Text>”It specifies that an administrator can add or change the “User comment” for the account.
/workstations:{<ComputerName>[,…] | *}It lists as many as eight workstations from which a user can log on to the network.
net user command options

Net User – List all User Accounts

You can use the net user command-line tool to get user account information, modify a user account, check password last set.

Open a command prompt to run net user command as below

net user

The above command returns the list of all user accounts of the local computer.

Net User Account – Display User Account Information

If you want to get user account information, run the net user command in the command line

net user Toms

The above command, will display net user account information as below


C:\>net user Toms
User name                    Toms
Full Name                    John Paul
Comment                      Built-in account for administering the computer/domain
User's comment
Country/region code          000 (System Default)
Account active               Yes
Account expires              Never

Password last set            7/29/2021 6:55:50 PM
Password expires             9/9/2021 6:55:50 PM
Password changeable          7/30/2021 6:55:50 PM
Password required            Yes
User may change password     Yes

Workstations allowed         All
Logon script
User profile
Home directory
Last logon                   8/2/2021 11:53:32 AM

Logon hours allowed          All

Local Group Memberships      *Administrators
Global Group memberships     *Domain Admins        *Group Policy Creator
                             *Schema Admins        *Domain Users
                             *Enterprise Admins
The command completed successfully.


C:\>

Cool Tip: How to get-aduser in the active directory using PowerShell!

Net User Password Change for User Account

If you want to change a user password using the command line, use the net user command-line tool to easily change the password.

The syntax to change user password using net user command is given below

net user userid password

Let’s consider an example to change user account GaryW on the local computer, run below command

net user garyw [email protected]

In the above command, garyw is a user account id and [email protected] is a password we want to reset for this user account using the net user command.

The output of the above command as below

net user password change
net user password change

Note: Run Windows command prompt using administrator account privileges else it will display “System error 5 has occurred. Access is denied

There is an alternative and secure way to change user password using net user command-line tool as below

C:\>net user garyw *
Type a password for the user:
Retype the password to confirm:
The command completed successfully.

In the command, use * in place of password and hit enter.

It will prompt you to type the password for the user: and retype the password to confirm.

While typing a password, it won’t display password text on the command line.

Cool Tip: How to get-aduser password expiration date in PowerShell!

Net User /domain – change domain user account password

Using the net user command-line tool, you can change the domain user account password.

Syntax to change the domain net user account password is:

net user username /domain

Run the following command to change the domain account password

net user garyw  * /domain

In the above command, the net user command takes user-id as input, * indicates to prompt for password typing and /domain specifies performs domain account password change operation.

The output of the above net user /domain password change as below

net user /domain password change
net user /domain password change

Cool Tip: How to empty recycle bin in PowerShell!

Net User Disable Account

If you want to disable or lock a domain account using the net user command-line tool, run the following command

net user garyw /Active:No /domain

The above command will disable net user account or lock domain user account specified using user name and Active set to No in net user /domain

If you run command net user garyw /domain to check the active account status

C:\>net user garyw /domain
User name                    garyw
Full Name                    Gary Willy
Comment
User's comment
Country/region code          000 (System Default)
Account active               No
Account expires              Never

Cool Tip: How to find a disabled aduser using PowerShell!

Net User to Enable Domain Account

To enable or unlock domain account using net user command, run below command

net user garyw /Active:Yes /domain

net user /domain command using /Active option enables user account.

Net User User Password Policy

If you want users to restrict them to change their domain account password or allow domain account user to change their password, run below net user command

net user garyw /Passwordchg:No

Above command, /Passwordchg option set to No to prevent the user from changing the password.

To allow users to change password, run the below command

net user garyw /Passwordchg:Yes

Above command, /Passwordchg option set to Yes to allow the user to change their password.

Cool Tip: How to find active directory groups I m in using PowerShell!

Net User to find user full name

You can use net user to find the user full name in the domain as below

net user garyw /domain | Find /i "full name"

above command find the full name of the user in the domain, the output of an above command as below

C:\Windows\system32>net user garyw /domain | Find /i "full name"
Full Name                    Gary Willy

How to set home directory for user?

You can use the net user command-line tool to set home directory for a new user or existing user using the homedir option as below

Set home directory for the new user

net user adams /domain /add /homedir:C:\users\adams

above command will create a new user with name adams in the domain and set up home directory.

You can set up a home directory for the existing user as below

net user garyw /domain /homedir:C:\users\garyw

above command will configure the home directory for the net user using the homdir option.

Cool Tip: How to unlock ad account in active directory using PowerShell!

Conclusion

I hope the above article on the net user command line tool in the Windows system helps you to understand how to manage net user accounts using the command line.

net user without any option gets all the user accounts on the computer. You can also use net users.

You can find more topics about PowerShell Active Directory commands and PowerShell basics on the ShellGeek home page.

Leave a Comment