Home > Articles > Home & Office Computing > Microsoft Windows Vista & Home Server

  • Print
  • + Share This
This chapter is from the book

This chapter is from the book

Working with Users and Groups from the Command Line

You can script your user and group chores by taking advantage of the NET USER and NET LOCALGROUP commands. These commands enable you to add users, change passwords, modify accounts, add users to groups, and remove users from groups. Note that you must run these commands under the Administrator account, so first follow these steps to open a command prompt session:

  1. Select Start, All Programs, Accessories.
  2. Right-click Command Prompt and then click Run as Administrator.
  3. Enter your User Account Control credentials.

The NET USER Command

You use the NET USER command to add users, set account passwords, disable accounts, set account options (such as the times of day the user is allowed to log on), and remove accounts. For local users, the NET USER command has the following syntax:

NET USER [username [password | * | /RANDOM] [/ADD] [/DELETE] [options]]


The name of the user you want to add or work with. If you run NET USER with only the name of an existing user, the command displays the user's account data.


The password you want to assign to the user. If you use *, Windows Vista prompts you for the password; if you use the /RANDOM switch, Windows Vista assigns a random password (containing eight characters, consisting of a random mix of letters, numbers, and symbols), and then displays the password on the console.


Creates a new user account.


Deletes the specified user account.


These are optional switches you can append to the command:


Specifies whether the account is active or disabled.


The date (expressed in the system's Short Date format) on which the account expires.


The home folder for the user, which should be a subfolder within %SystemDrive%\Users (make sure that the folder exists).


Specifies whether the user is allowed to change his password.


Specifies whether the user is required to have a password.


The folder that contains the user's profile.


The folder that contains the user's logon script.

/TIMES:{times | ALL}

Specifies the times that the user is allowed to log on to the system. Use single days or day ranges (for example, Sa or M-F). For times, use 24-hour notation or 12-hour notation with am or pm. Separate the day and time with a comma, and separate day/time combinations with semicolons. Here are some examples:


Note, too, that if you execute NET USER without any parameters, it displays a list of the local user accounts.


You use the NET LOCALGROUP command to add users to and remove users from a specified security group. NET LOCALGROUP has the following syntax:

   name1 [name2 ...] {/ADD | /DELETE}


This is the name of the security group with which you want to work.

name1 [name2 ...]

One or more usernames that you want to add or delete, separated by spaces.


Adds the user or users to the group.


Removes the user or users from the group.

  • + Share This
  • 🔖 Save To Your Account