Harish Munagapati

Harish Munagapati

I never thought I’ll write code in my life, but today I’m..!

PowerShell to manager Local Users and Groups

2 minute read

Here let’s see how to manage Windows local group using PowerShell.

Required module is “Microsoft.PowerShell.LocalAccounts” look below for available cmdlets.

Find available cmdlets

1

Get-Command | Where-Object {$_.source -eq "Microsoft.PowerShell.LocalAccounts"}

Get-Command | Where-Object {$_.source -eq "Microsoft.PowerShell.LocalAccounts"}

example1

Lets use this cmdlets we can manager local users and groups.

Local Users

List Local Users

1

Get-LocalUser

This help to display all available local users

1

Get-LocalUser -Name ad*

It will list all user names starts with “AD”

Disable and Enable Local Users

1

Disable-LocalUser -Name "testuser"

Here it will disable “testuser”.

1

Get-LocalUser test* | Disable-LocalUser

To disable multiple users starts with “Test”, above command help to list all the users starts with “test” and disable them. For example if local computer has users like “Test1,Test2,Test3,Test4,Test5”, with above command you can disable all users at once.

Warning: Before running this cmdlet make sure you are disabling the requires users, becasue this will disable all accounts starts with “test”

1

Enable-LocalUser -Name "testuser"

Here it will Enable “testuser”.

1

Get-LocalUser test* | Enable-LocalUser

To Enable multiple users starts with “Test”, above command help to list all the users starts with “test” and Enable them. For example if local computer has users like “Test1,Test2,Test3,Test4,Test5”, with above command you can Enable all users at once.

Create and Delete Local Users

1
2

$Password = Read-Host -AsSecureString
New-LocalUser "testuser" -Password $Password -FullName "Test User" -Description "This is a Test User"

Here we are creating a testuser with name,description and providing password as a variable($password). this account does has not expire. when we does not specify the AccountExpires parameter.the account does not expire. Check below screenshot for AccountExpires parameter help.

example2

1

New-LocalUser -Name "testuser" -Description "This is a Test User" -NoPassword

This will create a “testuser” account without password and AccountExpire date. Please can be set at later stage lets see how that works.

1
2

$Password = Read-Host -AsSecureString
Set-LocalUser -Name "testuser" -Password $Password

Set-LocalUser help to modify local user accounts.

1

Get-Help Set-LocalUser -Parameter *

Try this command to explore all parameters using Get-Help

1

Remove-LocalUser -Name "testuser"

This delets testuser account.

Local Groups

List Local Groups

1

Get-LocalGroup

This help to display all available local Groups

1

Get-LocalGroup -Name re*

It will display all group names starts with “re”

Create and Delete Local Groups

1

New-LocalGroup -Name "testusers"

This command creates “testusers” local group.

1

Remove-LocalGroup -Name "testusers"

This command removes “testusers” local group.

Manage Local Groups

1

Set-LocalGroup -Name "testusers" -Description "This is for test users."

Here we are changing description for “testusers” group.

Comments

Leave a comment

Your email address will not be published. Required fields are marked *

Markdown is supported.

You may also enjoy

How I Blog

less than 1 minute read

Tools and Technologies used to blog..!!

First post!

less than 1 minute read

After a long-long time..Finally it comes here today.