Net User command can be used to create, delete or modify user account on a computer or in a domain. Its a built in tool in Windows XP, 2003 and later operating systems.
- When you use this command without any switch, it displays the list of uses on a local computer.
- To use use the command again Domain, use the /DOMAIN switch
Following tasks can be performed with the net user command:
- List all the users
- List user account information
- Create a user account
- Change Password
- Delete a user account
To list all the users on a computer: NET USER
To list all the use account information, use the following command: NET USER <User ID> [OPTIONS] [/DOMAIN]
Example: The command below will display all information about user account ‘John’ that exist on local computer.
NET USER John
To list information of an account that exist in Active Directory, just add the switch /DOMAIN: NET USER <User ID> /DOMAIN
NET USER John /DOMAIN
The above command shows details like:
User name, Full name, Account expires on, Password Last set, Password Required, Account active, Comments, User profile, Home Directory, Last logon, Logon hours allowed, Local group membership etc.
Here is the screenshot:
[OPTIONS] are the optional switches to add/change user account properties listed above. The options are listed at the end of next section. Click here to check the options available.
We have two options to create a user account. We can either provide the user account password in the command itself or can have separate prompt to enter the password. The command to create a user account is:
NET USER <User ID> <Password> /ADD [/DOMAIN] [OPTIONS]
Following command will create a user John with password as ‘P@$$w0rd’
NET USER John P@$$w0rd /ADD
Alternatively, You can use the following command without Password. You need to add Asterik (*) for password and the command will prompt you for password:
NET USER John * /ADD
To change the user account password, type either of the commands:
NET USER <User ID> <Password> [/DOMAIN]
NET USER <User ID> * [/DOMAIN]
NET USER John NewP@$$w0rd /DOMAIN
NET USER John * /DOMAIN
Note: Use the /DOMAIN switch if the user account is in AD. If the account is local computer, omit the switch.
|Switch||Options||Description||If Omitted, The Default value is:|
|/active:||YES | NO||Activates or deactivates the account||YES|
|/comment:||Text enclosed in quotes.||Provides a descriptive comment about the user’s account||Blank|
date | never
|Date on which the account will expire. If mentioned never, the account will never expire.||Never|
|/fullname:||Text enclosed in quotes.||First and Last name of the user||Blank|
|/scriptpath:||Path||Sets the path for user logon script||Blank|
|/homedir:||Path||Sets the path for the user’s home directory||Blank|
|/passwordchg:||Yes | No||Specifies if the user can change password.||Yes|
|/passwordreq||Yes | No||Specifies if user account must have password||Yes|
|/profilepath:||Path||Sets the users logon profile||%profile% value|
|/times:||Times | All||Values can be [Day, Day, Time, Time]. Days can be spelled completely or abbreviated (Su, M, T, W, Th, F, Sa). Time can be in 12/24 hour format and is limited to 1 hour increment.||All|
|/usercomment:||Text enclosed in quotes.||Specifies that an administrator can add or change the “User comment” for the account||Blank|
|/workstations:||Computername | *||Computers to which user can logon. Maximum 8 computers can be mentioned. IF Asterik is provided, it means user is allowed to logon to all the computer system||* (All)|
To delete the user account, the command: NET USER <User ID> /DELETE [DOMAIN]